Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/1-02eSUpK9iSLfg6cx4hgWw6ViWU.roa
File: 1-02eSUpK9iSLfg6cx4hgWw6ViWU.roa (raw, json)
Hash identifier: bjQJW0YigBjbpyiAOBnbQLP69v4oVpj571nu37Kr6Qk=
Subject key identifier: FB:4D:9E:49:4A:4A:F6:24:8B:7E:0E:9C:C7:88:60:5B:0E:95:89:65
Certificate issuer: /CN=7df0897eab3eed6e24eddd676e8bf9377fb4480c
Certificate serial: 018BECB16602716217E4BCC3160440A2E2A5
Authority key identifier: 7D:F0:89:7E:AB:3E:ED:6E:24:ED:DD:67:6E:8B:F9:37:7F:B4:48:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffCJfqs-7W4k7d1nbov5N3-0SAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/1-02eSUpK9iSLfg6cx4hgWw6ViWU.roa
Signing time: Mon 20 Nov 2023 12:25:30 +0000
ROA not before: Mon 20 Nov 2023 12:25:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35313
IP address blocks: 188.137.168.0/21 maxlen: 24
188.137.203.0/24 maxlen: 24
188.137.200.0/24 maxlen: 24
188.137.201.0/24 maxlen: 24
188.137.202.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:b1:66:02:71:62:17:e4:bc:c3:16:04:40:a2:e2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df0897eab3eed6e24eddd676e8bf9377fb4480c
Validity
Not Before: Nov 20 12:25:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb4d9e494a4af6248b7e0e9cc788605b0e958965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:98:21:70:0d:21:b4:f6:31:b4:e7:ba:fa:0e:
12:77:23:9a:bf:52:e3:0f:bd:35:b4:de:0d:88:0a:
5a:da:8b:96:5b:f0:b5:cf:7c:1d:22:0d:52:3b:72:
ab:6f:2e:41:f3:97:5f:29:c6:d5:d8:74:2d:bf:f3:
c1:23:91:cf:ed:b1:20:d2:ec:d8:ad:e2:de:e0:fc:
88:2d:fa:1e:ae:5a:61:5a:9c:86:65:49:ee:29:47:
46:13:55:fa:b3:31:81:a2:c9:e5:65:71:2a:47:7b:
32:66:20:97:b3:e8:cf:47:90:bc:ba:3e:cf:d2:c1:
5e:13:b6:51:57:a0:cc:f4:2c:07:65:23:ca:63:10:
ac:7b:25:e1:02:92:30:94:2a:5f:b6:d6:a7:c8:50:
e6:af:4b:67:bf:ed:2a:69:04:48:24:29:e6:eb:1e:
11:68:93:6c:d1:21:ec:c0:66:55:80:72:1a:3c:cb:
c1:e8:79:72:42:90:9d:f5:00:6e:0c:11:2e:2b:35:
03:f1:b9:4d:a1:4c:97:79:9f:22:62:99:5b:86:75:
e2:3b:ef:72:65:79:d8:b7:1b:ac:49:ba:49:5b:e0:
17:9a:21:ce:7e:77:45:f3:13:3e:1c:af:98:44:34:
e6:8d:32:1b:a0:10:84:74:27:ae:fe:37:0b:93:b8:
6f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:4D:9E:49:4A:4A:F6:24:8B:7E:0E:9C:C7:88:60:5B:0E:95:89:65
X509v3 Authority Key Identifier:
keyid:7D:F0:89:7E:AB:3E:ED:6E:24:ED:DD:67:6E:8B:F9:37:7F:B4:48:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffCJfqs-7W4k7d1nbov5N3-0SAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/1-02eSUpK9iSLfg6cx4hgWw6ViWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/ffCJfqs-7W4k7d1nbov5N3-0SAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.137.168.0/21
