Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/iG_OEc0z58NndLUMRUluORFHmCg.roa
File: iG_OEc0z58NndLUMRUluORFHmCg.roa (raw, json)
Hash identifier: OXFEccP9XF7PlG+8y2QN0YrhYhiuxZg47oixh/asDSk=
Subject key identifier: 88:6F:CE:11:CD:33:E7:C3:67:74:B5:0C:45:49:6E:39:11:47:98:28
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01876B2B2537FE9F28BDEEAFC1386B3DC8E0
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/iG_OEc0z58NndLUMRUluORFHmCg.roa
Signing time: Mon 10 Apr 2023 12:36:42 +0000
ROA not before: Mon 10 Apr 2023 12:36:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199724
IP address blocks: 188.132.168.0/24 maxlen: 24
188.132.186.0/24 maxlen: 24
188.132.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Apr 2023 01:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6b:2b:25:37:fe:9f:28:bd:ee:af:c1:38:6b:3d:c8:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Apr 10 12:36:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=886fce11cd33e7c36774b50c45496e3911479828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a0:84:73:04:92:8a:d7:12:21:85:db:de:ce:
54:ca:b6:eb:3a:49:35:94:4c:e1:80:56:3a:8d:19:
2f:62:6e:56:ee:d1:2f:44:2f:62:43:96:a3:0a:80:
bf:0d:04:57:5a:81:bd:96:b5:fb:ad:23:ff:93:10:
dd:c0:96:f8:bd:78:cb:41:26:ad:7b:e4:47:e3:bf:
aa:b1:6a:5b:40:2c:7e:4d:c7:b3:01:af:db:31:e5:
9f:cb:7b:ed:54:c6:f7:7e:99:f0:b5:b7:0d:7f:f5:
0a:cf:20:c1:a8:4b:98:6b:da:28:7e:75:4a:ae:ad:
e1:d6:b8:3f:84:5b:6a:9a:f9:04:97:aa:9f:2c:cd:
22:16:33:16:3d:06:1a:1c:bb:d0:bb:94:6f:1c:ca:
05:27:9e:79:56:10:52:24:67:b8:7d:87:7e:da:85:
c7:eb:24:90:ef:29:52:90:f0:aa:1b:28:a2:ec:79:
fb:ef:31:ef:b1:5c:c8:40:a8:23:32:b5:62:7d:3b:
7f:9f:97:ef:05:b1:b0:d7:36:a7:f5:5b:63:29:2a:
bb:03:b6:0a:72:be:29:43:8d:a6:cc:81:d7:60:ad:
2c:37:44:c7:41:4d:5c:c7:7b:23:9a:e9:82:81:60:
06:2f:e6:6d:e6:ee:15:0b:fd:0a:5d:22:b3:31:05:
8c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6F:CE:11:CD:33:E7:C3:67:74:B5:0C:45:49:6E:39:11:47:98:28
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/iG_OEc0z58NndLUMRUluORFHmCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.168.0/24
188.132.186.0/24
188.132.199.0/24
Signature Algorithm: sha256WithRSAEncryption
32:89:bb:60:e1:42:8a:0d:dd:4f:0e:9a:54:a4:0e:91:c1:be:
28:1d:81:35:a3:da:06:bc:05:88:09:34:ce:ff:54:ed:04:4f:
38:be:44:84:b9:f4:0c:78:cf:ca:aa:bf:c2:a3:bb:1e:ae:02:
d4:fe:26:b8:ac:ac:19:29:9d:be:42:37:28:be:49:0c:83:1b:
58:c6:f3:eb:d3:63:8b:c2:dc:ba:c6:57:bf:bd:e7:4a:75:fa:
7f:de:94:83:c5:84:3f:27:ea:96:3c:15:b2:c6:30:88:0e:58:
23:a5:95:dc:26:e1:f0:c0:55:02:c9:9c:5a:2c:b0:cc:eb:14:
e7:40:13:ed:f4:74:93:00:b3:50:aa:9e:09:b8:83:fe:d8:4b:
c0:0e:ce:8d:0a:0a:a8:5a:90:05:23:99:7f:ef:b7:f1:ac:fa:
40:1f:c2:28:c9:0d:16:68:fe:59:71:83:18:54:b0:da:3b:01:
64:f4:72:ec:44:47:f3:45:01:e3:99:70:06:c7:5e:af:d9:61:
6b:a6:f1:53:7c:8a:a0:b8:16:db:53:99:e6:8d:47:ce:30:f0:
67:ca:eb:d5:17:40:15:4f:3d:4b:75:de:80:5e:ab:b0:dc:d2:
40:94:fe:89:84:c6:fa:4d:c6:84:0f:b5:7d:3a:2d:13:c1:e1:
a2:ca:05:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdrKyU3/p8ove6vwThrPcjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwNDEwMTIzNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODZmY2UxMWNkMzNlN2MzNjc3NGI1MGM0NTQ5NmUzOTExNDc5ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaCEcwSSitcSIYXb3s5UyrbrOkk1
lEzhgFY6jRkvYm5W7tEvRC9iQ5ajCoC/DQRXWoG9lrX7rSP/kxDdwJb4vXjLQSat
e+RH47+qsWpbQCx+TcezAa/bMeWfy3vtVMb3fpnwtbcNf/UKzyDBqEuYa9oofnVK
rq3h1rg/hFtqmvkEl6qfLM0iFjMWPQYaHLvQu5RvHMoFJ555VhBSJGe4fYd+2oXH
6ySQ7ylSkPCqGyii7Hn77zHvsVzIQKgjMrVifTt/n5fvBbGw1zan9VtjKSq7A7YK
cr4pQ42mzIHXYK0sN0THQU1cx3sjmumCgWAGL+Zt5u4VC/0KXSKzMQWMNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIhvzhHNM+fDZ3S1DEVJbjkRR5goMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvaUdfT0VjMHo1OE5uZExVTVJVbHVPUkZIbUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvISoAwQA
vIS6AwQAvITHMA0GCSqGSIb3DQEBCwUAA4IBAQAyibtg4UKKDd1PDppUpA6Rwb4o
HYE1o9oGvAWICTTO/1TtBE84vkSEufQMeM/Kqr/Co7sergLU/ia4rKwZKZ2+Qjco
vkkMgxtYxvPr02OLwty6xle/vedKdfp/3pSDxYQ/J+qWPBWyxjCIDlgjpZXcJuHw
wFUCyZxaLLDM6xTnQBPt9HSTALNQqp4JuIP+2EvADs6NCgqoWpAFI5l/77fxrPpA
H8IoyQ0WaP5ZcYMYVLDaOwFk9HLsREfzRQHjmXAGx16v2WFrpvFTfIqguBbbU5nm
jUfOMPBnyuvVF0AVTz1Ldd6AXquw3NJAlP6JhMb6TcaED7V9Oi0TweGiygWZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:59 2024 by rpki-client on console-ams.rpki-client.org