Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/34-afYpZPeeSgIoMBPrJinoV9c8.roa
File: 34-afYpZPeeSgIoMBPrJinoV9c8.roa (raw, json)
Hash identifier: wJ0YHAlNiZldP6Ev24gfv+12yJquJyrNVDyLrWWt7H4=
Subject key identifier: DF:8F:9A:7D:8A:59:3D:E7:92:80:8A:0C:04:FA:C9:8A:7A:15:F5:CF
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 018CC8DF01E8055624EA22FF957B44F55311
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/34-afYpZPeeSgIoMBPrJinoV9c8.roa
Signing time: Tue 02 Jan 2024 06:31:47 +0000
ROA not before: Tue 02 Jan 2024 06:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200106
IP address blocks: 188.125.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 13:17:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:01:e8:05:56:24:ea:22:ff:95:7b:44:f5:53:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Jan 2 06:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df8f9a7d8a593de792808a0c04fac98a7a15f5cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d4:7b:6c:a5:57:a9:f8:0b:c3:b5:e9:8b:f8:
ac:f4:85:67:dd:fa:f7:83:d8:b0:0a:0d:78:cc:3b:
8f:14:ee:0e:d0:20:4b:29:31:b9:78:bd:9f:38:75:
fb:98:c9:52:d9:f0:f3:ff:50:f6:e3:e7:78:f0:0b:
a2:78:7a:61:78:19:e9:8b:b5:cd:87:39:ac:95:f4:
fe:83:f2:24:ce:8d:74:16:bd:cb:fe:19:db:8f:e2:
08:0e:c6:10:31:39:e9:dd:61:48:2b:6f:fd:72:7a:
0f:31:d6:99:37:ee:d0:32:06:af:c2:e7:c2:d1:45:
d6:61:95:da:23:36:fb:a5:be:54:cb:42:bd:ad:e0:
86:e6:8e:ca:87:d7:c0:d6:79:32:08:b2:24:d3:0d:
62:4e:33:14:e8:51:ec:4a:09:76:d0:5a:7e:68:59:
de:b3:03:98:d5:59:03:39:ea:e3:55:fe:50:99:c2:
59:6a:1f:09:65:dc:b6:20:06:78:52:9b:52:e3:2f:
bd:85:62:d4:66:a7:ca:8e:fc:5f:fc:2f:14:e2:a4:
17:bf:8a:59:37:eb:06:6d:6d:43:e1:94:f9:02:19:
72:f4:55:66:b9:cb:97:6c:e4:ed:f5:a5:78:4c:12:
a9:db:14:fa:e0:91:27:e4:04:99:ce:51:cb:91:fd:
1c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8F:9A:7D:8A:59:3D:E7:92:80:8A:0C:04:FA:C9:8A:7A:15:F5:CF
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/34-afYpZPeeSgIoMBPrJinoV9c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.163.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:07:4e:05:fa:93:8c:05:04:bc:b9:51:13:3e:a2:2c:5e:5a:
ea:d9:eb:01:77:dd:1b:76:3f:86:22:08:f6:63:4e:90:24:ba:
d6:ed:45:d5:03:df:ec:a6:44:a6:3f:fd:a0:90:2b:39:46:7c:
a3:13:88:30:1a:df:cf:69:75:39:a5:66:62:45:e9:d7:bf:1a:
53:11:ef:ce:8b:d4:58:af:1c:f8:15:0f:09:f5:5e:c4:cd:32:
8f:ee:fc:54:78:cb:bf:01:68:f8:4b:fe:13:4f:c8:11:4f:07:
c6:7e:f8:11:f3:d5:06:71:bd:e0:12:b9:49:07:9e:1c:00:a3:
d4:08:ce:0e:57:27:bb:97:80:4f:86:be:26:d9:e6:a5:44:ef:
95:04:ad:26:5a:1d:d6:55:b5:31:72:7c:04:ba:73:4a:0f:4a:
ba:dd:20:c4:ef:c3:8c:eb:ed:54:35:96:73:d7:c6:1a:0b:db:
68:df:e7:96:b7:33:20:49:5a:74:90:d2:b2:60:f9:dd:2b:b9:
8a:2e:5a:65:9d:e9:33:37:b4:b9:85:49:0b:fa:78:73:59:b2:
bc:80:84:d4:b4:12:8f:bd:5e:df:d5:6e:53:bc:92:0b:1a:51:
bb:a4:08:e8:7c:10:cb:d0:e6:5d:23:a1:63:29:d4:26:45:cb:
e7:7f:8b:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3wHoBVYk6iL/lXtE9VMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjQwMTAyMDYzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjhmOWE3ZDhhNTkzZGU3OTI4MDhhMGMwNGZhYzk4YTdhMTVmNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdR7bKVXqfgLw7Xpi/is9IVn3fr3
g9iwCg14zDuPFO4O0CBLKTG5eL2fOHX7mMlS2fDz/1D24+d48AuieHpheBnpi7XN
hzmslfT+g/Ikzo10Fr3L/hnbj+IIDsYQMTnp3WFIK2/9cnoPMdaZN+7QMgavwufC
0UXWYZXaIzb7pb5Uy0K9reCG5o7Kh9fA1nkyCLIk0w1iTjMU6FHsSgl20Fp+aFne
swOY1VkDOerjVf5QmcJZah8JZdy2IAZ4UptS4y+9hWLUZqfKjvxf/C8U4qQXv4pZ
N+sGbW1D4ZT5Ahly9FVmucuXbOTt9aV4TBKp2xT64JEn5ASZzlHLkf0cQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+Pmn2KWT3nkoCKDAT6yYp6FfXPMB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvMzQtYWZZcFpQZWVTZ0lvTUJQckppbm9WOWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvH2jMA0G
CSqGSIb3DQEBCwUAA4IBAQC9B04F+pOMBQS8uVETPqIsXlrq2esBd90bdj+GIgj2
Y06QJLrW7UXVA9/spkSmP/2gkCs5RnyjE4gwGt/PaXU5pWZiRenXvxpTEe/Oi9RY
rxz4FQ8J9V7EzTKP7vxUeMu/AWj4S/4TT8gRTwfGfvgR89UGcb3gErlJB54cAKPU
CM4OVye7l4BPhr4m2ealRO+VBK0mWh3WVbUxcnwEunNKD0q63SDE78OM6+1UNZZz
18YaC9to3+eWtzMgSVp0kNKyYPndK7mKLlplnekzN7S5hUkL+nhzWbK8gITUtBKP
vV7f1W5TvJILGlG7pAjofBDL0OZdI6FjKdQmRcvnf4vv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:12 2025 by rpki-client