Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/yDbIP9K0umNw0P09bZX3xGAxoeA.roa
File: yDbIP9K0umNw0P09bZX3xGAxoeA.roa (raw, json)
Hash identifier: STpDkxI44ZnjIfCyEHbs+zNQKsjoR1hu4AxZFuo/b4c=
Subject key identifier: C8:36:C8:3F:D2:B4:BA:63:70:D0:FD:3D:6D:95:F7:C4:60:31:A1:E0
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018880E38E07F3B88C12A709C192E179CF5F
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/yDbIP9K0umNw0P09bZX3xGAxoeA.roa
Signing time: Sat 03 Jun 2023 10:52:56 +0000
ROA not before: Sat 03 Jun 2023 10:52:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 2.188.239.0/24 maxlen: 24
2.189.96.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:80:e3:8e:07:f3:b8:8c:12:a7:09:c1:92:e1:79:cf:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jun 3 10:52:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c836c83fd2b4ba6370d0fd3d6d95f7c46031a1e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:32:b9:af:77:b2:4b:6b:a2:28:d7:86:ed:4a:
f9:f7:1f:7e:78:bb:1e:8a:d7:31:4e:16:48:9e:bf:
a3:b3:ab:96:07:4f:d0:2c:66:93:66:f3:b4:7d:d5:
f2:71:26:7c:86:e1:89:48:9d:18:a5:20:d7:57:f9:
db:23:c1:6f:32:03:e5:0e:46:60:05:86:e3:49:ac:
fd:39:7a:fc:80:d6:57:56:a1:c9:59:24:44:72:e4:
55:98:f5:0c:d3:b7:d1:f6:25:2c:88:c6:28:bd:8d:
73:66:c2:88:e1:59:81:c7:02:d2:44:86:1f:30:53:
5a:67:73:9d:49:96:df:d8:74:f7:0e:43:42:98:ad:
b9:31:ae:3a:3a:45:74:1b:05:22:09:bb:4f:19:b3:
9e:fb:39:9f:89:77:73:2e:b8:9f:3b:45:90:c0:65:
85:14:f5:df:63:ad:12:72:b7:b8:3d:48:01:f7:48:
c2:99:64:b4:79:80:1a:5c:3f:cf:15:f3:85:96:8e:
4e:51:45:52:2e:a8:70:5e:78:bd:c8:59:60:b8:0a:
99:b1:b1:79:d9:23:48:9d:f6:44:3d:e6:64:21:d0:
98:35:3f:8e:59:af:3d:9e:13:fd:ab:c2:cc:f2:11:
0b:27:52:88:d8:b7:4e:61:fa:c9:52:57:57:d0:8c:
0f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:36:C8:3F:D2:B4:BA:63:70:D0:FD:3D:6D:95:F7:C4:60:31:A1:E0
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/yDbIP9K0umNw0P09bZX3xGAxoeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.239.0/24
2.189.96.0/19
Signature Algorithm: sha256WithRSAEncryption
80:87:e5:a0:bd:ad:7b:56:47:59:08:96:68:ee:ba:6e:d4:db:
f1:49:e9:85:a8:47:98:bc:c6:b5:76:7a:75:3d:13:32:92:a2:
77:6c:0c:74:35:1e:2a:14:12:b8:b0:2d:2c:ca:1a:f2:f4:de:
c5:d5:94:72:e7:e2:33:0d:55:7a:7f:86:15:12:74:88:b1:a5:
e8:ec:e3:2d:7b:1b:24:d2:24:ab:6a:19:fd:a7:fe:fb:43:80:
ee:cc:21:df:4a:89:f1:b1:f2:32:ab:5f:25:f6:8c:72:6d:07:
83:8b:3e:cb:d3:90:92:05:05:d6:ea:24:00:33:ff:76:8f:27:
bc:61:d1:e4:4c:50:a8:e4:b5:e2:f9:92:63:44:65:21:66:79:
25:85:b2:c5:d0:79:21:47:91:0a:2d:97:c9:04:58:07:26:5b:
a0:71:66:d1:a5:b1:12:ad:3d:22:06:2c:1d:f2:de:30:63:d0:
1f:09:90:d1:48:90:09:5d:cd:db:63:ec:1e:7c:6e:e1:fd:bc:
be:e4:31:c0:3c:2d:d8:9f:da:1a:77:b0:ac:3e:cd:19:29:21:
71:cc:4f:55:fc:6a:e8:29:32:76:e3:8b:47:6d:20:ef:fd:69:
41:79:53:39:2d:2e:b3:e1:fc:f8:7c:cc:0f:35:f0:dd:88:38:
65:3e:52:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiA444H87iMEqcJwZLhec9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNjAzMTA1MjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODM2YzgzZmQyYjRiYTYzNzBkMGZkM2Q2ZDk1ZjdjNDYwMzFhMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDK5r3eyS2uiKNeG7Ur59x9+eLse
itcxThZInr+js6uWB0/QLGaTZvO0fdXycSZ8huGJSJ0YpSDXV/nbI8FvMgPlDkZg
BYbjSaz9OXr8gNZXVqHJWSREcuRVmPUM07fR9iUsiMYovY1zZsKI4VmBxwLSRIYf
MFNaZ3OdSZbf2HT3DkNCmK25Ma46OkV0GwUiCbtPGbOe+zmfiXdzLrifO0WQwGWF
FPXfY60Scre4PUgB90jCmWS0eYAaXD/PFfOFlo5OUUVSLqhwXni9yFlguAqZsbF5
2SNInfZEPeZkIdCYNT+OWa89nhP9q8LM8hELJ1KI2LdOYfrJUldX0IwPlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMg2yD/StLpjcND9PW2V98RgMaHgMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEveURiSVA5SzB1bU53MFAwOWJaWDN4R0F4b2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAArzvAwQF
Ar1gMA0GCSqGSIb3DQEBCwUAA4IBAQCAh+Wgva17VkdZCJZo7rpu1NvxSemFqEeY
vMa1dnp1PRMykqJ3bAx0NR4qFBK4sC0syhry9N7F1ZRy5+IzDVV6f4YVEnSIsaXo
7OMtexsk0iSrahn9p/77Q4DuzCHfSonxsfIyq18l9oxybQeDiz7L05CSBQXW6iQA
M/92jye8YdHkTFCo5LXi+ZJjRGUhZnklhbLF0HkhR5EKLZfJBFgHJlugcWbRpbES
rT0iBiwd8t4wY9AfCZDRSJAJXc3bY+wefG7h/by+5DHAPC3Yn9oad7CsPs0ZKSFx
zE9V/GroKTJ244tHbSDv/WlBeVM5LS6z4fz4fMwPNfDdiDhlPlLc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org