Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/DLtaLxTsFDzGp-Mx8jRNJPtZG-M.roa
File: DLtaLxTsFDzGp-Mx8jRNJPtZG-M.roa (raw, json)
Hash identifier: dRKmZd8TFqKfDhNoPLThCbu0PP/OZFHy5ameRx/wVbY=
Subject key identifier: 0C:BB:5A:2F:14:EC:14:3C:C6:A7:E3:31:F2:34:4D:24:FB:59:1B:E3
Certificate issuer: /CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Certificate serial: 018D0CBB091DBBB37069914E71D6DCF31DBE
Authority key identifier: FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/DLtaLxTsFDzGp-Mx8jRNJPtZG-M.roa
Signing time: Mon 15 Jan 2024 10:46:40 +0000
ROA not before: Mon 15 Jan 2024 10:46:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 188.208.196.0/23 maxlen: 23
188.214.194.0/24 maxlen: 24
2a06:f940::/48 maxlen: 48
2a06:f940:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 09:57:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:bb:09:1d:bb:b3:70:69:91:4e:71:d6:dc:f3:1d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Validity
Not Before: Jan 15 10:46:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cbb5a2f14ec143cc6a7e331f2344d24fb591be3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7f:a4:cd:90:6f:9c:75:27:b0:57:78:f2:03:
af:9f:c7:f6:fc:0f:b9:54:7b:7e:dd:f5:4b:0b:5e:
06:db:04:a6:70:a0:8f:17:30:b6:24:ee:e4:f9:de:
87:a1:bf:c4:0c:ef:d9:9a:e1:49:00:7b:d9:ba:2e:
43:72:05:80:f2:f1:63:7b:27:0c:14:f0:9c:3e:05:
8f:f9:ec:53:ee:2d:22:2c:d2:29:e9:70:8f:f8:30:
ae:ca:26:b6:68:2b:90:89:77:5e:39:60:e7:0a:f5:
22:86:e4:96:bc:eb:0b:d5:b1:32:8b:2e:03:73:96:
d2:49:43:86:f6:64:25:9a:4d:cc:31:b0:72:55:e0:
27:ae:a1:ff:ad:9c:82:96:38:a8:c3:50:ff:18:61:
74:99:53:8a:9b:b0:7f:8c:b5:7e:14:f4:47:dc:96:
7c:d2:02:7e:45:80:d5:b6:9d:79:5e:ca:a7:46:78:
ea:59:86:0a:a4:84:3e:c5:60:c9:2f:1d:ea:92:f6:
03:65:7c:50:0d:4c:fe:79:bd:1c:f7:92:e4:dd:43:
26:96:af:53:8d:d4:a3:b4:28:8a:bc:ad:60:90:da:
95:04:a0:51:64:c8:c3:94:c2:c8:7c:9d:96:a2:4a:
d9:67:c5:a1:a1:f9:f9:43:81:55:63:54:ff:ef:41:
82:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:BB:5A:2F:14:EC:14:3C:C6:A7:E3:31:F2:34:4D:24:FB:59:1B:E3
X509v3 Authority Key Identifier:
keyid:FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/DLtaLxTsFDzGp-Mx8jRNJPtZG-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.196.0/23
188.214.194.0/24
IPv6:
2a06:f940::/47
Signature Algorithm: sha256WithRSAEncryption
29:de:e5:70:7b:ba:78:19:40:56:bd:60:27:04:ad:0b:8e:4a:
