Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/ELnYa5y10B0ZFw9Yt_CQ3tY7T2k.roa
File: ELnYa5y10B0ZFw9Yt_CQ3tY7T2k.roa (raw, json)
Hash identifier: rKePi1Yz2lPp33kmUNzHZ8aSo7sLnwEC2BpQ+iip36Y=
Subject key identifier: 10:B9:D8:6B:9C:B5:D0:1D:19:17:0F:58:B7:F0:90:DE:D6:3B:4F:69
Certificate issuer: /CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Certificate serial: 018CFD511D82FEB54EB1D1CEAF4780DA9384
Authority key identifier: FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/ELnYa5y10B0ZFw9Yt_CQ3tY7T2k.roa
Signing time: Fri 12 Jan 2024 10:56:40 +0000
ROA not before: Fri 12 Jan 2024 10:56:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 188.208.196.0/23 maxlen: 23
188.214.194.0/24 maxlen: 24
2a06:f940::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Jan 2024 10:43:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fd:51:1d:82:fe:b5:4e:b1:d1:ce:af:47:80:da:93:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Validity
Not Before: Jan 12 10:56:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10b9d86b9cb5d01d19170f58b7f090ded63b4f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fa:cc:d8:05:09:95:df:75:18:73:61:8b:02:
48:6a:89:7d:03:e7:71:3a:1f:93:e0:72:9c:d0:3c:
bc:70:83:ba:fc:12:a1:bf:7a:1b:39:df:6c:39:6b:
0f:63:d5:a9:87:06:46:36:8c:ca:93:6d:33:59:47:
a8:00:6f:32:a9:36:d5:08:42:f4:01:a1:0c:d6:c4:
9a:4a:ac:04:3b:82:a1:72:8b:fd:19:24:ce:b6:11:
f0:be:d9:71:24:64:67:cf:24:99:96:a0:29:35:b5:
df:60:c7:a4:87:90:93:5c:ff:1d:8d:40:b7:21:97:
92:de:b3:00:9f:a3:26:55:de:7a:3c:35:f4:27:22:
82:28:e6:ce:ba:54:64:29:7e:31:1a:1c:75:1a:a5:
51:62:a3:5e:bf:84:5c:6a:a0:f6:c7:fa:42:a6:00:
23:2b:33:24:4a:3c:91:c2:f8:06:35:70:c8:e6:1f:
18:ef:1f:20:58:aa:e4:4a:f5:ce:a0:f6:60:4b:b0:
aa:79:6f:56:92:67:75:62:bb:76:2f:e7:06:1d:f3:
de:24:21:2c:14:51:2a:2f:de:22:0c:ae:71:f7:de:
42:81:02:08:ab:a7:ea:ad:fd:d5:96:6f:68:32:ac:
3d:bb:21:66:ca:35:9d:73:83:03:33:ef:30:d7:e8:
8e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B9:D8:6B:9C:B5:D0:1D:19:17:0F:58:B7:F0:90:DE:D6:3B:4F:69
X509v3 Authority Key Identifier:
keyid:FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/ELnYa5y10B0ZFw9Yt_CQ3tY7T2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.196.0/23
188.214.194.0/24
IPv6:
2a06:f940::/48
Signature Algorithm: sha256WithRSAEncryption
96:9a:fb:d7:b1:e3:02:90:0b:ba:36:69:e9:94:25:9d:98:09:
d1:b6:04:cb:ea:40:19:fe:c0:a4:e5:f6:41:2b:ab:15:0d:43:
