Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/DUelgLf-NqHs88Y6cZlSnG2Faxc.roa
File: DUelgLf-NqHs88Y6cZlSnG2Faxc.roa (raw, json)
Hash identifier: qSc4Y51vP3w2Yj43DFJTXwT4c3znFjfr8O58P2Fwp24=
Subject key identifier: 0D:47:A5:80:B7:FE:36:A1:EC:F3:C6:3A:71:99:52:9C:6D:85:6B:17
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 018DBB4426968471EF8F88FA09F6F20D01A6
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/DUelgLf-NqHs88Y6cZlSnG2Faxc.roa
Signing time: Sun 18 Feb 2024 08:10:21 +0000
ROA not before: Sun 18 Feb 2024 08:10:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215484
IP address blocks: 188.128.128.0/24 maxlen: 24
188.128.129.0/24 maxlen: 24
188.128.130.0/24 maxlen: 24
2a02:25a8:dead::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 18 Feb 2024 22:36:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bb:44:26:96:84:71:ef:8f:88:fa:09:f6:f2:0d:01:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Feb 18 08:10:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d47a580b7fe36a1ecf3c63a7199529c6d856b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d6:5f:f3:78:83:75:4d:34:06:ac:3b:22:79:
31:01:1c:c8:ee:88:9e:7c:57:72:65:e4:e5:69:e9:
26:5b:eb:c0:c0:5b:13:a7:86:46:69:c8:29:d2:60:
f2:e4:95:ba:8b:3c:54:ab:cf:f0:5a:fb:ea:fe:1e:
c0:58:da:da:5e:d9:4b:59:d5:20:06:52:51:06:e1:
bf:ed:47:df:e3:46:30:c7:81:aa:10:a1:28:38:a7:
d7:84:bc:3d:c2:55:76:1a:49:2e:f4:d8:5d:95:2f:
e4:92:59:12:2b:42:0b:6c:2a:ae:d7:25:45:1a:0c:
6b:b9:30:5f:6b:0f:58:bb:64:85:15:c9:b6:9c:5e:
e8:5c:5a:92:63:4f:70:56:5e:1c:44:ac:97:81:3b:
a8:13:b0:16:46:4d:eb:67:f7:6b:e7:7b:21:f6:c0:
ec:48:49:e7:22:e0:5e:48:f8:60:69:0f:b3:d3:c8:
e9:91:f3:cf:39:6b:42:04:4d:3e:45:76:cb:7a:d5:
16:ba:23:12:5d:b9:e7:57:77:ae:f7:73:dd:d5:04:
1c:ce:5f:11:32:3d:98:b6:19:fe:3d:42:ad:83:70:
1a:49:8d:5c:b0:da:64:27:9f:45:eb:04:a4:64:7e:
4e:cb:5e:e4:83:6f:ea:b7:1a:ae:25:06:78:84:da:
ed:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:47:A5:80:B7:FE:36:A1:EC:F3:C6:3A:71:99:52:9C:6D:85:6B:17
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/DUelgLf-NqHs88Y6cZlSnG2Faxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.128.128.0-188.128.130.255
IPv6:
2a02:25a8:dead::/48
Signature Algorithm: sha256WithRSAEncryption
10:f9:2e:30:7c:42:63:1d:82:ec:98:c0:b7:d6:7a:06:ad:c4:
98:2e:13:dd:c3:63:d4:71:3f:71:27:70:46:64:ae:43:82:53:
bb:fe:0c:02:51:70:a7:66:c4:99:e6:1e:7c:0d:ae:11:c7:cc:
fa:e3:49:49:d2:57:f3:4e:1f:16:e6:68:cc:ce:e2:c8:9e:99:
f7:5f:75:64:d0:76:6e:8c:f6:08:33:e2:cb:4d:ab:4b:16:db:
cd:0e:b6:a8:09:fa:81:4f:70:b6:e7:69:13:9e:2e:a9:13:e2:
c9:84:3d:e9:7b:dd:2b:6b:85:f0:74:c6:e1:8e:da:ec:f9:75:
5b:0b:6a:f8:ea:0b:ec:49:08:cd:09:15:d7:50:73:ce:45:c3:
9c:c6:a4:07:bf:0c:a4:7d:54:4b:ad:a3:4a:0d:3a:fd:3a:03:
35:83:c6:04:e8:18:27:bf:58:93:05:52:9c:6c:b7:ab:2b:66:
b6:dd:db:5f:98:b3:c9:97:e8:80:3e:e3:cb:56:4b:19:78:3f:
ba:9b:c3:73:73:1a:4e:a9:1c:3f:b3:6f:b2:59:a2:5d:b9:43:
81:11:29:76:e3:8e:55:5e:0d:78:b9:55:2c:19:55:a5:88:ec:
c3:a5:f2:70:ba:fd:6c:4f:c2:2e:b1:ee:65:3c:22:9b:8e:28:
a9:28:03:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY27RCaWhHHvj4j6CfbyDQGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMmI0OGY2NDM1ODAxMWM3ODQyZDNjZWM1Y2IyZDQ3MDY4
YjgzNmQwHhcNMjQwMjE4MDgxMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDQ3YTU4MGI3ZmUzNmExZWNmM2M2M2E3MTk5NTI5YzZkODU2YjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNZf83iDdU00Bqw7InkxARzI7oie
fFdyZeTlaekmW+vAwFsTp4ZGacgp0mDy5JW6izxUq8/wWvvq/h7AWNraXtlLWdUg
BlJRBuG/7Uff40Ywx4GqEKEoOKfXhLw9wlV2Gkku9NhdlS/kklkSK0ILbCqu1yVF
GgxruTBfaw9Yu2SFFcm2nF7oXFqSY09wVl4cRKyXgTuoE7AWRk3rZ/dr53sh9sDs
SEnnIuBeSPhgaQ+z08jpkfPPOWtCBE0+RXbLetUWuiMSXbnnV3eu93Pd1QQczl8R
Mj2Ythn+PUKtg3AaSY1csNpkJ59F6wSkZH5Oy17kg2/qtxquJQZ4hNrt2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1HpYC3/jah7PPGOnGZUpxthWsXMB8GA1UdIwQY
MBaAFLsrSPZDWAEceELTzsXLLUcGi4NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODIt
YzUyMjk4NjNhZWJhLzEvRFVlbGdMZi1OcUhzODhZNmNabFNuRzJGYXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODItYzUyMjk4NjNhZWJh
LzEvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAe8gIAD
BAC8gIIwDwQCAAIwCQMHACoCJajerTANBgkqhkiG9w0BAQsFAAOCAQEAEPkuMHxC
Yx2C7JjAt9Z6Bq3EmC4T3cNj1HE/cSdwRmSuQ4JTu/4MAlFwp2bEmeYefA2uEcfM
+uNJSdJX804fFuZozM7iyJ6Z9191ZNB2boz2CDPiy02rSxbbzQ62qAn6gU9wtudp
E54uqRPiyYQ96XvdK2uF8HTG4Y7a7Pl1Wwtq+OoL7EkIzQkV11BzzkXDnMakB78M
pH1US62jSg06/ToDNYPGBOgYJ79YkwVSnGy3qytmtt3bX5izyZfogD7jy1ZLGXg/
upvDc3MaTqkcP7NvslmiXblDgREpduOOVV4NeLlVLBlVpYjsw6XycLr9bE/CLrHu
ZTwim44oqSgDqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:01 2024 by rpki-client on console-ams.rpki-client.org