Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/S-bOPNKRMxPHVOM7p3QZKkcvCUQ.roa
File: S-bOPNKRMxPHVOM7p3QZKkcvCUQ.roa (raw, json)
Hash identifier: ILsokiUMrwTyRS0JFiiv5Dn3RJngOAm72bmzWpJ76Ns=
Subject key identifier: 4B:E6:CE:3C:D2:91:33:13:C7:54:E3:3B:A7:74:19:2A:47:2F:09:44
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0191B841255028AD932091B318C45C81C2BB
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/S-bOPNKRMxPHVOM7p3QZKkcvCUQ.roa
Signing time: Tue 03 Sep 2024 14:19:22 +0000
ROA not before: Tue 03 Sep 2024 14:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393886
IP address blocks: 188.119.188.0/24 maxlen: 24
188.119.189.0/24 maxlen: 24
188.119.190.0/24 maxlen: 24
188.119.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 14:31:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b8:41:25:50:28:ad:93:20:91:b3:18:c4:5c:81:c2:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Sep 3 14:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4be6ce3cd2913313c754e33ba774192a472f0944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cd:30:34:cf:6d:6e:05:e3:f2:30:35:24:9e:
ad:1b:3a:4d:e0:b5:62:83:2c:5c:44:9b:55:b1:ed:
9a:3b:d9:f6:1c:a4:79:b0:12:80:9b:cc:ae:a2:b4:
ad:85:f6:0c:d4:ac:1a:83:ee:47:90:06:22:55:42:
52:ec:ad:4e:70:a8:db:08:40:3c:bb:d6:50:4c:d0:
10:2c:ea:71:ff:0a:76:31:bc:f9:d0:4a:b0:59:5d:
8b:f4:72:fb:0f:67:71:9b:06:0f:e8:5c:3a:53:3b:
c5:ea:d7:c4:fe:99:50:8e:10:81:1b:e5:8d:fb:79:
0f:75:8c:22:0e:ce:ec:33:a9:bf:19:d3:81:71:c0:
ca:c7:0d:b9:56:4c:e0:70:fe:cf:2f:7e:df:76:49:
07:25:43:75:60:05:44:3e:22:ce:f0:1a:3d:5b:64:
11:64:ce:17:51:fc:bb:1b:64:0f:b0:19:f6:5e:e3:
52:4e:e3:35:14:cd:58:bb:9a:09:b2:1d:2c:b8:c0:
a0:a1:9d:41:54:79:57:d1:8d:13:57:3b:fd:c4:8a:
1a:92:61:51:85:99:c8:21:0f:17:a5:dd:46:76:0d:
a5:9f:f9:06:34:a8:8c:c3:36:7d:5d:1e:52:3d:79:
bc:c2:25:09:01:f6:aa:1f:fd:58:c3:e0:f3:78:5c:
c8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E6:CE:3C:D2:91:33:13:C7:54:E3:3B:A7:74:19:2A:47:2F:09:44
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/S-bOPNKRMxPHVOM7p3QZKkcvCUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.119.188.0/22
Signature Algorithm: sha256WithRSAEncryption
33:7c:f3:7b:6d:36:38:6f:d7:1e:b9:05:8f:44:c9:b0:43:ae:
ce:31:5f:c6:15:7e:90:40:9a:8d:72:95:7a:57:fd:86:7e:8d:
b4:06:a8:bb:4f:73:57:3a:b6:c1:82:aa:ea:72:e3:71:7a:be:
2d:ba:b1:ce:22:21:64:4e:77:59:00:6c:c7:bc:25:40:c7:a6:
21:14:6f:ed:67:91:72:4c:5e:6a:7b:a3:95:71:69:1e:fd:45:
f7:07:06:46:30:02:44:9e:fa:4b:e4:21:09:e3:50:2d:a4:46:
3f:f6:e7:a2:47:9f:3d:1b:a6:f9:74:25:ce:3f:3f:47:5f:43:
8b:43:40:02:76:ad:92:59:cb:0f:4c:09:a6:ed:a7:82:c7:19:
18:4c:06:c0:93:96:e2:3e:86:79:d2:57:a1:66:e2:6f:e3:cb:
1b:56:93:e7:59:e0:39:a6:6e:be:aa:20:1b:81:7e:c0:4a:58:
c1:c5:ce:f8:81:5b:5f:67:42:38:1e:cb:a4:97:40:43:0a:d9:
51:aa:1b:8c:e0:1b:ac:b3:ff:d5:10:8b:a9:43:95:11:6d:2e:
14:b9:b9:0a:0f:c5:de:1c:fe:68:5c:61:b5:82:05:64:2c:19:
c3:c5:bb:09:87:00:1b:67:3f:40:12:d5:d5:c0:58:5b:1a:bb:
b9:98:d8:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZG4QSVQKK2TIJGzGMRcgcK7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwOTAzMTQxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmU2Y2UzY2QyOTEzMzEzYzc1NGUzM2JhNzc0MTkyYTQ3MmYwOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc0wNM9tbgXj8jA1JJ6tGzpN4LVi
gyxcRJtVse2aO9n2HKR5sBKAm8yuorSthfYM1Kwag+5HkAYiVUJS7K1OcKjbCEA8
u9ZQTNAQLOpx/wp2Mbz50EqwWV2L9HL7D2dxmwYP6Fw6UzvF6tfE/plQjhCBG+WN
+3kPdYwiDs7sM6m/GdOBccDKxw25VkzgcP7PL37fdkkHJUN1YAVEPiLO8Bo9W2QR
ZM4XUfy7G2QPsBn2XuNSTuM1FM1Yu5oJsh0suMCgoZ1BVHlX0Y0TVzv9xIoakmFR
hZnIIQ8Xpd1Gdg2ln/kGNKiMwzZ9XR5SPXm8wiUJAfaqH/1Yw+DzeFzI0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvmzjzSkTMTx1TjO6d0GSpHLwlEMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvUy1iT1BOS1JNeFBIVk9NN3AzUVpLa2N2Q1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvHe8MA0G
CSqGSIb3DQEBCwUAA4IBAQAzfPN7bTY4b9ceuQWPRMmwQ67OMV/GFX6QQJqNcpV6
V/2Gfo20Bqi7T3NXOrbBgqrqcuNxer4turHOIiFkTndZAGzHvCVAx6YhFG/tZ5Fy
TF5qe6OVcWke/UX3BwZGMAJEnvpL5CEJ41AtpEY/9ueiR589G6b5dCXOPz9HX0OL
Q0ACdq2SWcsPTAmm7aeCxxkYTAbAk5biPoZ50lehZuJv48sbVpPnWeA5pm6+qiAb
gX7ASljBxc74gVtfZ0I4Hsukl0BDCtlRqhuM4Buss//VEIupQ5URbS4UubkKD8Xe
HP5oXGG1ggVkLBnDxbsJhwAbZz9AEtXVwFhbGru5mNjX
-----END CERTIFICATE-----
Generated at Thu Oct 31 17:47:13 2024 by rpki-client on console-fra.rpki-client.org