b0:32:ee:d6:d8:1a:c2:16:66:45:b1:00:d5:a6:90:12:ec:7c:
90:a1:4e:e2:8f:eb:aa:98:98:fd:f7:eb:91:35:05:f8:64:8d:
c5:18:9a:3b:7e:69:97:c1:a8:02:92:4a:89:07:ff:83:3d:18:
b2:3a:29:a6:45:fb:06:cc:4d:9e:13:2a:03:d7:5b:40:fa:a6:
fe:da:2e:a6:22:b4:ac:0a:27:af:52:af:bb:07:bd:93:27:c8:
34:e1:d5:19:43:e6:d0:e5:51:eb:ec:40:5f:b7:70:9a:a4:af:
09:03:40:05:8f:8c:9b:2f:24:2d:a2:52:51:34:9f:48:fe:90:
64:22:e4:74:4b:e5:be:5c:40:67:b7:f7:77:ed:b2:0e:30:f9:
ec:92:29:50:d8:dd:95:23:d4:1f:a7:dd:c2:39:cb:fc:cd:2a:
d7:da:b3:a9:d0:6f:84:e1:92:bf:d7:af:c8:09:a8:6f:9a:cf:
5b:3a:6d:b8:64:fc:ca:9f:8d:0c:ac:97:57:08:d4:a7:d7:91:
d2:e5:a4:b2:86:13:c5:38:df:6c:1e:2e:d9:95:af:7f:e2:19:
1e:c2:c4:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYz9UR2C/rVOsdHOr0eA2pOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMmFhNWFjZmM5YmIwZmU2YjkxMWYxZWNhZDNlYjU0ZDQ1
Y2IzNmYwHhcNMjQwMTEyMTA1NjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGI5ZDg2YjljYjVkMDFkMTkxNzBmNThiN2YwOTBkZWQ2M2I0ZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfrM2AUJld91GHNhiwJIaol9A+dx
Oh+T4HKc0Dy8cIO6/BKhv3obOd9sOWsPY9WphwZGNozKk20zWUeoAG8yqTbVCEL0
AaEM1sSaSqwEO4Khcov9GSTOthHwvtlxJGRnzySZlqApNbXfYMekh5CTXP8djUC3
IZeS3rMAn6MmVd56PDX0JyKCKObOulRkKX4xGhx1GqVRYqNev4RcaqD2x/pCpgAj
KzMkSjyRwvgGNXDI5h8Y7x8gWKrkSvXOoPZgS7CqeW9Wkmd1Yrt2L+cGHfPeJCEs
FFEqL94iDK5x995CgQIIq6fqrf3Vlm9oMqw9uyFmyjWdc4MDM+8w1+iOIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBC52GuctdAdGRcPWLfwkN7WO09pMB8GA1UdIwQY
MBaAFPsqpaz8m7D+a5EfHsrT61TUXLNvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15cWxyUHlic1A1cmtSOGV5dFByVk5SY3MyOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2
LWVlMDU3Y2Y5YzE2MS8xL0VMbllhNXkxMEIwWkZ3OVl0X0NRM3RZN1Qyay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2LWVlMDU3Y2Y5YzE2
MS8xLzEteXFsclB5YnNQNXJrUjhleXRQclZOUmNzMjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAG80MQD
BAC81sIwDwQCAAIwCQMHACoG+UAAADANBgkqhkiG9w0BAQsFAAOCAQEAlpr717Hj
ApALujZp6ZQlnZgJ0bYEy+pAGf7ApOX2QSurFQ1DsDLu1tgawhZmRbEA1aaQEux8
kKFO4o/rqpiY/ffrkTUF+GSNxRiaO35pl8GoApJKiQf/gz0YsjoppkX7BsxNnhMq
A9dbQPqm/toupiK0rAonr1Kvuwe9kyfINOHVGUPm0OVR6+xAX7dwmqSvCQNABY+M
my8kLaJSUTSfSP6QZCLkdEvlvlxAZ7f3d+2yDjD57JIpUNjdlSPUH6fdwjnL/M0q
19qzqdBvhOGSv9evyAmob5rPWzptuGT8yp+NDKyXVwjUp9eR0uWksoYTxTjfbB4u
2ZWvf+IZHsLEXw==
-----END CERTIFICATE-----
Generated at Mon Jan 15 14:32:55 2024 by rpki-client on console-ams.rpki-client.org