Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ad0116-7558-4656-9fb3-5199a711684d/1/thaE5cuKatCpGaS3w3O1icLHy3E.roa
File: thaE5cuKatCpGaS3w3O1icLHy3E.roa (raw, json)
Hash identifier: E2guqUe6tJyXrgU7VAmmKrKZhmAlHfOe59FSNnxd0co=
Subject key identifier: B6:16:84:E5:CB:8A:6A:D0:A9:19:A4:B7:C3:73:B5:89:C2:C7:CB:71
Certificate issuer: /CN=7069a025a84f42ef3ef0b6052de3fd65e8c08692
Certificate serial: 0185714C36A8904FBF45710A174A36477563
Authority key identifier: 70:69:A0:25:A8:4F:42:EF:3E:F0:B6:05:2D:E3:FD:65:E8:C0:86:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGmgJahPQu8-8LYFLeP9ZejAhpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ad0116-7558-4656-9fb3-5199a711684d/1/thaE5cuKatCpGaS3w3O1icLHy3E.roa
Signing time: Mon 02 Jan 2023 07:04:58 +0000
ROA not before: Mon 02 Jan 2023 07:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209911
IP address blocks: 188.0.40.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:36:a8:90:4f:bf:45:71:0a:17:4a:36:47:75:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7069a025a84f42ef3ef0b6052de3fd65e8c08692
Validity
Not Before: Jan 2 07:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b61684e5cb8a6ad0a919a4b7c373b589c2c7cb71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:62:59:a1:52:d0:66:ee:bc:d5:40:19:9a:3f:
e3:cd:53:38:b1:d6:2c:f0:d9:f8:ae:c3:82:56:c8:
2f:ed:40:3b:a6:88:c9:5b:a8:17:e6:4e:f2:3e:7f:
0a:ab:7b:41:56:ba:a2:09:50:4d:d0:1f:dc:e5:d0:
3c:a1:b0:5c:ad:79:de:c0:71:44:50:a3:14:47:66:
44:8c:d5:20:73:71:cf:f0:a4:6c:d3:d9:f3:1b:64:
4f:b3:3c:6d:d6:b7:e0:cd:a5:3e:5c:83:c5:2e:f2:
95:8d:2e:f9:cb:18:64:19:19:51:ba:17:b0:09:71:
bf:76:79:d0:b0:d5:44:1b:a5:4b:26:26:be:76:01:
46:44:2b:c2:78:63:ef:f7:61:57:de:b0:18:14:71:
46:ae:45:2c:69:a0:6a:ce:8f:1b:63:b9:d3:8e:fd:
45:06:f4:3f:21:67:6a:13:61:c2:a7:a9:70:96:0c:
28:5e:7d:25:b6:b2:38:29:79:5b:53:ed:07:b8:d2:
45:4e:ce:3f:53:d7:07:43:14:b4:13:11:d6:ce:80:
a5:ba:1f:c2:e7:72:89:ab:8d:d4:4a:c6:30:42:c2:
56:3b:7a:09:b5:d6:53:3c:5c:45:92:1d:f3:4e:04:
ff:7a:fc:cb:96:1c:98:49:76:18:12:01:34:57:56:
ca:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:16:84:E5:CB:8A:6A:D0:A9:19:A4:B7:C3:73:B5:89:C2:C7:CB:71
X509v3 Authority Key Identifier:
keyid:70:69:A0:25:A8:4F:42:EF:3E:F0:B6:05:2D:E3:FD:65:E8:C0:86:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGmgJahPQu8-8LYFLeP9ZejAhpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ad0116-7558-4656-9fb3-5199a711684d/1/thaE5cuKatCpGaS3w3O1icLHy3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ad0116-7558-4656-9fb3-5199a711684d/1/cGmgJahPQu8-8LYFLeP9ZejAhpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.0.40.0/21
