Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/s_6nFq67ZkM0frbso0NCeNk4eRg.roa
File: s_6nFq67ZkM0frbso0NCeNk4eRg.roa (raw, json)
Hash identifier: 5Z/NduJto35gpHs1aniJ+SYC/8mlK9qOrjMy40I5MyY=
Subject key identifier: B3:FE:A7:16:AE:BB:66:43:34:7E:B6:EC:A3:43:42:78:D9:38:79:18
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018F4E37E46417AC555900EB43545741BCE8
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/s_6nFq67ZkM0frbso0NCeNk4eRg.roa
Signing time: Mon 06 May 2024 14:03:56 +0000
ROA not before: Mon 06 May 2024 14:03:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200456
IP address blocks: 188.132.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4e:37:e4:64:17:ac:55:59:00:eb:43:54:57:41:bc:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: May 6 14:03:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3fea716aebb6643347eb6eca3434278d9387918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b9:48:04:8b:69:b9:87:2d:38:2f:ba:02:e7:
ed:26:9d:1a:ee:56:1b:4f:f1:c6:a5:dd:d1:b7:9b:
87:fa:13:cd:00:04:c9:72:23:17:90:11:a3:78:ea:
5f:90:5a:98:3a:ae:6a:63:2e:e0:a7:c7:e4:87:39:
72:6a:bd:c7:9d:23:c7:78:00:5a:b6:06:1e:2f:fe:
ae:37:6a:9d:0a:d6:02:f9:6f:f4:95:0b:22:00:7f:
95:12:0d:69:f3:2d:56:41:88:bd:30:f7:92:6a:a4:
2c:90:a2:9c:30:7f:af:d6:dd:b6:b9:7d:19:1e:7f:
4a:99:a8:c6:b2:dd:41:c5:a5:83:ba:fe:48:4f:38:
98:23:0c:52:1b:e3:86:9e:76:d9:48:8d:a5:bf:1b:
72:0a:56:aa:33:cb:a6:c6:1b:03:9e:75:ed:da:05:
c8:23:7a:c1:71:d5:8a:6f:d1:ec:e4:58:96:06:44:
75:66:92:a6:35:41:ee:9a:63:08:9c:ab:46:c3:95:
41:f2:99:85:74:79:3d:61:51:f1:93:8c:b3:c2:9b:
93:07:47:c6:eb:bb:c8:84:15:2c:1c:b9:69:65:a4:
b7:d0:7c:1e:ac:dc:33:c4:2f:85:dd:37:c6:b7:06:
f1:2c:9b:06:56:6d:b5:7b:f7:15:73:aa:7b:f9:41:
81:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:FE:A7:16:AE:BB:66:43:34:7E:B6:EC:A3:43:42:78:D9:38:79:18
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/s_6nFq67ZkM0frbso0NCeNk4eRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.230.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:a3:32:cb:52:5f:fe:07:fc:42:e0:72:b6:13:42:27:52:dd:
26:a4:30:53:ad:6b:e5:f8:71:2f:33:df:30:b6:7f:22:e3:f4:
94:2a:7e:1d:5c:94:f4:71:fa:13:a0:53:35:39:76:86:ed:7d:
0e:fe:83:42:3a:01:d4:fe:99:2b:15:24:fb:5f:be:85:ef:6b:
70:6d:c6:3a:8d:f9:93:d4:17:d3:1c:47:5d:c0:62:fc:f9:12:
0d:85:cc:03:b2:f8:bf:4e:9e:b7:e8:34:61:bd:2d:65:26:dd:
b2:bc:14:53:74:ea:9f:72:36:07:d2:5d:ba:6f:62:8b:33:02:
ce:2b:b6:45:4e:51:32:5e:ae:6e:34:99:5a:c7:fc:77:c5:54:
19:e9:43:ae:88:ae:29:c3:5d:dc:3f:57:e2:e9:26:88:f5:f6:
f0:28:bd:e1:25:f2:1a:0e:52:02:c0:b8:c5:5b:3b:fb:b0:65:
bf:91:b6:15:be:cc:d9:fd:72:a8:95:47:d1:76:4d:36:07:46:
df:42:7b:0d:3b:25:c3:23:f4:de:c5:4e:58:4e:42:73:e7:76:
01:d8:60:d8:d3:01:37:7c:87:bb:be:0d:42:57:f5:07:0e:ff:
6e:62:ee:df:7c:f2:01:37:d9:46:d5:c6:2a:9e:33:31:b3:83:
78:af:bf:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9ON+RkF6xVWQDrQ1RXQbzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwNTA2MTQwMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2ZlYTcxNmFlYmI2NjQzMzQ3ZWI2ZWNhMzQzNDI3OGQ5Mzg3OTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2blIBItpuYctOC+6AuftJp0a7lYb
T/HGpd3Rt5uH+hPNAATJciMXkBGjeOpfkFqYOq5qYy7gp8fkhzlyar3HnSPHeABa
tgYeL/6uN2qdCtYC+W/0lQsiAH+VEg1p8y1WQYi9MPeSaqQskKKcMH+v1t22uX0Z
Hn9KmajGst1BxaWDuv5ITziYIwxSG+OGnnbZSI2lvxtyClaqM8umxhsDnnXt2gXI
I3rBcdWKb9Hs5FiWBkR1ZpKmNUHummMInKtGw5VB8pmFdHk9YVHxk4yzwpuTB0fG
67vIhBUsHLlpZaS30HwerNwzxC+F3TfGtwbxLJsGVm21e/cVc6p7+UGBwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLP+pxauu2ZDNH627KNDQnjZOHkYMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvc182bkZxNjdaa00wZnJic28wTkNlTms0ZVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvITmMA0G
CSqGSIb3DQEBCwUAA4IBAQAtozLLUl/+B/xC4HK2E0InUt0mpDBTrWvl+HEvM98w
tn8i4/SUKn4dXJT0cfoToFM1OXaG7X0O/oNCOgHU/pkrFST7X76F72twbcY6jfmT
1BfTHEddwGL8+RINhcwDsvi/Tp636DRhvS1lJt2yvBRTdOqfcjYH0l26b2KLMwLO
K7ZFTlEyXq5uNJlax/x3xVQZ6UOuiK4pw13cP1fi6SaI9fbwKL3hJfIaDlICwLjF
Wzv7sGW/kbYVvszZ/XKolUfRdk02B0bfQnsNOyXDI/TexU5YTkJz53YB2GDY0wE3
fIe7vg1CV/UHDv9uYu7ffPIBN9lG1cYqnjMxs4N4r7/j
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:24:05 2025 by rpki-client