Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/mo39uqM_Ks3KLvGGrs2wkyD94OE.roa
File: mo39uqM_Ks3KLvGGrs2wkyD94OE.roa (raw, json)
Hash identifier: v4/wWAsmlEdfWVzObhKgToT4b9F7GQxhQ60lm+RWjno=
Subject key identifier: 9A:8D:FD:BA:A3:3F:2A:CD:CA:2E:F1:86:AE:CD:B0:93:20:FD:E0:E1
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0188D6E4469A279E73FF502E9A3956364B97
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/mo39uqM_Ks3KLvGGrs2wkyD94OE.roa
Signing time: Tue 20 Jun 2023 03:41:04 +0000
ROA not before: Tue 20 Jun 2023 03:41:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.191.96.0/24 maxlen: 24
188.191.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Jun 2023 21:10:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d6:e4:46:9a:27:9e:73:ff:50:2e:9a:39:56:36:4b:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jun 20 03:41:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a8dfdbaa33f2acdca2ef186aecdb09320fde0e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:42:84:2c:97:e2:83:fd:b6:43:fd:84:a6:1d:
c9:b7:f8:ca:59:9f:4e:86:89:b7:90:cc:13:7c:9e:
b7:42:2e:32:42:e0:e8:64:57:97:a1:0e:5e:e9:db:
b0:1f:a0:69:78:5c:72:d4:b5:a3:63:cc:60:ca:70:
f2:2a:89:1b:52:7b:7c:20:5e:8b:fb:a7:70:3c:f4:
a3:b4:bd:90:b3:53:0d:4e:44:29:d8:45:94:f1:46:
e5:d0:e7:49:2b:f1:e9:90:10:6f:c6:ea:79:b9:d0:
59:8b:f0:50:95:9c:c5:ef:0d:c5:ae:8a:78:2e:40:
21:73:fd:f2:ac:31:6b:a4:9e:f7:47:90:17:82:c1:
ae:67:01:60:69:17:64:19:a7:c2:2f:75:e0:66:70:
d2:c0:d9:6e:fb:97:93:ea:12:1c:cd:24:88:a7:58:
d7:68:11:9c:87:7a:fe:fb:24:82:42:81:bd:bb:f4:
2b:b9:05:88:68:4d:cf:b5:1e:90:bd:77:a0:e2:47:
64:37:b5:61:4a:9a:2e:c7:3a:38:e7:2e:f9:ca:e9:
61:52:0a:f4:4e:f2:73:fc:00:95:e1:3f:76:ca:b1:
40:d4:18:30:62:04:16:ec:1d:70:f2:22:01:b8:d5:
d2:f1:fd:aa:34:56:b8:2d:bc:62:42:4a:57:31:e5:
a1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8D:FD:BA:A3:3F:2A:CD:CA:2E:F1:86:AE:CD:B0:93:20:FD:E0:E1
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/mo39uqM_Ks3KLvGGrs2wkyD94OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.96.0/24
188.191.104.0/24
Signature Algorithm: sha256WithRSAEncryption
21:1e:6e:91:99:af:25:5c:3e:99:35:14:2d:c3:78:68:a1:c4:
f9:4d:b0:a6:8f:46:06:ce:6a:70:72:ff:01:63:e8:6d:e7:06:
81:b6:30:30:76:f2:93:41:0f:6f:81:ba:63:fa:e9:47:c0:fb:
d1:5a:01:8f:50:6f:d4:3d:c2:7c:3f:0c:61:d0:1a:45:7d:94:
88:85:61:ff:63:11:cf:5f:3e:0b:17:ec:19:1a:7c:46:aa:43:
18:be:bb:a8:6a:7c:af:a1:0a:45:3a:4f:cc:66:0a:9f:b3:d7:
26:99:07:f8:ab:68:2d:53:b1:97:93:01:95:c8:8f:35:53:aa:
aa:6e:7d:ae:5c:3d:63:79:f4:c8:66:91:11:4b:bc:56:33:80:
4e:cd:70:e8:b0:49:e9:ec:83:a2:47:fa:7e:cb:da:de:84:2e:
f1:d8:0f:c8:39:87:47:8e:d7:38:d2:04:4d:53:e5:75:ff:1f:
3f:fc:7e:3e:f2:4e:2d:89:6f:58:54:6b:b0:9e:fe:35:64:11:
4b:07:f6:7a:b7:d0:da:77:bc:3b:93:fe:bc:3e:4d:ed:d4:32:
fd:cb:39:e4:36:ee:8c:3f:fc:f1:d0:65:d9:22:e6:45:23:28:
f7:91:66:a5:12:21:91:45:85:db:50:ff:b5:80:35:ee:17:bc:
05:04:ea:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjW5EaaJ55z/1AumjlWNkuXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwNjIwMDM0MTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YThkZmRiYWEzM2YyYWNkY2EyZWYxODZhZWNkYjA5MzIwZmRlMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUKELJfig/22Q/2Eph3Jt/jKWZ9O
hom3kMwTfJ63Qi4yQuDoZFeXoQ5e6duwH6BpeFxy1LWjY8xgynDyKokbUnt8IF6L
+6dwPPSjtL2Qs1MNTkQp2EWU8Ubl0OdJK/HpkBBvxup5udBZi/BQlZzF7w3Frop4
LkAhc/3yrDFrpJ73R5AXgsGuZwFgaRdkGafCL3XgZnDSwNlu+5eT6hIczSSIp1jX
aBGch3r++ySCQoG9u/QruQWIaE3PtR6QvXeg4kdkN7VhSpouxzo45y75yulhUgr0
TvJz/ACV4T92yrFA1BgwYgQW7B1w8iIBuNXS8f2qNFa4LbxiQkpXMeWhKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJqN/bqjPyrNyi7xhq7NsJMg/eDhMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvbW8zOXVxTV9LczNLTHZHR3JzMndreUQ5NE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvL9gAwQA
vL9oMA0GCSqGSIb3DQEBCwUAA4IBAQAhHm6Rma8lXD6ZNRQtw3hoocT5TbCmj0YG
zmpwcv8BY+ht5waBtjAwdvKTQQ9vgbpj+ulHwPvRWgGPUG/UPcJ8Pwxh0BpFfZSI
hWH/YxHPXz4LF+wZGnxGqkMYvruoanyvoQpFOk/MZgqfs9cmmQf4q2gtU7GXkwGV
yI81U6qqbn2uXD1jefTIZpERS7xWM4BOzXDosEnp7IOiR/p+y9rehC7x2A/IOYdH
jtc40gRNU+V1/x8//H4+8k4tiW9YVGuwnv41ZBFLB/Z6t9Dad7w7k/68Pk3t1DL9
yznkNu6MP/zx0GXZIuZFIyj3kWalEiGRRYXbUP+1gDXuF7wFBOrZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org