Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/79a605-6072-4142-856e-d8e1835693cd/1/E1aBkXIk0-XmGjSdHTMjKajpen0.roa
File: E1aBkXIk0-XmGjSdHTMjKajpen0.roa (raw, json)
Hash identifier: cPCu18i1MT/rKmVP1YZNxjU4hnnKeyVm306NL9s/D6c=
Subject key identifier: 13:56:81:91:72:24:D3:E5:E6:1A:34:9D:1D:33:23:29:A8:E9:7A:7D
Certificate issuer: /CN=9eb289f3d9e13be67a244b72bd24945b2c320a63
Certificate serial: 01857039AA3C80B864B61BE5B14833988EF4
Authority key identifier: 9E:B2:89:F3:D9:E1:3B:E6:7A:24:4B:72:BD:24:94:5B:2C:32:0A:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrKJ89nhO-Z6JEtyvSSUWywyCmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/79a605-6072-4142-856e-d8e1835693cd/1/E1aBkXIk0-XmGjSdHTMjKajpen0.roa
Signing time: Mon 02 Jan 2023 02:05:05 +0000
ROA not before: Mon 02 Jan 2023 02:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208359
IP address blocks: 188.119.109.0/24 maxlen: 24
188.119.108.0/24 maxlen: 24
188.119.111.0/24 maxlen: 24
188.119.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:aa:3c:80:b8:64:b6:1b:e5:b1:48:33:98:8e:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb289f3d9e13be67a244b72bd24945b2c320a63
Validity
Not Before: Jan 2 02:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=135681917224d3e5e61a349d1d332329a8e97a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f4:87:a2:ff:ac:c8:3d:ac:c7:69:51:61:50:
09:b7:18:59:29:48:01:41:0e:05:8a:ad:c4:68:4f:
d6:87:11:29:d1:33:9c:19:3d:46:2b:2f:bc:ac:c3:
3b:7a:76:96:a4:0c:2e:39:3c:f1:74:71:6e:8d:88:
13:b2:c2:0c:a8:a9:2a:50:30:63:3d:4a:e2:69:cc:
4b:8e:59:ce:3f:7c:0e:1b:80:93:27:db:99:05:22:
3a:5f:48:c8:c8:8c:92:47:1d:93:48:98:9f:ca:37:
e7:03:35:3b:5c:ac:63:ac:8c:88:89:06:dc:6c:31:
3b:cb:70:f5:66:b1:46:ea:f3:b9:7e:24:84:91:6e:
d0:b2:5c:2c:ad:b3:9f:33:cd:c4:0e:be:31:89:43:
b4:b4:31:4e:c6:6c:48:35:56:d9:47:53:2c:c8:05:
63:76:ec:4a:3e:ad:b3:c5:c8:79:e5:86:a2:b9:9f:
15:99:cc:6b:08:51:aa:be:0a:79:ba:d6:43:ac:17:
b1:13:7d:d0:cb:8c:e9:86:85:1b:0c:33:1f:ed:a5:
fb:06:01:79:93:41:b9:75:31:8f:29:41:fc:2d:b1:
a7:17:d2:25:a1:0f:7c:b3:07:11:bc:46:7a:3e:8b:
49:80:f9:61:ea:9f:7b:7d:f9:a1:0d:f4:17:8c:65:
38:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:56:81:91:72:24:D3:E5:E6:1A:34:9D:1D:33:23:29:A8:E9:7A:7D
X509v3 Authority Key Identifier:
keyid:9E:B2:89:F3:D9:E1:3B:E6:7A:24:4B:72:BD:24:94:5B:2C:32:0A:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrKJ89nhO-Z6JEtyvSSUWywyCmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/79a605-6072-4142-856e-d8e1835693cd/1/E1aBkXIk0-XmGjSdHTMjKajpen0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/79a605-6072-4142-856e-d8e1835693cd/1/nrKJ89nhO-Z6JEtyvSSUWywyCmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.119.108.0/22
