Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/XvGBd-Dh__hm-RIgj4GxUw3WYPo.roa
File: XvGBd-Dh__hm-RIgj4GxUw3WYPo.roa (raw, json)
Hash identifier: uu7hSXqfXHq7OoefvvYGc6INP1aQqnk+/nNjr31yiOo=
Subject key identifier: 5E:F1:81:77:E0:E1:FF:F8:66:F9:12:20:8F:81:B1:53:0D:D6:60:FA
Certificate issuer: /CN=d4375814344df0bf6d017733acdc488f002631b2
Certificate serial: 0192DD15825F8A401F4DEA76FB9EEAE8967E
Authority key identifier: D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/XvGBd-Dh__hm-RIgj4GxUw3WYPo.roa
Signing time: Wed 30 Oct 2024 11:00:27 +0000
ROA not before: Wed 30 Oct 2024 11:00:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139646
IP address blocks: 188.130.228.0/22 maxlen: 22
188.130.228.0/23 maxlen: 24
188.130.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 10:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dd:15:82:5f:8a:40:1f:4d:ea:76:fb:9e:ea:e8:96:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4375814344df0bf6d017733acdc488f002631b2
Validity
Not Before: Oct 30 11:00:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ef18177e0e1fff866f912208f81b1530dd660fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2c:36:5f:ff:f7:d0:ed:42:03:2b:0f:88:13:
cf:dc:9d:e5:45:d1:20:11:2e:bb:10:f1:89:16:1e:
76:65:bc:25:ed:15:0b:f4:bd:9c:8d:4d:40:0e:8a:
d2:2b:1e:63:6f:0f:c3:a8:87:dc:ee:cc:ce:fb:85:
90:cc:44:a1:81:85:7c:e3:6e:9b:da:f8:d0:49:90:
0e:dc:c8:12:34:36:da:0f:a4:28:ba:ed:e8:26:79:
e1:a6:dd:59:bf:ed:13:ac:be:e7:29:25:49:84:0f:
fe:59:b1:db:a1:54:1d:af:16:e7:67:e8:ed:fa:91:
13:90:d7:26:67:c7:ca:e4:4d:74:5c:8d:d2:af:f7:
a3:2d:6e:da:37:ef:81:88:6f:79:a4:de:9a:1b:39:
ff:c0:f1:ec:66:3f:26:c3:6a:c5:47:f2:54:65:50:
51:df:6e:02:43:30:17:0c:89:7c:eb:5b:e7:19:25:
8c:78:a3:38:50:07:eb:50:85:3b:ca:c5:15:5b:ba:
68:3f:29:57:fc:b0:b1:5d:94:35:72:99:ec:e8:5c:
26:71:a8:a5:31:16:51:fe:1b:54:f9:bd:48:29:37:
cd:65:3f:c2:13:83:f6:af:4d:a1:db:a9:6d:47:83:
4e:9c:c2:d4:d0:ce:56:e5:4e:19:1d:cd:60:21:27:
e9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F1:81:77:E0:E1:FF:F8:66:F9:12:20:8F:81:B1:53:0D:D6:60:FA
X509v3 Authority Key Identifier:
keyid:D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/XvGBd-Dh__hm-RIgj4GxUw3WYPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.228.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:7d:e8:df:b3:e4:69:5a:79:4b:8b:3f:6a:3a:3e:88:1d:eb:
be:d4:69:50:7d:dd:25:e3:88:e1:63:80:fe:46:4b:83:1a:fc:
47:75:b5:c8:bb:75:e9:fc:69:67:8b:78:63:0d:f4:35:20:47:
06:be:83:ca:44:8a:23:7f:ed:ed:c3:87:fe:98:e0:5c:77:05:
d8:02:81:e6:91:e7:21:cc:13:06:76:14:8f:e7:7f:85:9d:60:
08:97:f8:e3:69:50:8e:6e:f7:5a:a1:32:15:59:bb:ae:c1:93:
25:38:e6:4c:0f:6b:0a:12:39:1e:f5:20:ff:42:55:6f:4a:25:
ed:d3:b6:ba:33:13:fb:eb:39:5f:8f:87:ed:52:37:07:a0:43:
a8:01:3f:b7:4f:1c:a4:5d:f3:21:89:9f:71:cf:a1:65:77:5d:
77:58:12:9a:00:53:30:70:52:fd:64:6b:7b:ca:3f:fa:be:fd:
e4:ee:aa:df:1a:7c:eb:29:0f:ea:ea:47:4c:20:fe:2d:f1:d7:
19:ff:bf:c1:20:27:3d:2b:4a:a9:f0:3f:e6:f2:22:2b:ec:4e:
3e:c3:ac:0e:a4:c3:3a:f7:bf:9a:46:54:1c:ef:77:a2:9a:bd:
d0:5f:3e:c2:23:69:08:c1:49:71:8b:29:83:aa:db:a3:79:ca:
6a:f0:84:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLdFYJfikAfTep2+57q6JZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Mzc1ODE0MzQ0ZGYwYmY2ZDAxNzczM2FjZGM0ODhmMDAy
NjMxYjIwHhcNMjQxMDMwMTEwMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWYxODE3N2UwZTFmZmY4NjZmOTEyMjA4ZjgxYjE1MzBkZDY2MGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Sw2X//30O1CAysPiBPP3J3lRdEg
ES67EPGJFh52Zbwl7RUL9L2cjU1ADorSKx5jbw/DqIfc7szO+4WQzEShgYV8426b
2vjQSZAO3MgSNDbaD6Qouu3oJnnhpt1Zv+0TrL7nKSVJhA/+WbHboVQdrxbnZ+jt
+pETkNcmZ8fK5E10XI3Sr/ejLW7aN++BiG95pN6aGzn/wPHsZj8mw2rFR/JUZVBR
324CQzAXDIl861vnGSWMeKM4UAfrUIU7ysUVW7poPylX/LCxXZQ1cpns6Fwmcail
MRZR/htU+b1IKTfNZT/CE4P2r02h26ltR4NOnMLU0M5W5U4ZHc1gISfphwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7xgXfg4f/4ZvkSII+BsVMN1mD6MB8GA1UdIwQY
MBaAFNQ3WBQ0TfC/bQF3M6zcSI8AJjGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2Yt
MzY3MWQ2N2ViOWY4LzEvWHZHQmQtRGhfX2htLVJJZ2o0R3hVdzNXWVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2YtMzY3MWQ2N2ViOWY4
LzEvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvILkMA0G
CSqGSIb3DQEBCwUAA4IBAQCNfejfs+RpWnlLiz9qOj6IHeu+1GlQfd0l44jhY4D+
RkuDGvxHdbXIu3Xp/Glni3hjDfQ1IEcGvoPKRIojf+3tw4f+mOBcdwXYAoHmkech
zBMGdhSP53+FnWAIl/jjaVCObvdaoTIVWbuuwZMlOOZMD2sKEjke9SD/QlVvSiXt
07a6MxP76zlfj4ftUjcHoEOoAT+3TxykXfMhiZ9xz6Fld113WBKaAFMwcFL9ZGt7
yj/6vv3k7qrfGnzrKQ/q6kdMIP4t8dcZ/7/BICc9K0qp8D/m8iIr7E4+w6wOpMM6
97+aRlQc73eimr3QXz7CI2kIwUlxiymDqtujecpq8ITB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:37 2025 by rpki-client