Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/HMleY5XCCetF7nUSNIGhD4hWW94.roa
File: HMleY5XCCetF7nUSNIGhD4hWW94.roa (raw, json)
Hash identifier: leVN2UWGti50oiAQvbSVBdazOmMgRTyI06je6TdLZMc=
Subject key identifier: 1C:C9:5E:63:95:C2:09:EB:45:EE:75:12:34:81:A1:0F:88:56:5B:DE
Certificate issuer: /CN=8b27483dc16c318e5afff8322930c817fd192c91
Certificate serial: 018ED0FA47E77E15721DABB457F09356FF17
Authority key identifier: 8B:27:48:3D:C1:6C:31:8E:5A:FF:F8:32:29:30:C8:17:FD:19:2C:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/HMleY5XCCetF7nUSNIGhD4hWW94.roa
Signing time: Fri 12 Apr 2024 06:24:07 +0000
ROA not before: Fri 12 Apr 2024 06:24:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49368
IP address blocks: 188.94.32.0/21 maxlen: 21
188.126.32.0/19 maxlen: 20
188.126.32.0/20 maxlen: 20
188.126.48.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 12 Apr 2024 12:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d0:fa:47:e7:7e:15:72:1d:ab:b4:57:f0:93:56:ff:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b27483dc16c318e5afff8322930c817fd192c91
Validity
Not Before: Apr 12 06:24:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cc95e6395c209eb45ee75123481a10f88565bde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:16:d7:71:56:ae:3c:10:5f:f5:96:8b:1f:2c:
d2:a5:57:0e:10:16:32:6b:9f:7e:2d:1c:23:62:ef:
df:ea:c6:f6:99:39:b6:66:5d:da:1b:57:dd:73:0a:
0f:8c:d9:17:9b:0a:58:8d:5e:96:8a:62:97:21:6d:
e2:fa:cc:c5:f3:21:1a:94:fb:5a:51:c2:bb:55:38:
c6:b0:10:9b:b3:89:05:e5:e9:dc:a9:c8:e9:ec:9e:
36:ae:34:dc:3f:8a:18:23:34:89:c0:d9:58:25:97:
aa:3a:58:de:0c:17:5d:1d:81:ce:48:6b:f2:93:41:
b7:9e:9f:5d:7b:75:4f:33:71:af:0f:30:e4:3c:15:
b7:e7:83:ad:6a:8c:19:30:af:78:c4:45:7c:8a:42:
66:03:16:15:e9:d0:cb:49:a7:83:41:51:14:ed:bd:
1e:6c:7d:47:b1:19:69:37:45:d0:6e:4a:53:76:3d:
b6:ae:6a:fd:a3:72:01:a4:ab:02:a3:ff:fc:aa:83:
2e:11:d8:d5:f7:7e:60:ff:4d:fb:04:ca:20:f9:d0:
a6:77:10:4c:4c:31:aa:89:f0:b0:fa:4a:5a:95:f0:
a0:ff:3d:ef:af:4b:6b:9b:90:84:9c:0e:40:3e:54:
5d:ea:84:ed:f5:7d:29:b9:a5:1c:b9:00:1e:f4:02:
c8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C9:5E:63:95:C2:09:EB:45:EE:75:12:34:81:A1:0F:88:56:5B:DE
X509v3 Authority Key Identifier:
keyid:8B:27:48:3D:C1:6C:31:8E:5A:FF:F8:32:29:30:C8:17:FD:19:2C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/HMleY5XCCetF7nUSNIGhD4hWW94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.94.32.0/21
188.126.32.0/19
