Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/MaCABhHijkH1kdPgti7SBFQesNA.roa
File: MaCABhHijkH1kdPgti7SBFQesNA.roa (raw, json)
Hash identifier: DiiF2F3UgiOQ7o6C48T9zT9aryutwLbReJZZJmYJeeo=
Subject key identifier: 31:A0:80:06:11:E2:8E:41:F5:91:D3:E0:B6:2E:D2:04:54:1E:B0:D0
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 0187E6A47C5744B64932E861EDB6CF8E11BF
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/MaCABhHijkH1kdPgti7SBFQesNA.roa
Signing time: Thu 04 May 2023 12:02:32 +0000
ROA not before: Thu 04 May 2023 12:02:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 188.209.125.0/24 maxlen: 24
188.209.124.0/24 maxlen: 24
188.208.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 May 2023 17:54:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:a4:7c:57:44:b6:49:32:e8:61:ed:b6:cf:8e:11:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: May 4 12:02:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31a0800611e28e41f591d3e0b62ed204541eb0d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:09:ae:e6:09:54:68:f3:07:76:6a:f7:9a:6a:
f3:2a:0c:64:ea:0b:d3:6a:7d:42:21:eb:59:e2:25:
b5:74:a8:0d:cc:fa:0a:90:5f:72:a0:3b:31:c9:18:
b5:7e:e0:a9:18:41:39:35:83:ee:ab:9b:2b:c1:23:
fe:d4:f6:69:f1:90:77:90:9a:3d:c4:3d:5a:b7:56:
95:11:1d:8b:bb:21:69:86:02:61:cb:2c:d0:40:7f:
a6:19:8c:9c:92:c6:0a:ae:2b:1e:4b:10:76:a5:e6:
b4:cb:de:7b:94:1d:69:82:15:8a:5f:74:cd:05:18:
2c:57:59:b2:88:a7:07:11:41:58:82:bc:e7:4a:15:
70:10:4e:cb:80:65:a4:70:77:38:29:46:0e:e3:6a:
f3:a2:e5:f3:7e:71:40:6b:1e:a7:2b:b7:00:54:3e:
93:95:22:55:62:d8:5f:6f:f1:80:13:6a:e6:36:be:
22:4d:ee:19:98:93:76:2c:12:f1:69:32:33:7b:f6:
64:57:6e:f3:23:9c:9e:9f:f2:a7:98:d7:f2:34:23:
d9:21:e4:ce:1e:14:98:77:b0:01:e1:a5:31:bd:51:
26:ab:7a:e3:dd:06:a1:92:da:ff:15:1d:8a:7c:02:
7e:20:ad:dd:65:ab:20:75:cc:42:d5:3d:8a:13:fd:
e1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A0:80:06:11:E2:8E:41:F5:91:D3:E0:B6:2E:D2:04:54:1E:B0:D0
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/MaCABhHijkH1kdPgti7SBFQesNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.223.0/24
188.209.124.0/23
Signature Algorithm: sha256WithRSAEncryption
04:8f:36:11:07:f0:f7:56:18:59:f4:1d:31:39:68:5c:db:fe:
74:4d:fa:20:35:01:b4:03:8c:34:2c:b0:f2:cf:83:e8:a2:5d:
99:35:c8:c2:c3:a9:c8:90:8e:67:e0:36:a1:8d:03:0b:aa:9b:
6b:bd:4e:4e:6e:e2:f4:fc:cd:01:ce:0f:8f:8a:22:e3:0b:d5:
59:41:b2:b4:db:1d:ff:4b:b8:02:02:1d:0f:d6:d3:c1:06:ef:
2d:09:1e:29:5e:a2:41:fb:14:8a:93:15:d5:d8:2f:f0:f0:09:
c3:d4:8a:6c:cf:3c:dc:c2:fa:de:fa:55:a3:63:7d:74:7f:4f:
ad:b7:12:67:03:90:b3:98:6b:e4:c2:07:af:08:a8:f9:72:9b:
ad:a1:14:a4:a3:a7:47:ef:e4:1d:a8:fa:5b:41:05:3d:67:f8:
70:a1:5e:d0:91:81:06:7c:49:b1:ee:0e:79:41:f0:45:1b:66:
7d:99:05:91:f5:9f:52:4f:9c:1e:51:17:e1:de:bf:ee:a1:46:
98:a8:52:3c:2d:e8:8f:cf:51:96:c9:4d:ab:5d:ee:5a:75:5e:
7e:90:af:55:e7:a2:03:0a:fe:4b:fd:1d:f4:5f:1d:12:16:cf:
8b:19:b4:33:69:d9:f4:35:c9:ad:a5:a6:91:1e:14:a1:cb:10:
af:33:04:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfmpHxXRLZJMuhh7bbPjhG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjMwNTA0MTIwMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWEwODAwNjExZTI4ZTQxZjU5MWQzZTBiNjJlZDIwNDU0MWViMGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwmu5glUaPMHdmr3mmrzKgxk6gvT
an1CIetZ4iW1dKgNzPoKkF9yoDsxyRi1fuCpGEE5NYPuq5srwSP+1PZp8ZB3kJo9
xD1at1aVER2LuyFphgJhyyzQQH+mGYycksYKriseSxB2pea0y957lB1pghWKX3TN
BRgsV1myiKcHEUFYgrznShVwEE7LgGWkcHc4KUYO42rzouXzfnFAax6nK7cAVD6T
lSJVYthfb/GAE2rmNr4iTe4ZmJN2LBLxaTIze/ZkV27zI5yen/KnmNfyNCPZIeTO
HhSYd7AB4aUxvVEmq3rj3Qahktr/FR2KfAJ+IK3dZasgdcxC1T2KE/3hfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDGggAYR4o5B9ZHT4LYu0gRUHrDQMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvTWFDQUJoSGlqa0gxa2RQZ3RpN1NCRlFlc05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvNDfAwQB
vNF8MA0GCSqGSIb3DQEBCwUAA4IBAQAEjzYRB/D3VhhZ9B0xOWhc2/50TfogNQG0
A4w0LLDyz4Pool2ZNcjCw6nIkI5n4DahjQMLqptrvU5ObuL0/M0Bzg+PiiLjC9VZ
QbK02x3/S7gCAh0P1tPBBu8tCR4pXqJB+xSKkxXV2C/w8AnD1Ipszzzcwvre+lWj
Y310f0+ttxJnA5CzmGvkwgevCKj5cputoRSko6dH7+QdqPpbQQU9Z/hwoV7QkYEG
fEmx7g55QfBFG2Z9mQWR9Z9ST5weURfh3r/uoUaYqFI8LeiPz1GWyU2rXe5adV5+
kK9V56IDCv5L/R30Xx0SFs+LGbQzadn0NcmtpaaRHhShyxCvMwRg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org