Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/7W5cPTWxY9Mfsc_k6I06ZPTVSik.roa
File: 7W5cPTWxY9Mfsc_k6I06ZPTVSik.roa (raw, json)
Hash identifier: wRBICbG4XRrKR8yeL8SxoxMxtM+E9O2lv+evD0AkBMk=
Subject key identifier: ED:6E:5C:3D:35:B1:63:D3:1F:B1:CF:E4:E8:8D:3A:64:F4:D5:4A:29
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018CC8DF83EBC711B985852E752C68365B71
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/7W5cPTWxY9Mfsc_k6I06ZPTVSik.roa
Signing time: Tue 02 Jan 2024 06:32:20 +0000
ROA not before: Tue 02 Jan 2024 06:32:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200231
IP address blocks: 188.132.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:83:eb:c7:11:b9:85:85:2e:75:2c:68:36:5b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 06:32:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed6e5c3d35b163d31fb1cfe4e88d3a64f4d54a29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:95:19:96:80:56:f6:c1:b8:d8:2f:84:50:42:
95:7c:21:ab:3a:38:ef:79:84:b1:05:6a:4d:d7:0c:
86:da:47:20:c6:9a:08:b5:3a:04:62:51:b4:0f:b5:
03:84:d0:1c:12:ae:ee:e5:f1:27:ff:f3:e8:67:64:
91:4f:9e:b9:46:42:cb:44:f2:aa:41:bf:d5:e1:33:
c4:af:a5:11:0f:a2:98:d1:5d:17:b7:22:51:c5:42:
26:bf:38:ff:ed:c1:e0:a4:38:5c:65:7f:b5:7e:11:
27:b2:48:a8:0c:71:b7:0d:d2:f3:77:dc:ce:dc:4e:
62:12:44:d8:e1:2d:64:f5:8e:6f:e2:40:e2:df:09:
c1:5c:15:60:b7:2b:1e:8f:89:51:7b:2b:64:5a:74:
c0:69:2e:1b:2b:03:e2:6c:b3:97:5e:51:a5:eb:0f:
a7:39:47:6b:ba:1d:7e:93:77:aa:d2:60:ca:65:3c:
8b:83:a5:bf:37:39:2f:1c:77:9a:3e:26:39:29:1b:
75:03:0d:56:e7:8e:ea:bf:f8:51:50:31:7e:10:29:
3c:8b:de:bc:70:89:6e:0a:b4:e5:95:9b:05:5e:d8:
81:ce:8b:1e:63:9e:01:5a:ad:aa:ef:93:e1:53:43:
f5:1b:5e:4c:06:9d:f7:14:69:76:62:be:96:96:c9:
24:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:6E:5C:3D:35:B1:63:D3:1F:B1:CF:E4:E8:8D:3A:64:F4:D5:4A:29
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/7W5cPTWxY9Mfsc_k6I06ZPTVSik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.238.0/24
Signature Algorithm: sha256WithRSAEncryption
26:94:47:5a:bb:30:ae:15:c1:a6:a6:5f:64:c4:ce:05:c3:1d:
2e:44:95:56:9c:8f:ee:2b:19:e9:ea:62:b3:1f:26:a2:da:83:
87:82:80:f3:38:54:b8:87:d6:76:98:43:99:4e:1f:ea:36:49:
89:77:3d:e3:0f:ab:60:0c:eb:b3:ab:cb:79:81:31:5f:fe:ab:
74:fe:ab:07:c6:98:80:77:8d:f0:85:3e:be:ef:16:d8:7b:8f:
08:e3:f4:3f:ac:c1:05:42:55:37:33:cc:4f:07:d3:67:6d:04:
22:44:7d:1c:25:42:7b:81:90:5f:5a:87:87:8c:c7:34:e5:7e:
00:8e:ec:ea:5a:e5:f5:a3:df:9f:cc:33:a7:0a:36:b2:85:0c:
bf:81:a2:03:75:5a:bc:88:55:4e:0e:c1:93:5d:19:89:7d:1a:
b4:5b:e9:fe:51:d2:11:b1:50:6c:de:aa:44:de:02:81:71:4c:
47:0c:f2:73:23:cd:eb:82:47:5f:d6:e1:08:dd:f2:58:6d:9a:
7d:68:b9:07:f3:82:74:81:70:6b:fe:d4:23:d1:99:d9:67:ee:
9d:32:05:d4:dd:86:15:bb:ff:43:a3:c6:e3:01:8c:45:58:69:
9e:ff:ae:da:fe:53:63:16:a2:9f:0e:8d:83:3d:dd:9d:6b:ab:
5c:31:17:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI34PrxxG5hYUudSxoNltxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwMTAyMDYzMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDZlNWMzZDM1YjE2M2QzMWZiMWNmZTRlODhkM2E2NGY0ZDU0YTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5UZloBW9sG42C+EUEKVfCGrOjjv
eYSxBWpN1wyG2kcgxpoItToEYlG0D7UDhNAcEq7u5fEn//PoZ2SRT565RkLLRPKq
Qb/V4TPEr6URD6KY0V0XtyJRxUImvzj/7cHgpDhcZX+1fhEnskioDHG3DdLzd9zO
3E5iEkTY4S1k9Y5v4kDi3wnBXBVgtysej4lReytkWnTAaS4bKwPibLOXXlGl6w+n
OUdruh1+k3eq0mDKZTyLg6W/NzkvHHeaPiY5KRt1Aw1W547qv/hRUDF+ECk8i968
cIluCrTllZsFXtiBzoseY54BWq2q75PhU0P1G15MBp33FGl2Yr6WlskkZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO1uXD01sWPTH7HP5OiNOmT01UopMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvN1c1Y1BUV3hZOU1mc2NfazZJMDZaUFRWU2lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITuMA0G
CSqGSIb3DQEBCwUAA4IBAQAmlEdauzCuFcGmpl9kxM4Fwx0uRJVWnI/uKxnp6mKz
Hyai2oOHgoDzOFS4h9Z2mEOZTh/qNkmJdz3jD6tgDOuzq8t5gTFf/qt0/qsHxpiA
d43whT6+7xbYe48I4/Q/rMEFQlU3M8xPB9NnbQQiRH0cJUJ7gZBfWoeHjMc05X4A
juzqWuX1o9+fzDOnCjayhQy/gaIDdVq8iFVODsGTXRmJfRq0W+n+UdIRsVBs3qpE
3gKBcUxHDPJzI83rgkdf1uEI3fJYbZp9aLkH84J0gXBr/tQj0ZnZZ+6dMgXU3YYV
u/9Do8bjAYxFWGme/67a/lNjFqKfDo2DPd2da6tcMRce
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:34:14 2025 by rpki-client