Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/20RYf2elG5cbGtKOSnq9DI7A9c8.roa
File: 20RYf2elG5cbGtKOSnq9DI7A9c8.roa (raw, json)
Hash identifier: cpKEgzlvOZiAH5UrS47qDyv3k8qWo2pRlhbohb/e318=
Subject key identifier: DB:44:58:7F:67:A5:1B:97:1B:1A:D2:8E:4A:7A:BD:0C:8E:C0:F5:CF
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC5010A460C2ECD2601AEDC5413ABFE0C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/20RYf2elG5cbGtKOSnq9DI7A9c8.roa
Signing time: Mon 01 Jan 2024 12:30:28 +0000
ROA not before: Mon 01 Jan 2024 12:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21082
IP address blocks: 188.214.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 13:42:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0a:46:0c:2e:cd:26:01:ae:dc:54:13:ab:fe:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db44587f67a51b971b1ad28e4a7abd0c8ec0f5cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8a:57:bb:10:82:9a:c5:3a:f0:b9:95:30:7e:
c7:db:36:8a:33:f2:83:de:a6:51:df:bf:03:ca:64:
cf:7b:3c:c4:f6:4f:2b:96:5f:71:7e:2b:11:bb:a7:
ba:12:ab:06:8b:cc:16:88:ad:8c:7f:db:f2:f2:84:
ee:3f:60:a5:11:1d:a4:50:e6:2a:a1:04:0a:d7:7e:
52:a1:25:d9:5b:e6:0c:a4:44:37:ad:61:56:5b:96:
70:e0:35:05:03:fa:5c:f3:9f:5e:84:9d:e8:b0:71:
15:94:d2:9d:dc:1f:aa:18:25:bc:29:8b:4b:ec:69:
d3:e4:0a:f1:d2:a0:9d:ad:69:35:db:69:38:0b:d1:
96:b1:d2:e8:36:e7:e9:4b:03:86:64:a2:52:d8:0a:
35:ab:1f:f0:dd:12:49:d2:79:12:5f:4e:27:db:32:
fb:3d:c1:fe:9b:27:fe:7d:e7:06:07:d5:e4:67:f9:
18:8f:62:4b:3d:ef:e1:d5:ce:9e:6e:a0:f2:d3:fe:
de:0e:5b:6e:0a:fa:21:32:c9:7f:7d:20:bd:af:ed:
72:c0:ba:3f:4f:4e:b5:25:68:c8:41:3f:a8:7b:18:
0a:7c:e8:fc:5f:81:b5:00:62:19:e2:a0:3c:0e:3a:
43:6b:9f:8e:54:15:39:78:92:28:d5:3a:70:8d:b5:
b6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:44:58:7F:67:A5:1B:97:1B:1A:D2:8E:4A:7A:BD:0C:8E:C0:F5:CF
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/20RYf2elG5cbGtKOSnq9DI7A9c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.209.0/24
Signature Algorithm: sha256WithRSAEncryption
72:05:47:fc:fb:59:4c:04:94:33:2a:a8:1e:8b:80:00:9b:a8:
6c:c7:b0:10:2b:19:0d:b4:df:ab:7d:e1:55:d0:83:58:8c:6c:
8b:54:5a:02:49:19:7b:e5:2c:36:df:47:99:1f:b9:7c:c9:8c:
f0:c0:62:1e:5b:76:a7:d0:d2:24:ae:45:88:17:ff:f2:06:5f:
a5:61:b0:64:c9:e8:ec:a5:e4:65:dd:38:1c:d6:71:f6:86:db:
d5:17:46:5c:e6:e0:41:96:f6:e4:d8:e7:fb:26:f7:01:fe:41:
69:30:a5:b1:8c:98:e2:b3:ce:53:88:77:47:5d:eb:a2:55:41:
77:5e:c8:ef:87:15:86:25:c3:56:0d:f8:51:c8:c7:8d:8b:f4:
df:29:40:4e:9d:5c:4f:da:47:52:87:fb:d6:10:dc:ea:ce:51:
62:e1:ca:c9:b6:71:5d:a2:36:77:d1:ae:1d:82:86:c1:d3:37:
f4:b5:b9:5c:dd:cf:ec:25:7c:b0:4d:32:17:30:83:b1:55:e5:
bc:f3:3b:29:6f:b8:94:a1:f5:3d:08:fe:14:5d:32:be:b0:c5:
4a:2a:8b:9b:d5:22:27:20:80:57:8a:e7:3b:e5:06:29:12:3c:
b3:be:e7:15:5c:f5:31:69:b7:17:47:1e:71:5e:02:97:ff:1b:
35:16:3c:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAQpGDC7NJgGu3FQTq/4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQ0NTg3ZjY3YTUxYjk3MWIxYWQyOGU0YTdhYmQwYzhlYzBmNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtopXuxCCmsU68LmVMH7H2zaKM/KD
3qZR378DymTPezzE9k8rll9xfisRu6e6EqsGi8wWiK2Mf9vy8oTuP2ClER2kUOYq
oQQK135SoSXZW+YMpEQ3rWFWW5Zw4DUFA/pc859ehJ3osHEVlNKd3B+qGCW8KYtL
7GnT5Arx0qCdrWk122k4C9GWsdLoNufpSwOGZKJS2Ao1qx/w3RJJ0nkSX04n2zL7
PcH+myf+fecGB9XkZ/kYj2JLPe/h1c6ebqDy0/7eDltuCvohMsl/fSC9r+1ywLo/
T061JWjIQT+oexgKfOj8X4G1AGIZ4qA8DjpDa5+OVBU5eJIo1TpwjbW2jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtEWH9npRuXGxrSjkp6vQyOwPXPMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMjBSWWYyZWxHNWNiR3RLT1NucTlESTdBOWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNbRMA0G
CSqGSIb3DQEBCwUAA4IBAQByBUf8+1lMBJQzKqgei4AAm6hsx7AQKxkNtN+rfeFV
0INYjGyLVFoCSRl75Sw230eZH7l8yYzwwGIeW3an0NIkrkWIF//yBl+lYbBkyejs
peRl3Tgc1nH2htvVF0Zc5uBBlvbk2Of7JvcB/kFpMKWxjJjis85TiHdHXeuiVUF3
XsjvhxWGJcNWDfhRyMeNi/TfKUBOnVxP2kdSh/vWENzqzlFi4crJtnFdojZ30a4d
gobB0zf0tblc3c/sJXywTTIXMIOxVeW88zspb7iUofU9CP4UXTK+sMVKKoub1SIn
IIBXiuc75QYpEjyzvucVXPUxabcXRx5xXgKX/xs1FjwN
-----END CERTIFICATE-----
Generated at Wed Feb 21 16:51:07 2024 by rpki-client on console-fra.rpki-client.org