Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/r7vzU_6_wlEcL5ea145vo6G870E.roa
File: r7vzU_6_wlEcL5ea145vo6G870E.roa (raw, json)
Hash identifier: vYpJWKzbR8TT4xc+DJXIWK6FHKGAPjvVohP037jV6XY=
Subject key identifier: AF:BB:F3:53:FE:BF:C2:51:1C:2F:97:9A:D7:8E:6F:A3:A1:BC:EF:41
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01865FDF55C685962F6D6F84F61FDA03D294
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/r7vzU_6_wlEcL5ea145vo6G870E.roa
Signing time: Fri 17 Feb 2023 14:55:17 +0000
ROA not before: Fri 17 Feb 2023 14:55:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 188.191.104.0/24 maxlen: 24
188.191.100.0/24 maxlen: 24
188.191.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Feb 2023 07:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:df:55:c6:85:96:2f:6d:6f:84:f6:1f:da:03:d2:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Feb 17 14:55:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afbbf353febfc2511c2f979ad78e6fa3a1bcef41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8d:af:1d:ad:51:c9:fc:5f:78:22:20:d9:4e:
eb:bd:c7:47:35:a6:98:db:6c:6c:01:c1:d3:8a:fe:
e1:a1:8f:c7:67:5e:bd:f4:f8:96:f7:cb:77:8e:d9:
a0:c0:59:38:54:fb:29:90:18:d4:63:b6:79:e8:72:
c4:a1:80:4e:11:bd:6a:22:e3:a7:e2:95:a8:1f:13:
10:f6:2d:1a:27:56:04:8a:3e:6f:29:33:07:09:20:
ed:cc:dc:62:74:69:e7:09:3f:1f:76:e9:cd:17:99:
5d:ae:a2:f0:2f:a3:a4:52:e6:3a:3e:5d:4b:b3:13:
55:3e:b0:03:d9:bb:89:19:9c:74:43:98:21:1a:d3:
1f:93:de:be:5d:d9:6c:39:f5:29:5f:0b:32:98:51:
73:e7:af:4b:b0:d3:14:34:89:ea:29:3c:f5:41:87:
d8:57:84:6e:9b:a4:3e:66:8c:29:88:0b:57:17:7c:
b9:11:24:bb:82:98:2f:b8:4c:d6:dd:19:9a:b0:f3:
e2:eb:67:a2:d8:25:e7:09:43:47:91:60:5c:26:2d:
0b:e0:8d:fe:34:05:34:b2:ae:21:9d:02:20:68:0f:
1d:b0:0d:f8:da:0f:8c:d3:44:19:71:67:0b:6c:3d:
70:a5:9d:11:41:4e:23:5e:e5:cb:ca:8d:99:9f:14:
3b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:BB:F3:53:FE:BF:C2:51:1C:2F:97:9A:D7:8E:6F:A3:A1:BC:EF:41
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/r7vzU_6_wlEcL5ea145vo6G870E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.100.0/24
188.191.104.0/24
188.191.106.0/24
Signature Algorithm: sha256WithRSAEncryption
12:f0:41:96:53:05:82:af:9b:86:82:09:28:68:e3:5e:87:c3:
67:17:8f:9a:ab:6b:11:89:5b:36:be:2f:c3:cc:01:ef:e8:c1:
2b:cd:28:41:71:ab:92:a7:98:23:74:26:f9:ef:c8:2c:d1:8e:
72:10:41:1b:d1:a3:0c:4a:d2:59:96:08:e0:5a:32:67:ac:f4:
7c:b3:ed:d9:41:f1:23:06:05:5c:cb:e8:17:ed:ac:06:44:38:
73:05:5b:6e:c6:05:4b:42:a6:66:df:eb:5a:0e:05:70:f7:fd:
bf:17:70:81:6f:96:93:92:13:e5:52:5d:59:0b:75:45:90:fe:
0d:dd:1e:8b:cb:8f:f0:ea:01:2b:14:9d:90:60:9c:17:dd:d7:
c7:71:13:ef:2d:6d:94:c6:54:ed:53:72:97:61:64:20:99:dc:
06:c8:b1:ca:09:0d:75:60:72:d8:a6:ef:b1:37:8a:08:5f:fd:
dd:95:52:f9:3d:10:ea:05:b8:53:9c:08:15:29:a9:12:40:1d:
33:85:56:c7:32:84:bf:3a:fc:79:26:86:2f:5c:e6:74:82:ad:
68:df:2c:dd:c7:89:ef:4b:4e:c9:9b:1c:1f:4a:5a:3a:c7:d5:
d3:39:c8:d3:8b:ac:28:17:36:64:04:12:cd:29:35:d3:43:1f:
60:82:9c:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZf31XGhZYvbW+E9h/aA9KUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwMjE3MTQ1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmJiZjM1M2ZlYmZjMjUxMWMyZjk3OWFkNzhlNmZhM2ExYmNlZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjY2vHa1RyfxfeCIg2U7rvcdHNaaY
22xsAcHTiv7hoY/HZ1699PiW98t3jtmgwFk4VPspkBjUY7Z56HLEoYBOEb1qIuOn
4pWoHxMQ9i0aJ1YEij5vKTMHCSDtzNxidGnnCT8fdunNF5ldrqLwL6OkUuY6Pl1L
sxNVPrAD2buJGZx0Q5ghGtMfk96+XdlsOfUpXwsymFFz569LsNMUNInqKTz1QYfY
V4Rum6Q+ZowpiAtXF3y5ESS7gpgvuEzW3RmasPPi62ei2CXnCUNHkWBcJi0L4I3+
NAU0sq4hnQIgaA8dsA342g+M00QZcWcLbD1wpZ0RQU4jXuXLyo2ZnxQ7NwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK+781P+v8JRHC+XmteOb6OhvO9BMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvcjd2elVfNl93bEVjTDVlYTE0NXZvNkc4NzBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvL9kAwQA
vL9oAwQAvL9qMA0GCSqGSIb3DQEBCwUAA4IBAQAS8EGWUwWCr5uGggkoaONeh8Nn
F4+aq2sRiVs2vi/DzAHv6MErzShBcauSp5gjdCb578gs0Y5yEEEb0aMMStJZlgjg
WjJnrPR8s+3ZQfEjBgVcy+gX7awGRDhzBVtuxgVLQqZm3+taDgVw9/2/F3CBb5aT
khPlUl1ZC3VFkP4N3R6Ly4/w6gErFJ2QYJwX3dfHcRPvLW2UxlTtU3KXYWQgmdwG
yLHKCQ11YHLYpu+xN4oIX/3dlVL5PRDqBbhTnAgVKakSQB0zhVbHMoS/Ovx5JoYv
XOZ0gq1o3yzdx4nvS07JmxwfSlo6x9XTOcjTi6woFzZkBBLNKTXTQx9ggpzh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org