90:5b:64:16:4b:22:92:71:f4:bf:2e:16:9a:41:83:da:7a:2a:
56:10:5f:0b:95:3c:c1:be:62:d8:37:fa:a4:14:cc:5c:1c:a7:
64:1b:a0:aa:e4:b1:c4:ee:5d:3e:84:f8:5c:4d:b5:64:ad:7b:
02:65:6a:73:08:2f:79:71:ee:a1:3b:f8:56:92:29:62:ec:a4:
62:58:2c:67:d1:c8:7b:55:f3:a9:c9:d8:c8:5e:a1:0f:45:90:
04:41:6f:a4:86:24:58:37:1f:9d:10:5b:69:7f:f1:a1:16:7b:
18:95:6f:82:77:d0:18:8b:d0:c4:c2:81:8a:58:4c:ed:58:d1:
ef:df:9b:0b:7a:8f:f8:75:04:a2:69:62:cd:97:b6:0d:f2:20:
29:00:34:e7:77:47:a1:54:68:f7:52:52:0e:29:7a:e2:fa:89:
c8:79:7a:6b:3c:86:bd:d2:25:b8:03:a4:24:ea:7a:63:ce:d0:
93:c6:8f:6f:e2:be:f2:92:9b:97:7c:ab:fb:da:ec:cb:04:b0:
7e:ee:c5:e7:e5:21:66:c2:f9:4f:06:e2:30:e7:4a:e6:3e:98:
81:7b:0e:da:8c:91:bd:6a:3a:cd:13:5f:79:99:5f:c2:ca:11:
96:0c:3a:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY0Muwkdu7NwaZFOcdbc8x2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMmFhNWFjZmM5YmIwZmU2YjkxMWYxZWNhZDNlYjU0ZDQ1
Y2IzNmYwHhcNMjQwMTE1MTA0NjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2JiNWEyZjE0ZWMxNDNjYzZhN2UzMzFmMjM0NGQyNGZiNTkxYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33+kzZBvnHUnsFd48gOvn8f2/A+5
VHt+3fVLC14G2wSmcKCPFzC2JO7k+d6Hob/EDO/ZmuFJAHvZui5DcgWA8vFjeycM
FPCcPgWP+exT7i0iLNIp6XCP+DCuyia2aCuQiXdeOWDnCvUihuSWvOsL1bEyiy4D
c5bSSUOG9mQlmk3MMbByVeAnrqH/rZyCljiow1D/GGF0mVOKm7B/jLV+FPRH3JZ8
0gJ+RYDVtp15XsqnRnjqWYYKpIQ+xWDJLx3qkvYDZXxQDUz+eb0c95Lk3UMmlq9T
jdSjtCiKvK1gkNqVBKBRZMjDlMLIfJ2WokrZZ8Whofn5Q4FVY1T/70GCdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAy7Wi8U7BQ8xqfjMfI0TST7WRvjMB8GA1UdIwQY
MBaAFPsqpaz8m7D+a5EfHsrT61TUXLNvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15cWxyUHlic1A1cmtSOGV5dFByVk5SY3MyOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2
LWVlMDU3Y2Y5YzE2MS8xL0RMdGFMeFRzRkR6R3AtTXg4alJOSlB0WkctTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2LWVlMDU3Y2Y5YzE2
MS8xLzEteXFsclB5YnNQNXJrUjhleXRQclZOUmNzMjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAG80MQD
BAC81sIwDwQCAAIwCQMHASoG+UAAADANBgkqhkiG9w0BAQsFAAOCAQEAKd7lcHu6
eBlAVr1gJwStC45KkFtkFksiknH0vy4WmkGD2noqVhBfC5U8wb5i2Df6pBTMXByn
ZBugquSxxO5dPoT4XE21ZK17AmVqcwgveXHuoTv4VpIpYuykYlgsZ9HIe1XzqcnY
yF6hD0WQBEFvpIYkWDcfnRBbaX/xoRZ7GJVvgnfQGIvQxMKBilhM7VjR79+bC3qP
+HUEomlizZe2DfIgKQA053dHoVRo91JSDil64vqJyHl6azyGvdIluAOkJOp6Y87Q
k8aPb+K+8pKbl3yr+9rsywSwfu7F5+UhZsL5TwbiMOdK5j6YgXsO2oyRvWo6zRNf
eZlfwsoRlgw6hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org