Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/PyFwri4pRssW6Ogtouz8sU-oWCg.roa
File: PyFwri4pRssW6Ogtouz8sU-oWCg.roa (raw, json)
Hash identifier: FDz6OPHgnj7gtojCYxen9tW3KWYTceoG7AnARaZU7Z8=
Subject key identifier: 3F:21:70:AE:2E:29:46:CB:16:E8:E8:2D:A2:EC:FC:B1:4F:A8:58:28
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 01889A35827B530F73011D8A4CE7E0BE0ECB
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/PyFwri4pRssW6Ogtouz8sU-oWCg.roa
Signing time: Thu 08 Jun 2023 08:52:57 +0000
ROA not before: Thu 08 Jun 2023 08:52:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132335
IP address blocks: 188.208.141.0/24 maxlen: 24
188.208.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jul 2023 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:35:82:7b:53:0f:73:01:1d:8a:4c:e7:e0:be:0e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Jun 8 08:52:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f2170ae2e2946cb16e8e82da2ecfcb14fa85828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cc:dd:68:37:b7:ee:04:61:77:22:ed:57:9f:
12:f2:34:2d:7e:91:e9:b8:37:13:de:e1:13:da:69:
b0:8d:8b:71:79:0f:3a:49:a3:f5:5d:0b:9b:60:94:
38:a2:3d:20:1d:12:66:35:d9:00:d3:d9:f4:c3:46:
72:37:54:8c:15:14:06:7f:15:10:63:e3:a2:a3:e9:
a8:ba:e9:ba:98:8c:b9:b5:c5:ee:84:62:96:96:70:
f6:a3:b1:8a:6e:47:9b:32:15:cb:eb:3b:b4:13:3b:
ea:09:e3:5b:86:40:02:22:9f:f0:61:2f:08:3d:7e:
70:95:af:94:b9:3d:33:7d:25:26:75:c9:09:f6:de:
f9:c4:52:cd:a2:b3:58:e2:c3:03:d0:3a:d5:cf:4b:
25:91:9d:8c:57:31:16:ac:c4:bc:02:f5:08:10:5a:
1d:57:ee:69:9a:6c:19:33:9a:b8:85:af:5a:7a:a1:
c5:2f:93:7e:c1:43:3f:c7:f8:4c:45:37:eb:93:1b:
c9:93:6c:89:79:3c:db:7b:9b:22:8d:d3:12:e5:9e:
48:2d:15:ea:f7:89:a9:8a:53:48:10:f1:04:1d:98:
25:26:77:45:13:89:c3:7d:4b:e0:2a:6d:54:5e:77:
a2:db:e5:c3:5a:c2:47:ae:cb:b9:39:01:0b:36:3d:
47:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:21:70:AE:2E:29:46:CB:16:E8:E8:2D:A2:EC:FC:B1:4F:A8:58:28
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/PyFwri4pRssW6Ogtouz8sU-oWCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.140.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:cb:5f:bc:68:4f:1a:77:e3:37:d6:38:fd:94:d5:fb:e9:64:
41:8d:cc:92:9d:10:f7:49:bb:c2:8a:d7:9f:00:b6:d8:7d:9f:
e1:a9:6f:16:40:4d:3e:b9:95:1c:09:30:3a:01:c0:11:dc:ed:
3a:a5:84:10:e5:16:7b:1b:25:59:38:58:0c:c4:a5:b3:9f:09:
c8:cf:e0:a3:6a:38:44:c9:49:a5:12:d1:19:24:d3:85:50:1f:
1d:89:1b:97:46:52:a1:54:b9:fd:bd:e5:b6:85:c2:db:d7:ee:
d7:7c:e1:c3:ad:34:c7:cf:50:db:54:8c:2f:85:c0:c7:51:44:
2b:8a:4c:cf:2e:a4:38:21:77:87:86:73:08:4c:46:98:00:f0:
ea:78:7c:c6:d4:ec:c7:81:09:ce:ff:38:4b:ef:a1:10:f2:93:
e4:da:d6:46:27:f4:f1:cf:21:f9:e2:97:fb:db:99:5a:76:6b:
c3:75:5c:8e:05:83:bc:5a:f3:6c:1d:ce:36:10:c4:82:85:d3:
4a:f5:9c:48:9d:22:07:e1:73:d6:88:2d:22:ee:b6:fc:5d:3a:
63:d8:be:90:59:15:07:8d:c7:75:1f:bc:83:14:db:4b:ac:d9:
fe:cc:93:9e:cc:90:2e:99:02:09:2a:34:1a:f7:28:c5:42:db:
4e:eb:0b:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiaNYJ7Uw9zAR2KTOfgvg7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjMwNjA4MDg1MjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjIxNzBhZTJlMjk0NmNiMTZlOGU4MmRhMmVjZmNiMTRmYTg1ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8zdaDe37gRhdyLtV58S8jQtfpHp
uDcT3uET2mmwjYtxeQ86SaP1XQubYJQ4oj0gHRJmNdkA09n0w0ZyN1SMFRQGfxUQ
Y+Oio+mouum6mIy5tcXuhGKWlnD2o7GKbkebMhXL6zu0EzvqCeNbhkACIp/wYS8I
PX5wla+UuT0zfSUmdckJ9t75xFLNorNY4sMD0DrVz0slkZ2MVzEWrMS8AvUIEFod
V+5pmmwZM5q4ha9aeqHFL5N+wUM/x/hMRTfrkxvJk2yJeTzbe5sijdMS5Z5ILRXq
94mpilNIEPEEHZglJndFE4nDfUvgKm1UXnei2+XDWsJHrsu5OQELNj1HHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8hcK4uKUbLFujoLaLs/LFPqFgoMB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvUHlGd3JpNHBSc3NXNk9ndG91ejhzVS1vV0NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvNCMMA0G
CSqGSIb3DQEBCwUAA4IBAQCMy1+8aE8ad+M31jj9lNX76WRBjcySnRD3SbvCitef
ALbYfZ/hqW8WQE0+uZUcCTA6AcAR3O06pYQQ5RZ7GyVZOFgMxKWznwnIz+CjajhE
yUmlEtEZJNOFUB8diRuXRlKhVLn9veW2hcLb1+7XfOHDrTTHz1DbVIwvhcDHUUQr
ikzPLqQ4IXeHhnMITEaYAPDqeHzG1OzHgQnO/zhL76EQ8pPk2tZGJ/TxzyH54pf7
25ladmvDdVyOBYO8WvNsHc42EMSChdNK9ZxInSIH4XPWiC0i7rb8XTpj2L6QWRUH
jcd1H7yDFNtLrNn+zJOezJAumQIJKjQa9yjFQttO6wvj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org