Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/IMEDB1oV48NlhkMuT-XGJTOg-Yg.roa
File: IMEDB1oV48NlhkMuT-XGJTOg-Yg.roa (raw, json)
Hash identifier: ur9+mI86AWFFOvD9PW6oUPsl9H1Q+uNVvDWi/GdHJQ4=
Subject key identifier: 20:C1:03:07:5A:15:E3:C3:65:86:43:2E:4F:E5:C6:25:33:A0:F9:88
Certificate issuer: /CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Certificate serial: 018CCA2A1B8D8FCF3CFEA2D23F121FFEDA83
Authority key identifier: FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/IMEDB1oV48NlhkMuT-XGJTOg-Yg.roa
Signing time: Tue 02 Jan 2024 12:33:26 +0000
ROA not before: Tue 02 Jan 2024 12:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 188.208.196.0/23 maxlen: 23
188.214.194.0/24 maxlen: 24
2a06:f940::/48 maxlen: 48
2a06:f940:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Jan 2024 10:40:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:1b:8d:8f:cf:3c:fe:a2:d2:3f:12:1f:fe:da:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Validity
Not Before: Jan 2 12:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20c103075a15e3c36586432e4fe5c62533a0f988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:82:ec:b5:37:dc:a1:d6:62:6d:68:cb:9d:a7:
74:b3:2a:c8:1f:5c:c7:46:22:a4:8c:8b:fe:9e:12:
82:65:ca:2c:aa:0b:f8:7a:c4:f6:f1:25:62:2f:57:
ca:59:47:a9:a2:d8:93:0f:93:36:51:4b:bd:e4:ee:
8c:73:fa:ea:ab:ab:99:08:f1:70:17:8d:1d:e4:ed:
ce:88:51:5b:c0:7b:a2:21:98:7b:5f:5a:a7:5c:04:
2f:cd:f1:05:ae:e2:da:62:84:25:84:14:3d:50:45:
2c:2a:78:82:29:29:1c:9f:06:ae:e9:4e:a2:ff:e8:
39:99:6f:95:b7:6f:fb:37:99:8f:49:c4:03:4b:83:
1d:94:ac:9b:20:03:ec:2d:5d:b2:bf:13:98:e7:6c:
ae:33:38:77:ae:be:b0:01:fe:2f:88:49:8b:15:7d:
38:d2:0f:33:59:81:29:fc:68:e1:05:aa:3a:8b:73:
89:54:c3:22:64:47:3f:a5:3a:72:ae:75:3f:70:41:
cb:c9:12:40:e2:13:4a:c8:f1:0d:2f:44:a3:60:bb:
0c:60:9d:31:f3:12:ef:ef:bf:fa:83:d0:de:38:a7:
b8:25:d1:f6:7a:fd:b9:87:03:77:c8:ad:5a:af:cd:
c7:dd:d3:ab:64:b9:f5:f8:31:2f:ed:d4:8c:13:c7:
a8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C1:03:07:5A:15:E3:C3:65:86:43:2E:4F:E5:C6:25:33:A0:F9:88
X509v3 Authority Key Identifier:
keyid:FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/IMEDB1oV48NlhkMuT-XGJTOg-Yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.196.0/23
188.214.194.0/24
IPv6:
2a06:f940::/47
Signature Algorithm: sha256WithRSAEncryption
1b:9c:05:6f:59:a7:88:54:4c:83:35:1b:28:7d:d9:98:74:ba:
da:a2:5d:67:55:39:70:62:9b:56:1c:0c:4f:05:2a:ed:d9:73:
