Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/hDwsNZ9pXCV9u5aquPjwnYMPUpQ.roa
File: hDwsNZ9pXCV9u5aquPjwnYMPUpQ.roa (raw, json)
Hash identifier: hMhtxlxz78FcV6dialOTErfH6rkTLHmyMijiGoUJaz0=
Subject key identifier: 84:3C:2C:35:9F:69:5C:25:7D:BB:96:AA:B8:F8:F0:9D:83:0F:52:94
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018756C15059167A9116DF83F22FEAF2B6D5
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/hDwsNZ9pXCV9u5aquPjwnYMPUpQ.roa
Signing time: Thu 06 Apr 2023 13:28:42 +0000
ROA not before: Thu 06 Apr 2023 13:28:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211804
IP address blocks: 188.132.151.0/24 maxlen: 24
188.132.168.0/24 maxlen: 24
188.132.186.0/24 maxlen: 24
188.132.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Apr 2023 21:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:56:c1:50:59:16:7a:91:16:df:83:f2:2f:ea:f2:b6:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Apr 6 13:28:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=843c2c359f695c257dbb96aab8f8f09d830f5294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9b:14:42:d0:56:65:5c:40:5c:b2:6c:15:3b:
80:24:72:1f:f4:00:68:34:a0:0a:f5:08:29:a3:63:
de:f8:12:97:ae:80:8d:7b:be:8f:af:1d:0b:fc:1c:
24:73:ca:d0:6d:90:7c:71:ba:8e:c7:ef:3b:11:5b:
b7:78:11:a6:af:2a:8e:5e:9d:b8:ca:51:b3:d2:36:
c7:5e:86:51:6c:d1:1e:51:83:ef:d9:96:e2:b7:d5:
05:ab:29:af:29:8a:c9:a1:03:6b:ea:9b:28:05:e9:
fa:02:52:b5:7f:9b:0b:ee:4d:61:84:b9:8a:3b:09:
b5:20:cc:fe:25:2a:30:43:39:ce:cf:f6:d3:3d:7b:
f0:23:7f:d0:b5:dd:86:55:5b:44:6f:7d:29:9c:cf:
8b:79:ef:99:6e:a2:9c:0b:34:af:4f:0a:20:30:72:
68:bc:2f:3e:8b:71:86:70:9c:b9:6c:e8:a8:89:0d:
3c:43:d9:27:bf:53:ac:ee:0f:f9:10:b6:f6:b0:d2:
d2:bf:28:73:a4:c9:54:bc:bb:3e:b6:43:3f:7f:71:
8d:ed:6e:8c:9e:b5:3a:6f:d5:63:fa:fc:b7:33:fe:
9f:9d:71:f1:23:96:b6:08:f2:40:4d:5d:bc:40:af:
ef:b6:62:f5:83:85:c2:4c:b9:ca:13:6d:f6:81:85:
7e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:3C:2C:35:9F:69:5C:25:7D:BB:96:AA:B8:F8:F0:9D:83:0F:52:94
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/hDwsNZ9pXCV9u5aquPjwnYMPUpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.151.0/24
188.132.168.0/24
188.132.186.0/24
188.132.199.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:c2:c6:3a:c0:ec:20:7d:16:96:72:0f:f4:f2:64:8e:e4:3f:
5b:25:aa:c3:7c:ff:23:33:e3:c5:31:58:fd:4d:fb:6b:06:c4:
cd:d4:66:51:fe:47:e7:40:86:ca:65:69:00:af:6d:2f:26:72:
30:08:46:8a:2d:46:df:7d:b5:45:4c:40:5d:6a:15:fe:19:45:
59:24:cb:92:f9:40:ea:b8:d2:38:46:ca:be:eb:82:9f:23:05:
4c:2f:39:62:0c:fb:52:e4:96:d9:6e:82:b0:bd:1d:ed:af:82:
d9:7c:e9:9b:c0:b3:04:f3:53:17:56:31:cc:4e:ad:44:bb:db:
24:4e:ae:20:50:8c:16:98:e5:f8:4f:d7:34:81:fc:d8:b1:1d:
56:0d:63:44:a6:e9:b0:81:66:68:c8:45:48:65:ee:93:c9:3e:
66:a9:f0:01:b9:d2:5c:9f:ed:18:e0:a4:9d:37:2e:ff:aa:a6:
d7:b8:7e:fa:26:0d:b3:df:8e:78:06:d7:0d:5d:ce:0b:6b:ec:
d7:a2:8f:77:29:da:b2:97:bc:ad:91:02:9e:eb:df:eb:bd:d2:
ac:44:36:af:a1:34:de:e5:af:40:24:de:30:42:f2:a2:f8:99:
ae:85:ae:18:78:cd:03:d6:3b:d2:d3:7f:ed:e9:9e:a0:30:6f:
46:69:b1:6a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdWwVBZFnqRFt+D8i/q8rbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwNDA2MTMyODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDNjMmMzNTlmNjk1YzI1N2RiYjk2YWFiOGY4ZjA5ZDgzMGY1Mjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipsUQtBWZVxAXLJsFTuAJHIf9ABo
NKAK9Qgpo2Pe+BKXroCNe76Prx0L/Bwkc8rQbZB8cbqOx+87EVu3eBGmryqOXp24
ylGz0jbHXoZRbNEeUYPv2Zbit9UFqymvKYrJoQNr6psoBen6AlK1f5sL7k1hhLmK
Owm1IMz+JSowQznOz/bTPXvwI3/Qtd2GVVtEb30pnM+Lee+ZbqKcCzSvTwogMHJo
vC8+i3GGcJy5bOioiQ08Q9knv1Os7g/5ELb2sNLSvyhzpMlUvLs+tkM/f3GN7W6M
nrU6b9Vj+vy3M/6fnXHxI5a2CPJATV28QK/vtmL1g4XCTLnKE232gYV+9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIQ8LDWfaVwlfbuWqrj48J2DD1KUMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvaER3c05aOXBYQ1Y5dTVhcXVQanduWU1QVXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAvISXAwQA
vISoAwQAvIS6AwQAvITHMA0GCSqGSIb3DQEBCwUAA4IBAQBdwsY6wOwgfRaWcg/0
8mSO5D9bJarDfP8jM+PFMVj9TftrBsTN1GZR/kfnQIbKZWkAr20vJnIwCEaKLUbf
fbVFTEBdahX+GUVZJMuS+UDquNI4Rsq+64KfIwVMLzliDPtS5JbZboKwvR3tr4LZ
fOmbwLME81MXVjHMTq1Eu9skTq4gUIwWmOX4T9c0gfzYsR1WDWNEpumwgWZoyEVI
Ze6TyT5mqfABudJcn+0Y4KSdNy7/qqbXuH76Jg2z3454BtcNXc4La+zXoo93Kdqy
l7ytkQKe69/rvdKsRDavoTTe5a9AJN4wQvKi+Jmuha4YeM0D1jvS03/t6Z6gMG9G
abFq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org