Signature Algorithm: sha256WithRSAEncryption
57:df:0a:49:e2:63:c1:37:e7:b8:95:e0:ce:fb:cb:cb:8f:33:
fa:0e:88:38:c7:46:33:9f:72:f3:b7:d9:4b:b6:06:c4:cd:0c:
2c:86:03:66:ef:f3:64:a8:bf:43:5d:5c:c4:fa:f5:45:e8:07:
70:fc:58:2c:ec:b0:a4:d8:c7:fe:ff:3a:13:80:2e:10:5f:4c:
06:24:fc:40:39:68:b6:3a:33:26:54:30:b0:2d:8f:27:13:c2:
ab:b4:b1:a8:62:92:24:d9:6b:c9:35:24:ca:e3:a9:23:7f:b6:
c4:ee:30:3a:7d:38:7d:ea:00:36:2d:3a:69:97:ff:f8:4f:5e:
e6:3a:66:a5:cc:f2:b1:d5:a4:60:68:4a:f1:fb:12:c3:90:3c:
98:89:df:15:f6:59:bf:4b:06:7e:c0:4f:36:66:8c:8f:a7:26:
f4:d6:06:17:65:be:32:0f:bd:a2:65:51:26:05:ee:a8:7a:44:
5b:51:b9:e3:d9:6d:a6:a2:bf:f6:b0:fe:b3:1e:90:73:10:de:
59:b4:9f:0e:cd:12:4c:53:2c:18:58:0a:41:9c:fc:90:37:08:
e3:7b:a5:2f:b4:44:bf:8c:77:56:23:e0:66:e2:1a:f2:a0:7a:
d6:b4:ea:dc:57:84:b0:c9:1e:c1:9e:7f:a4:8f:33:1a:f4:6e:
bc:71:6e:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOao8gLhkthvlsUgzmI70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjI4OWYzZDllMTNiZTY3YTI0NGI3MmJkMjQ5NDViMmMz
MjBhNjMwHhcNMjMwMTAyMDIwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzU2ODE5MTcyMjRkM2U1ZTYxYTM0OWQxZDMzMjMyOWE4ZTk3YTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPSHov+syD2sx2lRYVAJtxhZKUgB
QQ4Fiq3EaE/WhxEp0TOcGT1GKy+8rMM7enaWpAwuOTzxdHFujYgTssIMqKkqUDBj
PUriacxLjlnOP3wOG4CTJ9uZBSI6X0jIyIySRx2TSJifyjfnAzU7XKxjrIyIiQbc
bDE7y3D1ZrFG6vO5fiSEkW7QslwsrbOfM83EDr4xiUO0tDFOxmxINVbZR1MsyAVj
duxKPq2zxch55YaiuZ8VmcxrCFGqvgp5utZDrBexE33Qy4zphoUbDDMf7aX7BgF5
k0G5dTGPKUH8LbGnF9IloQ98swcRvEZ6PotJgPlh6p97ffmhDfQXjGU4PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBNWgZFyJNPl5ho0nR0zIymo6Xp9MB8GA1UdIwQY
MBaAFJ6yifPZ4TvmeiRLcr0klFssMgpjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJLSjg5bmhPLVo2SkV0eXZTU1VXeXd5Q21NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83OWE2MDUtNjA3Mi00MTQyLTg1NmUt
ZDhlMTgzNTY5M2NkLzEvRTFhQmtYSWswLVhtR2pTZEhUTWpLYWpwZW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83OWE2MDUtNjA3Mi00MTQyLTg1NmUtZDhlMTgzNTY5M2Nk
LzEvbnJLSjg5bmhPLVo2SkV0eXZTU1VXeXd5Q21NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvHdsMA0G
CSqGSIb3DQEBCwUAA4IBAQBX3wpJ4mPBN+e4leDO+8vLjzP6Dog4x0Yzn3Lzt9lL
tgbEzQwshgNm7/NkqL9DXVzE+vVF6Adw/Fgs7LCk2Mf+/zoTgC4QX0wGJPxAOWi2
OjMmVDCwLY8nE8KrtLGoYpIk2WvJNSTK46kjf7bE7jA6fTh96gA2LTppl//4T17m
OmalzPKx1aRgaErx+xLDkDyYid8V9lm/SwZ+wE82ZoyPpyb01gYXZb4yD72iZVEm
Be6oekRbUbnj2W2mor/2sP6zHpBzEN5ZtJ8OzRJMUywYWApBnPyQNwjje6UvtES/
jHdWI+Bm4hryoHrWtOrcV4SwyR7Bnn+kjzMa9G68cW6L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:04 2024 by rpki-client on console-ams.rpki-client.org