Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/pQlkybh2FIfaJzsuJRlREmk1oxQ.roa
File: pQlkybh2FIfaJzsuJRlREmk1oxQ.roa (raw, json)
Hash identifier: uHumj8SHBjOKxiqpBG3/y6RrUKKFeeqqKbiDSTIRxEE=
Subject key identifier: A5:09:64:C9:B8:76:14:87:DA:27:3B:2E:25:19:51:12:69:35:A3:14
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 0192104EBE4247EB3759A431A4143452056D
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/pQlkybh2FIfaJzsuJRlREmk1oxQ.roa
Signing time: Fri 20 Sep 2024 16:40:48 +0000
ROA not before: Fri 20 Sep 2024 16:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396856
IP address blocks: 188.64.108.0/22 maxlen: 24
188.64.110.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 21 Sep 2024 08:42:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:10:4e:be:42:47:eb:37:59:a4:31:a4:14:34:52:05:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Sep 20 16:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a50964c9b8761487da273b2e251951126935a314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:36:0e:98:b7:31:ef:ef:1b:93:1c:22:fb:1a:
e4:1e:63:ed:0f:d1:a6:15:8a:2f:31:3e:dd:97:40:
fb:0e:de:25:19:68:1f:21:fd:30:85:47:21:9a:1a:
8e:d0:13:0f:36:be:ca:96:4d:c3:3b:0a:63:be:f2:
45:ff:da:fd:64:0d:49:34:6a:e2:af:48:08:a2:65:
93:d0:ee:e4:a2:4c:16:70:17:0e:1d:dc:3f:ba:c8:
21:f0:05:a0:f5:09:36:c1:12:e3:ac:39:2d:0d:3f:
25:c0:02:b1:d5:37:3a:7a:29:0e:7f:30:4d:00:9d:
a8:88:4b:4d:d7:6b:90:37:fa:0e:6b:02:b5:2c:fe:
d1:6f:69:69:e4:8f:1e:59:7c:a8:e2:c9:9b:66:fe:
be:f7:ed:1c:ba:f7:11:c4:9b:6f:64:bf:d9:0d:47:
5e:6d:4f:50:e3:fd:bb:7c:a1:73:eb:89:9f:7e:c3:
5f:55:74:a3:54:39:a3:7d:c4:34:d0:41:2a:66:a6:
1e:60:9e:4e:51:88:66:73:0d:65:da:0c:9e:64:25:
9e:88:2f:35:c7:f7:54:cf:a2:8b:bc:81:44:2a:e1:
c7:6f:29:59:bd:80:70:e2:4b:52:3f:45:e0:c8:2a:
27:57:ff:e8:93:58:b2:47:f9:e7:82:c9:64:cd:3c:
ef:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:09:64:C9:B8:76:14:87:DA:27:3B:2E:25:19:51:12:69:35:A3:14
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/pQlkybh2FIfaJzsuJRlREmk1oxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.108.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:6b:41:6a:35:9c:ef:da:1f:ca:a8:fd:79:76:4d:99:49:2b:
a1:c9:3d:f0:0e:04:ee:99:e7:89:9c:db:8e:9e:cd:d4:80:71:
ae:2a:50:3a:d4:c3:dc:50:91:ec:c2:c3:2b:ff:44:53:ba:b7:
13:b2:3b:5d:46:ef:62:69:6d:09:cc:30:4c:68:22:68:b7:e2:
24:78:9d:f3:1f:5d:0b:83:25:6d:31:de:de:4f:c6:ad:a4:65:
3b:61:67:1f:06:7c:4a:1b:2a:df:df:7e:39:61:14:69:0a:06:
d6:54:fe:04:80:d5:b5:3c:49:e8:3d:32:1f:45:eb:0b:ba:14:
ad:38:68:97:8b:85:50:bb:ed:fe:9f:8d:8c:ef:eb:b7:8a:61:
7e:c0:c9:78:eb:6c:d9:c1:68:04:a3:47:7e:91:51:a8:1b:7a:
d6:e0:61:a6:ff:7a:96:7e:81:40:65:8f:04:b2:89:6b:68:00:
91:65:59:c0:8f:e3:16:d8:1b:dd:e9:d0:80:13:88:42:c8:f0:
c0:df:88:39:0b:06:3a:8e:ac:bd:7e:e3:cc:00:8a:d7:0d:df:
d1:72:eb:64:17:1d:7e:0a:a8:6a:2c:2b:14:82:75:0c:5f:40:
3c:98:12:0e:10:42:e6:76:8e:1b:07:12:1c:f4:90:96:3a:a8:
03:4f:4b:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIQTr5CR+s3WaQxpBQ0UgVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjQwOTIwMTY0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTA5NjRjOWI4NzYxNDg3ZGEyNzNiMmUyNTE5NTExMjY5MzVhMzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDYOmLcx7+8bkxwi+xrkHmPtD9Gm
FYovMT7dl0D7Dt4lGWgfIf0whUchmhqO0BMPNr7Klk3DOwpjvvJF/9r9ZA1JNGri
r0gIomWT0O7kokwWcBcOHdw/usgh8AWg9Qk2wRLjrDktDT8lwAKx1Tc6eikOfzBN
AJ2oiEtN12uQN/oOawK1LP7Rb2lp5I8eWXyo4smbZv6+9+0cuvcRxJtvZL/ZDUde
bU9Q4/27fKFz64mffsNfVXSjVDmjfcQ00EEqZqYeYJ5OUYhmcw1l2gyeZCWeiC81
x/dUz6KLvIFEKuHHbylZvYBw4ktSP0XgyConV//ok1iyR/nngslkzTzvUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKUJZMm4dhSH2ic7LiUZURJpNaMUMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvcFFsa3liaDJGSWZhSnpzdUpSbFJFbWsxb3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvEBsMA0G
CSqGSIb3DQEBCwUAA4IBAQCea0FqNZzv2h/KqP15dk2ZSSuhyT3wDgTumeeJnNuO
ns3UgHGuKlA61MPcUJHswsMr/0RTurcTsjtdRu9iaW0JzDBMaCJot+IkeJ3zH10L
gyVtMd7eT8atpGU7YWcfBnxKGyrf3345YRRpCgbWVP4EgNW1PEnoPTIfResLuhSt
OGiXi4VQu+3+n42M7+u3imF+wMl462zZwWgEo0d+kVGoG3rW4GGm/3qWfoFAZY8E
solraACRZVnAj+MW2Bvd6dCAE4hCyPDA34g5CwY6jqy9fuPMAIrXDd/RcutkFx1+
CqhqLCsUgnUMX0A8mBIOEELmdo4bBxIc9JCWOqgDT0vI
-----END CERTIFICATE-----
Generated at Sat Sep 21 12:53:58 2024 by rpki-client on console-ams.rpki-client.org