Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/_DOWKOG0Dx1OLQy9I660nB69xA0.roa
File: _DOWKOG0Dx1OLQy9I660nB69xA0.roa (raw, json)
Hash identifier: OiVKdjGxUj3+3B6BfSUMJ7DNS0rFS1m1FmuQHObKHlk=
Subject key identifier: FC:33:96:28:E1:B4:0F:1D:4E:2D:0C:BD:23:AE:B4:9C:1E:BD:C4:0D
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0189BCBE0BDC7F028E8C174FA557FE23A722
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/_DOWKOG0Dx1OLQy9I660nB69xA0.roa
Signing time: Thu 03 Aug 2023 18:51:58 +0000
ROA not before: Thu 03 Aug 2023 18:51:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.191.99.0/24 maxlen: 24
188.191.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Aug 2023 19:22:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bc:be:0b:dc:7f:02:8e:8c:17:4f:a5:57:fe:23:a7:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Aug 3 18:51:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc339628e1b40f1d4e2d0cbd23aeb49c1ebdc40d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3d:12:ce:d5:7a:e2:8a:4b:65:df:b3:96:fe:
11:7d:6c:54:23:3e:67:d7:6d:eb:c4:85:ba:89:ba:
53:42:63:b6:d0:b4:1b:38:bf:47:26:d8:5b:c9:7f:
d4:f5:61:97:6e:cf:40:07:d1:4d:74:ae:cb:a5:38:
bb:3a:2e:a8:46:ac:2e:45:57:7a:75:0a:44:d3:a1:
64:d6:f4:ce:5b:f9:2b:05:19:94:a4:02:b0:cc:d6:
54:77:77:f5:9c:ae:49:06:eb:97:08:5e:cd:70:3c:
0c:38:04:25:66:c8:38:b4:a3:c6:d2:ee:23:54:ed:
6d:c2:c6:8d:3d:d7:62:68:21:f5:34:83:fb:9b:50:
2a:b2:0a:ae:90:9e:bb:66:f2:23:fe:51:58:0b:2b:
31:26:20:75:fb:85:66:19:cb:a0:02:72:e1:f8:f1:
0c:99:b9:58:66:9e:23:b9:38:a3:e1:32:ab:d8:ff:
a4:cd:93:9a:6c:b9:eb:f3:70:b0:07:23:07:37:c5:
fc:4a:41:f4:0a:22:17:cc:d4:c8:19:c9:f3:80:b5:
19:88:b9:76:48:b2:42:ad:d9:17:17:29:b4:ef:98:
aa:88:30:d8:3d:7a:a4:0b:1e:0d:e2:0c:59:95:2d:
5c:97:c5:fc:0a:17:12:c7:f2:57:fc:5e:1c:17:4f:
d8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:33:96:28:E1:B4:0F:1D:4E:2D:0C:BD:23:AE:B4:9C:1E:BD:C4:0D
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/_DOWKOG0Dx1OLQy9I660nB69xA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.99.0/24
188.191.106.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:d8:2a:57:2b:4e:45:1b:23:d2:3a:f2:09:4e:e7:3b:3d:0c:
95:9c:75:d2:dd:77:e4:96:1e:13:20:b3:44:af:b7:cf:10:c2:
02:42:da:17:c7:63:c3:46:29:be:91:91:63:a7:f0:96:14:e5:
df:d0:af:14:92:25:50:00:25:69:b4:cb:df:df:98:48:27:87:
af:8e:ae:ca:90:c8:46:68:7a:56:33:59:f7:f7:05:89:f6:6c:
8e:38:de:cc:cf:7b:da:73:74:d2:4c:4f:ad:80:c7:f2:03:40:
1e:db:02:37:6c:a0:18:46:f3:b7:57:6b:9b:48:81:4b:89:3a:
f2:ca:09:32:db:16:00:f0:8c:7d:d8:dd:f4:fb:91:98:d8:1d:
f3:06:5f:12:7a:18:cb:3b:43:36:59:b9:3e:e5:14:97:68:52:
2f:cb:8b:d0:62:91:fd:f5:13:c0:37:ae:32:d1:34:97:0d:e7:
7b:de:60:5e:a4:06:62:f4:65:07:75:74:3d:d6:f9:df:26:f8:
a7:2c:ef:f2:29:75:05:ef:1c:fb:32:68:a2:d0:93:18:bf:fc:
15:f2:44:8e:8d:8a:90:a7:57:06:7f:58:90:b7:33:1e:3a:1b:
f7:f5:d5:71:b8:ee:14:b2:b1:df:27:47:b6:a9:98:90:ed:27:
25:0b:ba:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm8vgvcfwKOjBdPpVf+I6ciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwODAzMTg1MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzMzOTYyOGUxYjQwZjFkNGUyZDBjYmQyM2FlYjQ5YzFlYmRjNDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj0SztV64opLZd+zlv4RfWxUIz5n
123rxIW6ibpTQmO20LQbOL9HJthbyX/U9WGXbs9AB9FNdK7LpTi7Oi6oRqwuRVd6
dQpE06Fk1vTOW/krBRmUpAKwzNZUd3f1nK5JBuuXCF7NcDwMOAQlZsg4tKPG0u4j
VO1twsaNPddiaCH1NIP7m1AqsgqukJ67ZvIj/lFYCysxJiB1+4VmGcugAnLh+PEM
mblYZp4juTij4TKr2P+kzZOabLnr83CwByMHN8X8SkH0CiIXzNTIGcnzgLUZiLl2
SLJCrdkXFym075iqiDDYPXqkCx4N4gxZlS1cl8X8ChcSx/JX/F4cF0/YkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPwzlijhtA8dTi0MvSOutJwevcQNMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvX0RPV0tPRzBEeDFPTFF5OUk2NjBuQjY5eEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvL9jAwQA
vL9qMA0GCSqGSIb3DQEBCwUAA4IBAQBa2CpXK05FGyPSOvIJTuc7PQyVnHXS3Xfk
lh4TILNEr7fPEMICQtoXx2PDRim+kZFjp/CWFOXf0K8UkiVQACVptMvf35hIJ4ev
jq7KkMhGaHpWM1n39wWJ9myOON7Mz3vac3TSTE+tgMfyA0Ae2wI3bKAYRvO3V2ub
SIFLiTryygky2xYA8Ix92N30+5GY2B3zBl8SehjLO0M2Wbk+5RSXaFIvy4vQYpH9
9RPAN64y0TSXDed73mBepAZi9GUHdXQ91vnfJvinLO/yKXUF7xz7Mmii0JMYv/wV
8kSOjYqQp1cGf1iQtzMeOhv39dVxuO4UsrHfJ0e2qZiQ7SclC7p3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org