Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/og68t4zB_hBYYjBrvIlpGA5IQvA.roa
File: og68t4zB_hBYYjBrvIlpGA5IQvA.roa (raw, json)
Hash identifier: YU13geLfdduLK9K8BKsK9gl9GdM9gllKxfBRJASgeLE=
Subject key identifier: A2:0E:BC:B7:8C:C1:FE:10:58:62:30:6B:BC:89:69:18:0E:48:42:F0
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018570028F67C98C1C1BDE8D952379F21B99
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/og68t4zB_hBYYjBrvIlpGA5IQvA.roa
Signing time: Mon 02 Jan 2023 01:04:54 +0000
ROA not before: Mon 02 Jan 2023 01:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203285
IP address blocks: 188.132.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:8f:67:c9:8c:1c:1b:de:8d:95:23:79:f2:1b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 01:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a20ebcb78cc1fe105862306bbc8969180e4842f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:46:09:16:a9:46:ad:96:e4:a4:4f:db:50:da:
f3:89:59:e7:8b:04:b1:cf:18:6d:44:2f:7b:48:a3:
cd:38:1a:49:6b:b4:29:5d:9e:f6:c0:52:02:64:9e:
fa:30:e0:0d:8e:38:4f:65:c5:4c:20:cc:5f:8b:5e:
59:4a:b4:50:de:6e:2e:a8:fb:bb:aa:b8:e3:1d:f4:
bf:91:9d:57:2f:9f:8e:04:03:5e:c7:d6:59:75:5b:
5c:b5:c0:4b:c9:35:1e:f8:39:cc:f5:e7:87:88:f9:
ba:0c:fa:a5:5f:d5:d3:26:2a:85:00:4b:74:27:4b:
2d:65:7c:08:63:a9:20:a7:36:1d:3c:81:8f:de:91:
1a:1a:b9:2a:aa:b3:fd:18:f7:c8:5a:f9:dc:2f:a9:
dc:14:20:71:33:0d:b8:9a:97:96:5a:95:9f:64:f8:
7a:24:11:50:49:50:d2:ac:6e:98:53:0b:e0:d4:ab:
77:95:92:4b:de:f9:7d:a2:ff:4f:42:c6:7c:47:55:
70:96:57:10:33:e0:fd:75:cf:89:96:d9:0e:9f:cd:
9d:1b:f9:76:ca:65:5c:3e:47:c7:0a:98:cf:01:d3:
f1:a5:33:f6:d5:b7:7f:e6:ff:5e:7e:7d:31:93:23:
5a:87:61:15:bc:a1:b5:7b:6d:0c:96:08:ba:7a:34:
9f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:0E:BC:B7:8C:C1:FE:10:58:62:30:6B:BC:89:69:18:0E:48:42:F0
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/og68t4zB_hBYYjBrvIlpGA5IQvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.171.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:46:ab:ce:db:fe:3f:21:9f:31:a7:3c:f3:5d:b4:8d:3d:60:
08:d8:e5:7d:b6:0a:ca:3b:1d:76:5c:3b:57:dc:0c:db:b6:af:
9f:39:ef:6a:25:e9:fe:31:28:aa:b8:c6:40:8d:b1:b8:1a:53:
8a:a6:38:45:a6:9c:25:ca:99:8b:7a:4f:f6:73:83:97:d7:a0:
f1:6f:b3:85:db:89:c0:6e:33:84:95:e7:29:d2:ab:ea:be:da:
11:71:13:25:61:fe:d6:27:0e:57:5a:0a:a1:a9:d0:ff:bb:e5:
86:77:ca:4d:ba:83:4b:e3:41:e8:15:6a:5e:0a:cb:bd:0c:21:
22:95:4b:64:11:d9:e3:4c:e1:5c:25:45:93:9c:e0:8a:27:45:
ee:7e:aa:d4:97:a0:83:d0:2c:5e:7e:ff:b8:ff:e7:f8:16:c4:
c9:8d:b1:04:fc:2d:74:c7:72:ee:03:f3:4f:f2:53:a7:5c:ea:
0a:a8:b2:15:3b:8e:7a:56:26:0a:b7:c3:3e:af:47:a2:51:de:
c1:89:fb:5a:07:5a:ae:18:23:c9:32:4f:39:83:ae:fc:63:b9:
40:f2:3a:f2:a3:69:a3:9b:65:84:e5:0e:7c:91:af:c1:cf:39:
a6:29:f8:f2:83:a4:9e:ec:c5:ca:ff:91:58:89:a1:cf:bb:21:
f9:88:27:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAo9nyYwcG96NlSN58huZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwMTAyMDEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjBlYmNiNzhjYzFmZTEwNTg2MjMwNmJiYzg5NjkxODBlNDg0MmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0YJFqlGrZbkpE/bUNrziVnniwSx
zxhtRC97SKPNOBpJa7QpXZ72wFICZJ76MOANjjhPZcVMIMxfi15ZSrRQ3m4uqPu7
qrjjHfS/kZ1XL5+OBANex9ZZdVtctcBLyTUe+DnM9eeHiPm6DPqlX9XTJiqFAEt0
J0stZXwIY6kgpzYdPIGP3pEaGrkqqrP9GPfIWvncL6ncFCBxMw24mpeWWpWfZPh6
JBFQSVDSrG6YUwvg1Kt3lZJL3vl9ov9PQsZ8R1VwllcQM+D9dc+JltkOn82dG/l2
ymVcPkfHCpjPAdPxpTP21bd/5v9efn0xkyNah2EVvKG1e20Mlgi6ejSfewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKIOvLeMwf4QWGIwa7yJaRgOSELwMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvb2c2OHQ0ekJfaEJZWWpCcnZJbHBHQTVJUXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvISrMA0G
CSqGSIb3DQEBCwUAA4IBAQCLRqvO2/4/IZ8xpzzzXbSNPWAI2OV9tgrKOx12XDtX
3Azbtq+fOe9qJen+MSiquMZAjbG4GlOKpjhFppwlypmLek/2c4OX16Dxb7OF24nA
bjOElecp0qvqvtoRcRMlYf7WJw5XWgqhqdD/u+WGd8pNuoNL40HoFWpeCsu9DCEi
lUtkEdnjTOFcJUWTnOCKJ0XufqrUl6CD0Cxefv+4/+f4FsTJjbEE/C10x3LuA/NP
8lOnXOoKqLIVO456ViYKt8M+r0eiUd7BiftaB1quGCPJMk85g678Y7lA8jryo2mj
m2WE5Q58ka/BzzmmKfjyg6Se7MXK/5FYiaHPuyH5iCfO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:59 2024 by rpki-client on console-ams.rpki-client.org