Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/AqUegI5toRcN-IG2cnZNKuqKIxk.roa
File: AqUegI5toRcN-IG2cnZNKuqKIxk.roa (raw, json)
Hash identifier: hjk8wvbFuBgreIBvGLJ+qBUbjLgqvBtoxdbKFopiS80=
Subject key identifier: 02:A5:1E:80:8E:6D:A1:17:0D:F8:81:B6:72:76:4D:2A:EA:8A:23:19
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019395A8888BE5596456CB811E5FDFAC2CF1
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/AqUegI5toRcN-IG2cnZNKuqKIxk.roa
Signing time: Thu 05 Dec 2024 07:11:10 +0000
ROA not before: Thu 05 Dec 2024 07:11:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208972
IP address blocks: 188.132.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:95:a8:88:8b:e5:59:64:56:cb:81:1e:5f:df:ac:2c:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 5 07:11:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02a51e808e6da1170df881b672764d2aea8a2319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:00:ad:37:f0:5d:31:84:71:36:e2:dc:88:a5:
25:52:44:3d:a6:d9:44:c9:49:71:1e:e4:09:6b:f7:
43:6f:97:8f:2f:eb:64:b4:0a:e5:56:aa:d6:c6:29:
60:7e:40:05:a6:ee:f1:8c:e1:7b:e4:eb:81:f2:f5:
47:22:d4:12:ee:49:ce:2e:45:ac:e7:c8:8d:8a:1f:
c6:cd:8d:4d:9c:40:9a:08:54:07:67:e5:05:43:73:
6e:c8:2e:eb:7d:69:a6:8e:21:13:67:a1:08:3c:7d:
a4:37:3a:ec:29:41:17:6b:9d:51:ab:45:38:dd:25:
e2:78:75:c5:a7:48:6e:26:e6:3e:86:95:40:61:b3:
df:22:fd:79:01:35:61:0a:23:f6:15:e0:d5:53:87:
16:6a:c6:98:b7:af:b7:76:4c:73:62:f5:a8:ed:31:
1d:ee:2c:a5:00:0e:f5:a1:57:ef:90:55:df:93:c0:
be:72:02:6a:0b:51:2e:90:0d:9a:39:42:34:fe:37:
22:96:e8:7e:6d:3e:0c:67:38:2b:43:c8:aa:e9:7a:
09:04:bd:72:fc:90:b7:35:24:69:3f:c4:01:bd:26:
06:b1:73:fe:19:b1:46:77:b6:b7:e4:56:c6:73:a7:
d4:10:ce:be:d6:0a:80:d2:71:da:e9:fc:26:6f:3d:
2d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A5:1E:80:8E:6D:A1:17:0D:F8:81:B6:72:76:4D:2A:EA:8A:23:19
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/AqUegI5toRcN-IG2cnZNKuqKIxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.146.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:c5:84:6b:48:51:ec:dc:a9:6e:d6:93:bb:76:10:f7:19:5d:
68:c3:0d:f9:38:de:87:5c:4f:f4:3b:1d:2e:01:80:2a:c2:15:
78:ab:fd:6b:2a:2e:e7:b6:64:d6:fe:eb:30:87:28:32:bb:17:
b5:f8:52:85:22:a3:2c:7f:b3:76:d5:4f:01:07:1b:35:e2:4b:
7e:c3:6a:de:66:fe:f7:c6:67:53:8b:4b:0c:55:6c:e1:11:9b:
a0:78:2c:8d:c0:1f:43:fd:eb:4e:dc:25:74:8e:bf:cd:59:e1:
df:f9:3f:78:32:6d:30:c2:17:aa:87:92:0f:47:06:cc:a2:30:
5c:e3:60:24:75:b4:d5:96:70:c3:cf:7d:1b:6c:be:23:e6:84:
ae:ca:b6:d3:61:02:2f:92:cd:7e:de:28:9c:62:4f:0f:eb:1b:
ca:a5:6f:b7:0c:97:77:e4:33:44:99:59:60:00:29:47:8f:cc:
b9:6c:52:d6:3c:b8:7e:dd:8d:e8:f6:4c:9c:ac:80:c0:92:01:
04:66:08:ff:40:5b:24:67:63:0b:d8:a2:1d:3f:24:ad:2b:8b:
f0:7b:d2:2f:38:b7:39:46:a6:9d:ac:b4:8d:1f:ca:e7:c0:74:
b4:58:d5:97:72:c6:77:c1:7e:e7:26:64:9b:37:3f:3f:e9:4e:
f2:2f:3b:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOVqIiL5VlkVsuBHl/frCzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMjA1MDcxMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmE1MWU4MDhlNmRhMTE3MGRmODgxYjY3Mjc2NGQyYWVhOGEyMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsACtN/BdMYRxNuLciKUlUkQ9ptlE
yUlxHuQJa/dDb5ePL+tktArlVqrWxilgfkAFpu7xjOF75OuB8vVHItQS7knOLkWs
58iNih/GzY1NnECaCFQHZ+UFQ3NuyC7rfWmmjiETZ6EIPH2kNzrsKUEXa51Rq0U4
3SXieHXFp0huJuY+hpVAYbPfIv15ATVhCiP2FeDVU4cWasaYt6+3dkxzYvWo7TEd
7iylAA71oVfvkFXfk8C+cgJqC1EukA2aOUI0/jciluh+bT4MZzgrQ8iq6XoJBL1y
/JC3NSRpP8QBvSYGsXP+GbFGd7a35FbGc6fUEM6+1gqA0nHa6fwmbz0txQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKlHoCObaEXDfiBtnJ2TSrqiiMZMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvQXFVZWdJNXRvUmNOLUlHMmNuWk5LdXFLSXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvISSMA0G
CSqGSIb3DQEBCwUAA4IBAQA/xYRrSFHs3Klu1pO7dhD3GV1oww35ON6HXE/0Ox0u
AYAqwhV4q/1rKi7ntmTW/uswhygyuxe1+FKFIqMsf7N21U8BBxs14kt+w2reZv73
xmdTi0sMVWzhEZugeCyNwB9D/etO3CV0jr/NWeHf+T94Mm0wwheqh5IPRwbMojBc
42AkdbTVlnDDz30bbL4j5oSuyrbTYQIvks1+3iicYk8P6xvKpW+3DJd35DNEmVlg
AClHj8y5bFLWPLh+3Y3o9kycrIDAkgEEZgj/QFskZ2ML2KIdPyStK4vwe9IvOLc5
RqadrLSNH8rnwHS0WNWXcsZ3wX7nJmSbNz8/6U7yLzvo
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:11:04 2025 by rpki-client