Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/cN-prN1d3VHcPQNKPE7FJjzOqSw.roa
File: cN-prN1d3VHcPQNKPE7FJjzOqSw.roa (raw, json)
Hash identifier: xDb9/cgTHZi4hgEYr1Cptnj4mxSZ+xFPV6Tva3ov1kE=
Subject key identifier: 70:DF:A9:AC:DD:5D:DD:51:DC:3D:03:4A:3C:4E:C5:26:3C:CE:A9:2C
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018D5919313F4096A3F0E3AF1803FB60DA6A
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/cN-prN1d3VHcPQNKPE7FJjzOqSw.roa
Signing time: Tue 30 Jan 2024 06:40:39 +0000
ROA not before: Tue 30 Jan 2024 06:40:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 188.240.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 16:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:19:31:3f:40:96:a3:f0:e3:af:18:03:fb:60:da:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 30 06:40:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70dfa9acdd5ddd51dc3d034a3c4ec5263ccea92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:02:73:87:1d:22:68:cd:6e:f4:85:4c:1a:6f:
7c:cf:50:f5:33:1d:59:fe:94:ef:d9:ba:83:a3:75:
c2:eb:f1:5d:8c:47:33:eb:7e:f0:94:c9:7b:db:89:
c7:92:69:02:67:97:a1:4b:2a:68:b0:a7:45:6a:52:
76:85:3b:fa:f8:ce:a7:80:d7:82:c2:c6:de:42:fe:
76:ce:38:64:ab:1f:7f:2c:ad:3c:63:cd:75:36:9a:
2c:b2:4c:5c:28:2e:eb:45:0b:5f:34:21:67:f2:20:
13:2b:4a:96:02:94:81:93:b2:c3:52:a7:29:76:39:
39:62:82:0a:28:6f:db:fb:97:4a:41:e3:f3:7f:41:
74:71:b7:3e:2c:04:18:ac:4d:9c:06:4e:4d:fb:4d:
f5:0f:c1:ea:20:9e:49:57:86:60:b9:59:af:4e:9c:
f8:34:4a:b1:8b:4a:4a:41:63:34:21:b1:39:36:a8:
c2:98:f9:9e:0c:98:ef:8a:2c:cc:19:83:24:6d:46:
96:2c:2e:09:9a:23:e0:0a:24:4d:10:e3:c1:64:ae:
4e:71:80:98:27:bf:6d:36:3e:68:ab:c8:91:0a:95:
13:fc:7d:45:87:01:ca:1e:f2:3c:d9:c4:84:53:15:
a7:93:4e:3e:cd:ff:fe:97:ce:ec:8d:36:28:cb:bb:
c1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DF:A9:AC:DD:5D:DD:51:DC:3D:03:4A:3C:4E:C5:26:3C:CE:A9:2C
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/cN-prN1d3VHcPQNKPE7FJjzOqSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
95:fc:e2:41:4e:ce:72:1a:38:91:15:a5:f7:45:1f:77:17:a7:
d9:fc:14:c7:47:7b:99:9c:16:4c:f6:fe:e0:43:e8:38:10:07:
bd:7a:06:13:a3:39:33:00:06:6b:60:be:4b:3f:1f:c6:7b:8c:
81:83:b3:58:03:ed:81:51:58:f2:c3:f1:7f:51:60:45:32:48:
3d:66:21:a9:a6:90:13:37:a1:59:1c:88:c7:44:10:3c:8a:b1:
59:a8:f6:80:29:2e:7c:d8:7c:8f:14:4d:8e:da:9b:a6:19:bb:
9c:05:69:cb:fc:44:ce:1d:b7:8a:02:3a:ad:9b:52:a7:52:a2:
9b:a9:dc:17:01:a9:1d:fb:50:e9:2c:fc:cd:ac:51:70:7b:f2:
9e:2c:cb:8b:ed:51:ff:d5:80:6a:e8:00:8b:fc:98:fc:72:9f:
62:b5:f7:1a:fc:42:20:64:06:f8:95:89:60:9d:f3:75:2e:4d:
92:b6:09:10:4a:3e:a2:8a:63:5c:e7:fa:08:e1:bd:17:00:8a:
d1:7c:d8:21:64:bf:55:95:f9:5f:ad:84:4c:fa:68:e1:f5:ca:
25:8e:f8:86:fc:0a:e9:03:ac:fa:d4:b2:6a:31:b0:fa:7e:24:
c1:30:a2:6a:72:af:45:86:c0:c0:40:60:9f:af:e4:5c:6a:3d:
82:c5:72:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1ZGTE/QJaj8OOvGAP7YNpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMTMwMDY0MDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGRmYTlhY2RkNWRkZDUxZGMzZDAzNGEzYzRlYzUyNjNjY2VhOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwJzhx0iaM1u9IVMGm98z1D1Mx1Z
/pTv2bqDo3XC6/FdjEcz637wlMl724nHkmkCZ5ehSyposKdFalJ2hTv6+M6ngNeC
wsbeQv52zjhkqx9/LK08Y811NposskxcKC7rRQtfNCFn8iATK0qWApSBk7LDUqcp
djk5YoIKKG/b+5dKQePzf0F0cbc+LAQYrE2cBk5N+031D8HqIJ5JV4ZguVmvTpz4
NEqxi0pKQWM0IbE5NqjCmPmeDJjviizMGYMkbUaWLC4JmiPgCiRNEOPBZK5OcYCY
J79tNj5oq8iRCpUT/H1FhwHKHvI82cSEUxWnk04+zf/+l87sjTYoy7vBKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHDfqazdXd1R3D0DSjxOxSY8zqksMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvY04tcHJOMWQzVkhjUFFOS1BFN0ZKanpPcVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvPDEMA0G
CSqGSIb3DQEBCwUAA4IBAQCV/OJBTs5yGjiRFaX3RR93F6fZ/BTHR3uZnBZM9v7g
Q+g4EAe9egYTozkzAAZrYL5LPx/Ge4yBg7NYA+2BUVjyw/F/UWBFMkg9ZiGpppAT
N6FZHIjHRBA8irFZqPaAKS582HyPFE2O2pumGbucBWnL/ETOHbeKAjqtm1KnUqKb
qdwXAakd+1DpLPzNrFFwe/KeLMuL7VH/1YBq6ACL/Jj8cp9itfca/EIgZAb4lYlg
nfN1Lk2StgkQSj6iimNc5/oI4b0XAIrRfNghZL9VlflfrYRM+mjh9coljviG/Arp
A6z61LJqMbD6fiTBMKJqcq9FhsDAQGCfr+Rcaj2CxXLB
-----END CERTIFICATE-----
Generated at Wed Jan 31 20:20:28 2024 by rpki-client on console-fra.rpki-client.org