Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/L8eCRKiXA1aCQfFg2z7JE-84JFU.roa
File: L8eCRKiXA1aCQfFg2z7JE-84JFU.roa (raw, json)
Hash identifier: srALp1qpTAgB+tiSR2/aWSHaRJynVOCIQ8021a5ZWJs=
Subject key identifier: 2F:C7:82:44:A8:97:03:56:82:41:F1:60:DB:3E:C9:13:EF:38:24:55
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018C790AE6696D6F6FAEACE486CAEF698E11
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/L8eCRKiXA1aCQfFg2z7JE-84JFU.roa
Signing time: Sun 17 Dec 2023 18:30:06 +0000
ROA not before: Sun 17 Dec 2023 18:30:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199724
IP address blocks: 188.132.151.0/24 maxlen: 24
188.132.168.0/24 maxlen: 24
188.132.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Dec 2023 14:35:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:79:0a:e6:69:6d:6f:6f:ae:ac:e4:86:ca:ef:69:8e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 17 18:30:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fc78244a89703568241f160db3ec913ef382455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:13:c0:ef:98:f8:58:88:d7:d4:e5:34:cf:96:
59:15:c3:b0:f6:b1:00:ba:fb:73:99:82:98:ac:bc:
f5:8b:a8:03:26:c7:92:6a:f8:b9:24:81:e2:f4:c3:
2b:a8:92:55:62:1a:6b:21:b3:c8:19:8d:5c:f1:ed:
58:1d:cf:e3:d0:b5:9f:cb:a5:81:31:7c:6e:ad:71:
0c:c5:46:31:4a:e3:9a:91:0e:a4:cb:6c:33:36:13:
7d:d9:89:e4:d3:a2:2e:a4:29:fc:eb:4b:3f:23:1e:
d6:0a:bf:b8:00:ad:f9:09:2d:3e:0f:e4:9c:c0:88:
ae:de:af:a1:3d:9d:96:7b:94:47:68:8d:8f:c0:6c:
b2:b2:b5:f6:ec:0e:8f:f2:e5:31:24:54:a3:db:f0:
54:42:42:c1:c6:d3:b3:dc:fa:38:2f:07:3a:ed:6c:
82:b3:45:46:ee:12:89:af:ff:06:03:9d:af:52:5d:
77:ba:66:fc:ec:81:09:c0:67:51:f3:96:54:7e:f6:
6a:c0:c0:b8:93:d3:ee:39:c8:45:2f:7a:84:a7:21:
05:0f:76:04:75:d0:b7:ea:06:16:2c:98:95:62:e0:
6e:6a:be:70:53:ef:2c:16:aa:a7:5f:d3:20:7c:5d:
5b:0d:45:0f:56:68:12:79:f7:07:9a:f4:96:2e:df:
f1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C7:82:44:A8:97:03:56:82:41:F1:60:DB:3E:C9:13:EF:38:24:55
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/L8eCRKiXA1aCQfFg2z7JE-84JFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.151.0/24
188.132.168.0/24
188.132.199.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:5f:b0:1f:01:fc:b5:62:f3:cf:a4:48:ed:b8:1e:89:fa:79:
7c:24:47:e6:d4:24:70:3c:e7:f3:73:09:b4:ca:56:54:e9:7b:
f6:a8:35:d2:65:03:c7:a2:b1:e2:e9:88:75:db:2b:17:b2:b3:
ac:2e:90:50:67:9b:7c:69:87:5e:3a:43:82:51:c3:ed:9c:9e:
e6:81:4f:26:ce:d6:29:22:23:76:97:71:cf:9b:de:76:c7:86:
91:81:5d:cb:08:cb:fb:40:3f:bc:14:90:f8:86:80:02:e1:5d:
29:0d:18:03:4e:e8:0a:7a:bb:36:19:76:c4:68:e2:77:40:36:
2c:33:00:99:3a:ac:2e:37:18:5a:d4:4c:20:8a:41:a0:46:9e:
a0:39:56:38:ea:69:27:3f:c4:35:fc:c6:00:c7:70:4d:25:1d:
5f:d9:82:4b:a4:66:e3:25:c7:68:50:c2:dc:d3:a8:39:24:f9:
96:d0:a9:21:42:d2:af:bb:5f:3c:4f:16:0e:e7:db:f8:86:c9:
48:d9:fc:45:63:85:fb:5d:55:ce:06:f2:93:6a:94:48:e3:f9:
ff:ca:e2:73:42:ee:46:a1:d5:74:3b:94:81:a8:4e:67:79:aa:
82:ea:88:af:1d:8a:86:52:17:27:b0:f4:b3:4a:ab:a1:de:49:
1c:d4:cb:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx5CuZpbW9vrqzkhsrvaY4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMxMjE3MTgzMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmM3ODI0NGE4OTcwMzU2ODI0MWYxNjBkYjNlYzkxM2VmMzgyNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRPA75j4WIjX1OU0z5ZZFcOw9rEA
uvtzmYKYrLz1i6gDJseSavi5JIHi9MMrqJJVYhprIbPIGY1c8e1YHc/j0LWfy6WB
MXxurXEMxUYxSuOakQ6ky2wzNhN92Ynk06IupCn860s/Ix7WCr+4AK35CS0+D+Sc
wIiu3q+hPZ2We5RHaI2PwGyysrX27A6P8uUxJFSj2/BUQkLBxtOz3Po4Lwc67WyC
s0VG7hKJr/8GA52vUl13umb87IEJwGdR85ZUfvZqwMC4k9PuOchFL3qEpyEFD3YE
ddC36gYWLJiVYuBuar5wU+8sFqqnX9MgfF1bDUUPVmgSefcHmvSWLt/xkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC/HgkSolwNWgkHxYNs+yRPvOCRVMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvTDhlQ1JLaVhBMWFDUWZGZzJ6N0pFLTg0SkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvISXAwQA
vISoAwQAvITHMA0GCSqGSIb3DQEBCwUAA4IBAQArX7AfAfy1YvPPpEjtuB6J+nl8
JEfm1CRwPOfzcwm0ylZU6Xv2qDXSZQPHorHi6Yh12ysXsrOsLpBQZ5t8aYdeOkOC
UcPtnJ7mgU8mztYpIiN2l3HPm952x4aRgV3LCMv7QD+8FJD4hoAC4V0pDRgDTugK
ers2GXbEaOJ3QDYsMwCZOqwuNxha1EwgikGgRp6gOVY46mknP8Q1/MYAx3BNJR1f
2YJLpGbjJcdoUMLc06g5JPmW0KkhQtKvu188TxYO59v4hslI2fxFY4X7XVXOBvKT
apRI4/n/yuJzQu5GodV0O5SBqE5neaqC6oivHYqGUhcnsPSzSquh3kkc1Ms+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:58 2024 by rpki-client on console-ams.rpki-client.org