Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/ub2nMpJLtaZSd-AZxKRzjb-ZN-E.roa
File: ub2nMpJLtaZSd-AZxKRzjb-ZN-E.roa (raw, json)
Hash identifier: SuMkGzWxnaJ3xTLArgXZQ9C5jLbnHgNgEfAHLIxloO4=
Subject key identifier: B9:BD:A7:32:92:4B:B5:A6:52:77:E0:19:C4:A4:73:8D:BF:99:37:E1
Certificate issuer: /CN=7df0897eab3eed6e24eddd676e8bf9377fb4480c
Certificate serial: 018AFFC966FC39A3EC1311323199B8D678CE
Authority key identifier: 7D:F0:89:7E:AB:3E:ED:6E:24:ED:DD:67:6E:8B:F9:37:7F:B4:48:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffCJfqs-7W4k7d1nbov5N3-0SAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/ub2nMpJLtaZSd-AZxKRzjb-ZN-E.roa
Signing time: Thu 05 Oct 2023 12:21:43 +0000
ROA not before: Thu 05 Oct 2023 12:21:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35313
IP address blocks: 188.137.203.0/24 maxlen: 24
188.137.200.0/24 maxlen: 24
188.137.201.0/24 maxlen: 24
188.137.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Nov 2023 12:25:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:c9:66:fc:39:a3:ec:13:11:32:31:99:b8:d6:78:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df0897eab3eed6e24eddd676e8bf9377fb4480c
Validity
Not Before: Oct 5 12:21:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9bda732924bb5a65277e019c4a4738dbf9937e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d1:5d:53:03:13:6a:9c:8c:e5:22:05:58:52:
e1:df:68:91:c8:bd:bb:e6:e1:8e:b0:5c:c5:30:5f:
9d:e7:be:0e:bb:27:24:3f:e7:62:31:41:64:20:2d:
26:ed:0a:4e:09:d3:45:7e:fc:90:8c:29:7b:fd:39:
14:d1:af:c0:f5:ce:3b:9f:28:9e:bf:e5:a4:05:05:
29:e1:d7:71:39:34:56:14:a2:8a:f5:d0:d0:0d:a4:
cc:87:29:c6:79:58:65:32:09:40:32:62:05:0f:a8:
c4:b4:88:b9:59:8c:d8:fb:ce:f1:91:f2:8a:61:e5:
a4:fd:28:23:86:62:32:16:6a:0b:10:e9:b8:a9:79:
34:6d:3d:f8:95:81:1e:78:62:84:c2:15:1c:e7:79:
4b:54:0f:72:84:08:2d:0a:a4:6d:b7:4b:15:1e:c8:
91:ef:7b:7c:9a:1d:aa:6c:04:a6:ac:0a:8b:a4:6a:
7e:ea:53:ac:4c:e1:cb:44:43:c7:f5:7d:09:a7:2c:
a7:1a:df:2e:64:29:01:8d:c0:10:35:c2:01:26:2a:
a4:02:9d:6b:30:74:03:3f:59:cb:d8:72:b8:c3:df:
e8:70:6e:42:2d:69:f9:96:08:c6:10:ac:d9:d1:2e:
4d:c6:72:32:3d:6f:28:de:a0:41:32:5e:24:d4:33:
f7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:BD:A7:32:92:4B:B5:A6:52:77:E0:19:C4:A4:73:8D:BF:99:37:E1
X509v3 Authority Key Identifier:
keyid:7D:F0:89:7E:AB:3E:ED:6E:24:ED:DD:67:6E:8B:F9:37:7F:B4:48:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffCJfqs-7W4k7d1nbov5N3-0SAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/ub2nMpJLtaZSd-AZxKRzjb-ZN-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/ffCJfqs-7W4k7d1nbov5N3-0SAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.137.200.0/22