188.137.200.0/22
Signature Algorithm: sha256WithRSAEncryption
05:61:6f:7d:d6:62:b0:f5:c8:cb:9c:1f:95:fb:f4:0a:4a:f2:
b3:8e:09:77:c6:75:74:3a:61:b9:e3:89:3b:a5:f4:bd:dd:3b:
5a:fb:bb:1c:03:30:6f:a4:5b:32:39:9e:63:fa:b6:b0:fb:11:
00:c0:bb:dd:29:90:7f:59:d7:98:bc:18:39:2e:19:30:f5:99:
b3:4b:d4:a0:f6:ab:f5:6b:76:b2:69:51:45:b7:f3:19:31:37:
5b:e2:14:ce:37:11:0c:53:a8:03:c3:42:27:8c:c9:52:fc:59:
50:17:65:55:4e:ee:4e:11:08:b6:bd:b4:82:94:44:37:c9:4d:
77:de:f7:c7:ca:4f:ef:80:d9:f6:2b:e3:aa:78:85:18:30:d7:
97:8f:5b:f6:0d:b7:0c:81:09:d6:31:ab:79:87:2a:f6:ff:fd:
42:83:20:a7:5c:60:32:a4:0b:41:fe:02:5f:b9:ab:2c:52:1d:
0c:07:96:4b:34:bf:fd:a5:c1:a6:cd:d7:a2:61:2d:5f:84:25:
f5:ec:18:51:82:a0:89:05:88:d1:16:9a:ea:16:aa:c9:e0:71:
b5:25:91:c2:fa:67:54:b3:bb:7a:5b:0b:c1:9e:f8:fb:0a:83:
4e:6c:22:02:ed:f4:67:2f:01:c7:65:94:f9:bb:d2:10:6c:18:
7b:ce:4b:3b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYvssWYCcWIX5LzDFgRAouKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjA4OTdlYWIzZWVkNmUyNGVkZGQ2NzZlOGJmOTM3N2Zi
NDQ4MGMwHhcNMjMxMTIwMTIyNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjRkOWU0OTRhNGFmNjI0OGI3ZTBlOWNjNzg4NjA1YjBlOTU4OTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppghcA0htPYxtOe6+g4SdyOav1Lj
D701tN4NiApa2ouWW/C1z3wdIg1SO3Krby5B85dfKcbV2HQtv/PBI5HP7bEg0uzY
reLe4PyILfoerlphWpyGZUnuKUdGE1X6szGBosnlZXEqR3syZiCXs+jPR5C8uj7P
0sFeE7ZRV6DM9CwHZSPKYxCseyXhApIwlCpfttanyFDmr0tnv+0qaQRIJCnm6x4R
aJNs0SHswGZVgHIaPMvB6HlyQpCd9QBuDBEuKzUD8blNoUyXeZ8iYplbhnXiO+9y
ZXnYtxusSbpJW+AXmiHOfndF8xM+HK+YRDTmjTIboBCEdCeu/jcLk7hvnwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPtNnklKSvYki34OnMeIYFsOlYllMB8GA1UdIwQY
MBaAFH3wiX6rPu1uJO3dZ26L+Td/tEgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZDSmZxcy03VzRrN2QxbmJvdjVOMy0wU0F3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zOTI1ZTktNjVlYS00NjJlLWFlMjgt
ZDJjMjlkYzA0MmU3LzEvMS0wMmVTVXBLOWlTTGZnNmN4NGhnV3c2VmlXVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWMvMzkyNWU5LTY1ZWEtNDYyZS1hZTI4LWQyYzI5ZGMwNDJl
Ny8xL2ZmQ0pmcXMtN1c0azdkMW5ib3Y1TjMtMFNBdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA7yJqAME
AryJyDANBgkqhkiG9w0BAQsFAAOCAQEABWFvfdZisPXIy5wflfv0Ckrys44Jd8Z1
dDphueOJO6X0vd07Wvu7HAMwb6RbMjmeY/q2sPsRAMC73SmQf1nXmLwYOS4ZMPWZ
s0vUoPar9Wt2smlRRbfzGTE3W+IUzjcRDFOoA8NCJ4zJUvxZUBdlVU7uThEItr20
gpREN8lNd973x8pP74DZ9ivjqniFGDDXl49b9g23DIEJ1jGreYcq9v/9QoMgp1xg
MqQLQf4CX7mrLFIdDAeWSzS//aXBps3XomEtX4Ql9ewYUYKgiQWI0Raa6haqyeBx
tSWRwvpnVLO7elsLwZ74+wqDTmwiAu30Zy8Bx2WU+bvSEGwYe85LOw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:08 2024 by rpki-client on console-fra.rpki-client.org