Signature Algorithm: sha256WithRSAEncryption
17:0f:05:71:19:21:4f:11:fe:37:4d:d7:11:1e:dc:8e:73:4b:
19:c2:67:b9:9a:f3:cc:0f:5f:40:61:44:f5:c5:83:67:ac:63:
5d:7c:b3:05:52:72:56:25:be:8c:02:c4:a5:0a:fd:04:48:ce:
99:29:97:47:67:85:0c:33:fa:85:6e:42:70:9f:71:43:0d:99:
ad:76:d7:f3:5e:cf:08:53:82:ed:e6:d1:66:7d:4f:84:da:28:
6b:0e:1f:18:57:d5:0a:01:6e:6f:19:ff:62:90:c2:30:f8:a1:
6b:0a:8a:6c:a0:3d:53:17:7a:58:f6:f8:d5:06:24:ef:e9:79:
6c:ea:8f:1c:89:e9:3e:a3:e0:76:db:b8:34:44:6c:38:09:e7:
1e:c2:66:a7:d8:68:e5:f4:6b:f5:58:10:cb:84:3d:8b:f0:43:
e9:d7:b2:53:aa:74:f8:cc:9e:6e:c2:e9:3b:20:67:61:18:f8:
49:99:b2:b5:2e:fa:a7:1e:d3:2a:13:e8:14:3e:7c:c4:32:0e:
90:c7:08:20:76:3d:08:9a:6b:82:72:56:5c:a1:95:31:e4:60:
39:cf:b9:9a:28:d7:b5:03:0f:ff:d3:0f:18:92:2e:45:a6:e4:
6f:68:dc:27:3f:29:73:d7:36:78:60:1f:5f:e3:fb:de:2e:9b:
eb:41:0a:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7Q+kfnfhVyHau0V/CTVv8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMjc0ODNkYzE2YzMxOGU1YWZmZjgzMjI5MzBjODE3ZmQx
OTJjOTEwHhcNMjQwNDEyMDYyNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M5NWU2Mzk1YzIwOWViNDVlZTc1MTIzNDgxYTEwZjg4NTY1YmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRbXcVauPBBf9ZaLHyzSpVcOEBYy
a59+LRwjYu/f6sb2mTm2Zl3aG1fdcwoPjNkXmwpYjV6WimKXIW3i+szF8yEalPta
UcK7VTjGsBCbs4kF5encqcjp7J42rjTcP4oYIzSJwNlYJZeqOljeDBddHYHOSGvy
k0G3np9de3VPM3GvDzDkPBW354OtaowZMK94xEV8ikJmAxYV6dDLSaeDQVEU7b0e
bH1HsRlpN0XQbkpTdj22rmr9o3IBpKsCo//8qoMuEdjV935g/037BMog+dCmdxBM
TDGqifCw+kpalfCg/z3vr0trm5CEnA5APlRd6oTt9X0puaUcuQAe9ALIZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBzJXmOVwgnrRe51EjSBoQ+IVlveMB8GA1UdIwQY
MBaAFIsnSD3BbDGOWv/4MikwyBf9GSyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81NTllOGMtMzgyNS00OTNkLWE4Yzct
ZmI4OTNlMzkwOGQyLzEvSE1sZVk1WENDZXRGN25VU05JR2hENGhXVzk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC81NTllOGMtMzgyNS00OTNkLWE4YzctZmI4OTNlMzkwOGQy
LzEvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDvF4gAwQF
vH4gMA0GCSqGSIb3DQEBCwUAA4IBAQAXDwVxGSFPEf43TdcRHtyOc0sZwme5mvPM
D19AYUT1xYNnrGNdfLMFUnJWJb6MAsSlCv0ESM6ZKZdHZ4UMM/qFbkJwn3FDDZmt
dtfzXs8IU4Lt5tFmfU+E2ihrDh8YV9UKAW5vGf9ikMIw+KFrCopsoD1TF3pY9vjV
BiTv6Xls6o8ciek+o+B227g0RGw4Cecewman2Gjl9Gv1WBDLhD2L8EPp17JTqnT4
zJ5uwuk7IGdhGPhJmbK1LvqnHtMqE+gUPnzEMg6Qxwggdj0ImmuCclZcoZUx5GA5
z7maKNe1Aw//0w8Yki5FpuRvaNwnPylz1zZ4YB9f4/veLpvrQQpR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:24 2024 by rpki-client on console-fra.rpki-client.org