Signature Algorithm: sha256WithRSAEncryption
76:16:8f:b0:e5:d4:c8:f4:01:36:e1:21:83:91:30:25:b5:4d:
99:9b:f7:ca:ab:e1:aa:85:3a:5b:47:5a:36:a5:13:16:18:1f:
1f:7e:27:ea:a3:73:0b:bc:e4:b3:86:0c:03:92:61:bf:66:c9:
c5:ba:c9:a0:e7:18:68:8c:b4:04:46:c5:2a:6a:27:2b:12:c4:
34:d5:54:e1:27:3d:b7:ad:64:c9:58:cf:69:c3:a3:61:57:71:
1d:d3:96:60:02:9d:ca:64:a9:03:d2:2b:72:54:85:87:15:6b:
85:63:8e:19:2e:7b:66:95:51:b2:ef:18:72:01:a4:4c:9f:16:
5b:c5:24:d9:15:02:96:13:75:9c:6f:2b:56:bd:0a:13:87:4c:
cb:6b:bf:6f:ba:03:66:f6:4b:b3:c5:e6:d9:3a:bc:16:87:22:
34:99:ed:5b:af:9e:b5:76:b8:93:e5:88:96:ea:b9:58:b0:21:
97:f7:f0:72:01:c9:32:bc:ea:92:f8:4f:84:4a:31:81:99:2a:
58:c1:15:84:66:a1:5a:8b:f1:24:e2:3e:18:fe:65:18:a1:ca:
64:9e:79:f9:57:ed:f5:79:3b:b8:bd:9d:13:15:ae:25:a9:04:
d6:90:0d:9f:71:c3:27:2a:68:6a:10:57:a4:e6:6e:1f:b5:ab:
8c:40:e6:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr/yWb8OaPsExEyMZm41njOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjA4OTdlYWIzZWVkNmUyNGVkZGQ2NzZlOGJmOTM3N2Zi
NDQ4MGMwHhcNMjMxMDA1MTIyMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWJkYTczMjkyNGJiNWE2NTI3N2UwMTljNGE0NzM4ZGJmOTkzN2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdFdUwMTapyM5SIFWFLh32iRyL27
5uGOsFzFMF+d574OuyckP+diMUFkIC0m7QpOCdNFfvyQjCl7/TkU0a/A9c47nyie
v+WkBQUp4ddxOTRWFKKK9dDQDaTMhynGeVhlMglAMmIFD6jEtIi5WYzY+87xkfKK
YeWk/SgjhmIyFmoLEOm4qXk0bT34lYEeeGKEwhUc53lLVA9yhAgtCqRtt0sVHsiR
73t8mh2qbASmrAqLpGp+6lOsTOHLREPH9X0JpyynGt8uZCkBjcAQNcIBJiqkAp1r
MHQDP1nL2HK4w9/ocG5CLWn5lgjGEKzZ0S5NxnIyPW8o3qBBMl4k1DP3bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLm9pzKSS7WmUnfgGcSkc42/mTfhMB8GA1UdIwQY
MBaAFH3wiX6rPu1uJO3dZ26L+Td/tEgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZDSmZxcy03VzRrN2QxbmJvdjVOMy0wU0F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zOTI1ZTktNjVlYS00NjJlLWFlMjgt
ZDJjMjlkYzA0MmU3LzEvdWIybk1wSkx0YVpTZC1BWnhLUnpqYi1aTi1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zOTI1ZTktNjVlYS00NjJlLWFlMjgtZDJjMjlkYzA0MmU3
LzEvZmZDSmZxcy03VzRrN2QxbmJvdjVOMy0wU0F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvInIMA0G
CSqGSIb3DQEBCwUAA4IBAQB2Fo+w5dTI9AE24SGDkTAltU2Zm/fKq+GqhTpbR1o2
pRMWGB8ffifqo3MLvOSzhgwDkmG/ZsnFusmg5xhojLQERsUqaicrEsQ01VThJz23
rWTJWM9pw6NhV3Ed05ZgAp3KZKkD0ityVIWHFWuFY44ZLntmlVGy7xhyAaRMnxZb
xSTZFQKWE3WcbytWvQoTh0zLa79vugNm9kuzxebZOrwWhyI0me1br561driT5YiW
6rlYsCGX9/ByAckyvOqS+E+ESjGBmSpYwRWEZqFai/Ek4j4Y/mUYocpknnn5V+31
eTu4vZ0TFa4lqQTWkA2fccMnKmhqEFek5m4ftauMQOZP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:02 2024 by rpki-client on console-ams.rpki-client.org