Signature Algorithm: sha256WithRSAEncryption
b8:b5:ce:9b:0e:e9:fb:ab:6e:1e:a6:85:f0:62:21:7c:a3:81:
c3:3a:de:a6:6a:d8:35:f3:b1:6e:7c:5e:ca:4a:1a:b5:a4:86:
ac:25:17:60:2f:90:bb:f0:4e:35:c9:a9:3f:5d:df:99:62:fc:
7a:be:cd:8d:19:19:75:3c:0a:80:c2:0e:9d:98:7f:c7:1d:8b:
98:60:e2:28:aa:84:14:9e:d8:5f:cb:8d:02:02:9a:2d:cd:f2:
5a:64:25:e3:69:9f:d1:d8:2b:76:ea:70:7a:3d:16:86:71:da:
1a:74:4b:6e:ed:56:79:1d:af:38:d5:bb:6a:75:7f:78:52:1a:
fa:f1:d7:b9:5a:76:fb:7a:ab:26:3e:ec:ee:32:05:da:37:47:
c4:8e:69:43:97:87:a0:db:6f:eb:19:ea:58:55:02:1f:7b:61:
fe:f8:74:9b:12:51:71:fc:db:4f:dc:a6:72:d5:82:c2:cf:e0:
b7:f3:6a:da:1f:9f:e8:36:95:91:45:e5:8a:47:ce:ad:12:1b:
f4:95:6f:8b:40:d1:9a:01:7c:1e:f4:a7:0c:a3:52:d8:55:19:
95:2d:1e:92:98:ea:c6:4a:8b:ca:19:c4:9b:1c:a9:22:03:d2:
ec:ec:ea:ca:fe:18:61:b5:96:12:89:65:ff:6e:b3:51:e5:73:
9f:20:23:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxTDaokE+/RXEKF0o2R3VjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNjlhMDI1YTg0ZjQyZWYzZWYwYjYwNTJkZTNmZDY1ZThj
MDg2OTIwHhcNMjMwMTAyMDcwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjE2ODRlNWNiOGE2YWQwYTkxOWE0YjdjMzczYjU4OWMyYzdjYjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2JZoVLQZu681UAZmj/jzVM4sdYs
8Nn4rsOCVsgv7UA7pojJW6gX5k7yPn8Kq3tBVrqiCVBN0B/c5dA8obBcrXnewHFE
UKMUR2ZEjNUgc3HP8KRs09nzG2RPszxt1rfgzaU+XIPFLvKVjS75yxhkGRlRuhew
CXG/dnnQsNVEG6VLJia+dgFGRCvCeGPv92FX3rAYFHFGrkUsaaBqzo8bY7nTjv1F
BvQ/IWdqE2HCp6lwlgwoXn0ltrI4KXlbU+0HuNJFTs4/U9cHQxS0ExHWzoCluh/C
53KJq43USsYwQsJWO3oJtdZTPFxFkh3zTgT/evzLlhyYSXYYEgE0V1bKIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYWhOXLimrQqRmkt8NztYnCx8txMB8GA1UdIwQY
MBaAFHBpoCWoT0LvPvC2BS3j/WXowIaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0dtZ0phaFBRdTgtOExZRkxlUDlaZWpBaHBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9hZDAxMTYtNzU1OC00NjU2LTlmYjMt
NTE5OWE3MTE2ODRkLzEvdGhhRTVjdUthdENwR2FTM3czTzFpY0xIeTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9hZDAxMTYtNzU1OC00NjU2LTlmYjMtNTE5OWE3MTE2ODRk
LzEvY0dtZ0phaFBRdTgtOExZRkxlUDlaZWpBaHBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvAAoMA0G
CSqGSIb3DQEBCwUAA4IBAQC4tc6bDun7q24epoXwYiF8o4HDOt6matg187FufF7K
Shq1pIasJRdgL5C78E41yak/Xd+ZYvx6vs2NGRl1PAqAwg6dmH/HHYuYYOIoqoQU
nthfy40CApotzfJaZCXjaZ/R2Ct26nB6PRaGcdoadEtu7VZ5Ha841btqdX94Uhr6
8de5Wnb7eqsmPuzuMgXaN0fEjmlDl4eg22/rGepYVQIfe2H++HSbElFx/NtP3KZy
1YLCz+C382raH5/oNpWRReWKR86tEhv0lW+LQNGaAXwe9KcMo1LYVRmVLR6SmOrG
SovKGcSbHKkiA9Ls7OrK/hhhtZYSiWX/brNR5XOfICOw
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:37 2024 by rpki-client on console-fra.rpki-client.org