Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/1rZcIopMXWn60dX2jroeyxeaVRM.roa
File: 1rZcIopMXWn60dX2jroeyxeaVRM.roa (raw, json)
Hash identifier: TbEHGBuAMaCc7j2gW9SAwTvytJM1pC5lCo7dyY6xe58=
Subject key identifier: D6:B6:5C:22:8A:4C:5D:69:FA:D1:D5:F6:8E:BA:1E:CB:17:9A:55:13
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 01856F5DE1AA77829F4B23695F12A2DB61A0
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/1rZcIopMXWn60dX2jroeyxeaVRM.roa
Signing time: Sun 01 Jan 2023 22:05:01 +0000
ROA not before: Sun 01 Jan 2023 22:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58328
IP address blocks: 188.123.96.0/21 maxlen: 21
188.123.104.0/23 maxlen: 23
188.123.106.0/23 maxlen: 23
188.123.108.0/22 maxlen: 22
188.123.116.0/23 maxlen: 23
188.123.118.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:e1:aa:77:82:9f:4b:23:69:5f:12:a2:db:61:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 22:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6b65c228a4c5d69fad1d5f68eba1ecb179a5513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e4:f4:d9:2b:1e:f1:a8:2d:43:18:d0:e8:90:
63:8e:67:af:19:2e:8f:a9:98:37:61:fe:3d:d6:3c:
9a:b9:93:34:bb:55:e9:01:80:49:92:a2:71:ba:db:
6b:73:89:48:4c:0b:99:ef:ab:da:44:70:1b:b1:32:
cd:4c:b0:e4:11:f0:8d:6c:b2:de:66:18:f2:19:1d:
6d:f2:25:c0:b9:22:0a:85:2a:1e:07:a8:7c:ab:c2:
bf:e2:51:a6:77:26:9a:3d:95:e7:f9:45:97:3d:ba:
0a:3e:3b:7b:a8:f5:96:fe:37:5c:52:85:79:72:d9:
ba:5e:d0:bc:23:90:a1:05:b7:d8:80:00:bb:52:1a:
45:3c:40:4a:0e:d8:b9:70:a6:cf:37:28:14:45:fe:
2d:42:1a:f1:0e:49:cd:08:f6:ff:40:13:5b:ae:db:
68:84:91:5d:51:5a:15:41:1c:da:32:b5:e1:92:41:
2d:f3:4f:6c:f0:63:7d:ae:06:de:61:64:7d:5e:05:
a6:16:79:b7:45:6d:69:5f:11:64:ae:a3:77:02:b7:
59:d5:73:b6:c1:c8:59:e5:90:a3:9f:ea:03:0e:28:
9d:20:9b:ae:2f:63:0e:84:40:c2:2c:f8:59:dd:61:
63:a4:ba:ff:4f:85:ea:f7:ba:b8:32:9a:ba:ca:32:
b9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B6:5C:22:8A:4C:5D:69:FA:D1:D5:F6:8E:BA:1E:CB:17:9A:55:13
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/1rZcIopMXWn60dX2jroeyxeaVRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.123.96.0/20
188.123.116.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:03:3f:14:fb:8b:a9:15:fd:32:14:2b:86:ac:a4:92:84:81:
5b:d9:82:46:78:89:c9:63:a6:c3:28:c2:3b:96:51:1b:ae:08:
98:3d:17:59:2d:7b:02:8f:59:d8:fe:32:87:e6:7b:31:c5:72:
35:56:52:36:0e:d7:c8:99:d4:45:12:cb:a6:b7:21:13:01:ec:
b5:44:f7:4d:5c:99:b4:36:de:9d:56:7d:7b:74:a5:6d:ba:4c:
c9:56:22:f5:af:7c:30:51:d3:81:c6:02:bf:0e:9f:9b:3b:05:
4d:57:7d:66:e4:c4:7b:f7:2f:00:69:f3:67:e4:6f:e0:2b:46:
64:5f:89:92:9e:e3:0a:35:64:d4:58:23:ab:26:28:04:3f:a3:
e3:cc:4d:da:ad:92:3f:3a:ce:90:78:43:7a:24:79:e8:28:e2:
e5:c3:35:d5:7c:c9:cb:de:0f:30:3f:89:43:a4:25:72:4e:d2:
87:7f:19:a1:f7:f4:6b:66:5d:57:1d:c2:fb:3f:b4:03:52:03:
e8:fb:0a:03:db:6c:cd:91:c9:18:9f:97:d4:d2:cb:98:47:ee:
f5:52:28:31:4c:56:c7:23:df:66:25:55:1d:9d:25:ee:2b:df:
d0:3b:c0:c4:ca:e8:99:ac:53:9b:2c:75:46:e7:79:a6:6a:58:
84:84:9d:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvXeGqd4KfSyNpXxKi22GgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjMwMTAxMjIwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmI2NWMyMjhhNGM1ZDY5ZmFkMWQ1ZjY4ZWJhMWVjYjE3OWE1NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueT02Sse8agtQxjQ6JBjjmevGS6P
qZg3Yf491jyauZM0u1XpAYBJkqJxuttrc4lITAuZ76vaRHAbsTLNTLDkEfCNbLLe
ZhjyGR1t8iXAuSIKhSoeB6h8q8K/4lGmdyaaPZXn+UWXPboKPjt7qPWW/jdcUoV5
ctm6XtC8I5ChBbfYgAC7UhpFPEBKDti5cKbPNygURf4tQhrxDknNCPb/QBNbrtto
hJFdUVoVQRzaMrXhkkEt809s8GN9rgbeYWR9XgWmFnm3RW1pXxFkrqN3ArdZ1XO2
wchZ5ZCjn+oDDiidIJuuL2MOhEDCLPhZ3WFjpLr/T4Xq97q4Mpq6yjK5rQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNa2XCKKTF1p+tHV9o66HssXmlUTMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvMXJaY0lvcE1YV242MGRYMmpyb2V5eGVhVlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEvHtgAwQC
vHt0MA0GCSqGSIb3DQEBCwUAA4IBAQA9Az8U+4upFf0yFCuGrKSShIFb2YJGeInJ
Y6bDKMI7llEbrgiYPRdZLXsCj1nY/jKH5nsxxXI1VlI2DtfImdRFEsumtyETAey1
RPdNXJm0Nt6dVn17dKVtukzJViL1r3wwUdOBxgK/Dp+bOwVNV31m5MR79y8AafNn
5G/gK0ZkX4mSnuMKNWTUWCOrJigEP6PjzE3arZI/Os6QeEN6JHnoKOLlwzXVfMnL
3g8wP4lDpCVyTtKHfxmh9/RrZl1XHcL7P7QDUgPo+woD22zNkckYn5fU0suYR+71
UigxTFbHI99mJVUdnSXuK9/QO8DEyuiZrFObLHVG53mmaliEhJ2i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:57 2024 by rpki-client on console-ams.rpki-client.org