44:1f:a0:8f:7c:d9:b2:ed:43:c0:73:79:6c:83:0f:87:77:74:
bb:80:25:db:c5:1f:2d:95:3a:ed:48:e7:e3:9e:8f:49:db:f9:
04:98:a6:32:b4:f8:c5:5a:8c:e3:28:76:9e:d6:55:5f:29:37:
39:37:5d:f0:d2:e2:76:1a:93:07:91:6d:2d:37:9b:4f:cb:f6:
30:db:fa:5b:7b:79:84:65:a4:5a:d0:09:31:f4:d4:cd:35:17:
23:02:21:77:93:17:9b:35:d3:8a:89:9a:99:1a:dc:94:af:e8:
aa:7f:21:81:ee:d4:b0:dc:25:62:6e:48:ef:2c:9e:0e:6f:d8:
87:61:18:6c:88:1d:90:05:73:dc:e7:45:a7:6c:9d:f6:ef:4b:
50:4a:d0:e8:0d:ed:e7:d3:9a:5b:a5:01:44:a1:37:57:03:19:
0c:16:9b:03:0b:86:0c:6b:d0:6d:8d:b8:5d:16:86:fe:53:8e:
d4:a9:95:d8:dd:50:84:23:15:58:57:f9:4e:e4:e8:26:af:91:
ff:36:19:d8:be:5c:35:87:91:28:1f:26:5b:65:67:35:37:3c:
b6:53:23:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzKKhuNj888/qLSPxIf/tqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMmFhNWFjZmM5YmIwZmU2YjkxMWYxZWNhZDNlYjU0ZDQ1
Y2IzNmYwHhcNMjQwMTAyMTIzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGMxMDMwNzVhMTVlM2MzNjU4NjQzMmU0ZmU1YzYyNTMzYTBmOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioLstTfcodZibWjLnad0syrIH1zH
RiKkjIv+nhKCZcosqgv4esT28SViL1fKWUepotiTD5M2UUu95O6Mc/rqq6uZCPFw
F40d5O3OiFFbwHuiIZh7X1qnXAQvzfEFruLaYoQlhBQ9UEUsKniCKSkcnwau6U6i
/+g5mW+Vt2/7N5mPScQDS4MdlKybIAPsLV2yvxOY52yuMzh3rr6wAf4viEmLFX04
0g8zWYEp/GjhBao6i3OJVMMiZEc/pTpyrnU/cEHLyRJA4hNKyPENL0SjYLsMYJ0x
8xLv77/6g9DeOKe4JdH2ev25hwN3yK1ar83H3dOrZLn1+DEv7dSME8eoNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDBAwdaFePDZYZDLk/lxiUzoPmIMB8GA1UdIwQY
MBaAFPsqpaz8m7D+a5EfHsrT61TUXLNvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15cWxyUHlic1A1cmtSOGV5dFByVk5SY3MyOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2
LWVlMDU3Y2Y5YzE2MS8xL0lNRURCMW9WNDhObGhrTXVULVhHSlRPZy1ZZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2LWVlMDU3Y2Y5YzE2
MS8xLzEteXFsclB5YnNQNXJrUjhleXRQclZOUmNzMjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAG80MQD
BAC81sIwDwQCAAIwCQMHASoG+UAAADANBgkqhkiG9w0BAQsFAAOCAQEAG5wFb1mn
iFRMgzUbKH3ZmHS62qJdZ1U5cGKbVhwMTwUq7dlzRB+gj3zZsu1DwHN5bIMPh3d0
u4Al28UfLZU67Ujn456PSdv5BJimMrT4xVqM4yh2ntZVXyk3OTdd8NLidhqTB5Ft
LTebT8v2MNv6W3t5hGWkWtAJMfTUzTUXIwIhd5MXmzXTiomamRrclK/oqn8hge7U
sNwlYm5I7yyeDm/Yh2EYbIgdkAVz3OdFp2yd9u9LUErQ6A3t59OaW6UBRKE3VwMZ
DBabAwuGDGvQbY24XRaG/lOO1KmV2N1QhCMVWFf5TuToJq+R/zYZ2L5cNYeRKB8m
W2VnNTc8tlMjfg==
-----END CERTIFICATE-----
Generated at Fri Jan 12 14:08:55 2024 by rpki-client on console-fra.rpki-client.org