Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/a5yMtY3LvCBkcC7FT9B9rukRsRU.roa
File: a5yMtY3LvCBkcC7FT9B9rukRsRU.roa (raw, json)
Hash identifier: 3nmOOE3EPSmysxfdgw7SsQZ27aAgZ0ucNesszVwLvmA=
Subject key identifier: 6B:9C:8C:B5:8D:CB:BC:20:64:70:2E:C5:4F:D0:7D:AE:E9:11:B1:15
Certificate issuer: /CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Certificate serial: 018A9406D44D8AB88D97F12FA907876CE2D3
Authority key identifier: FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/a5yMtY3LvCBkcC7FT9B9rukRsRU.roa
Signing time: Thu 14 Sep 2023 14:09:50 +0000
ROA not before: Thu 14 Sep 2023 14:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203466
IP address blocks: 188.208.196.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 21 Sep 2023 11:34:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:94:06:d4:4d:8a:b8:8d:97:f1:2f:a9:07:87:6c:e2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Validity
Not Before: Sep 14 14:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b9c8cb58dcbbc2064702ec54fd07daee911b115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d2:fa:bf:c3:d4:cd:cc:f5:14:f1:b9:42:4f:
54:f0:7e:d9:d6:2c:e8:30:d8:92:3f:b1:59:b9:5c:
1d:b7:bf:2f:27:07:69:4d:77:c3:24:fd:5b:f8:db:
df:56:1e:ff:69:61:93:39:8d:d0:b3:c6:90:f7:f2:
e4:09:a8:fe:2d:b6:9a:94:14:b5:ae:30:9d:a7:56:
2b:f3:35:13:6f:8c:06:d7:86:e7:58:c5:bb:f6:ec:
92:dd:05:52:44:34:b8:d4:e4:ec:c5:3f:d8:af:1d:
be:75:0b:5c:ba:80:33:e9:ce:e4:0c:be:ed:a0:ab:
67:c9:ba:09:e7:95:94:ff:7e:57:58:91:7c:bf:db:
90:da:fd:f2:5e:f0:0f:2a:9a:16:4c:33:3d:26:be:
b9:ce:3e:ac:a7:a3:f1:cf:e8:0b:24:ac:ae:09:a6:
9b:d2:01:d5:9f:71:9c:a7:76:5e:c2:83:8b:78:32:
26:c9:91:9b:3a:27:cb:1e:cf:a1:c2:22:97:9b:4c:
87:1d:00:2f:61:f1:24:25:56:a8:a9:1b:6f:3b:7f:
c9:0c:79:4f:7f:fd:cf:60:f7:95:65:27:f5:cf:bf:
96:49:7a:13:87:e2:e1:be:40:ea:d0:f9:f0:61:78:
9a:35:4b:f5:76:9d:02:cf:5b:d2:d9:54:19:8a:f3:
d5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9C:8C:B5:8D:CB:BC:20:64:70:2E:C5:4F:D0:7D:AE:E9:11:B1:15
X509v3 Authority Key Identifier:
keyid:FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/a5yMtY3LvCBkcC7FT9B9rukRsRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.196.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:91:7e:50:bb:04:5d:2d:d4:43:d3:df:ef:1e:b1:4e:d8:e9:
d0:dd:f4:1d:16:9e:f0:b7:81:46:8d:ac:90:3e:0b:59:f1:9a:
1c:43:56:0d:28:5a:61:96:d7:a6:0b:65:95:db:68:bb:1c:95:
c4:68:b1:ba:a8:d7:c9:49:3c:cf:2a:83:a7:bf:fc:f3:69:98:
ee:02:30:5e:02:20:df:31:2d:11:6b:5c:0b:81:ac:99:dd:2e:
02:fb:82:e1:38:9f:65:28:45:58:a5:46:b1:45:53:5d:99:23:
8c:7c:24:b7:4f:27:6b:95:04:ad:a1:13:9e:ec:16:53:d6:d2:
78:15:cb:bd:b5:e0:ae:59:51:77:36:0b:db:9d:23:f1:d3:86:
a9:97:42:1c:e7:e1:75:f5:4b:4b:f0:f9:e4:a3:f1:77:0a:22:
a4:e9:6c:84:63:4c:bc:05:6f:76:8c:db:30:36:8b:e0:ab:72:
59:32:6b:71:64:63:4a:25:bf:0c:1d:80:43:6e:59:b2:9c:b0:
b3:99:9f:d1:f2:bb:39:27:df:ff:a3:73:7e:84:6b:dd:35:fd:
ea:5a:9d:6f:69:d4:11:52:00:62:73:1e:bd:cf:52:cc:ac:1b:
6a:57:6d:a7:cd:b2:2b:aa:4e:1b:95:c6:6e:8b:35:0f:b2:7c:
e8:49:78:e2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYqUBtRNiriNl/EvqQeHbOLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMmFhNWFjZmM5YmIwZmU2YjkxMWYxZWNhZDNlYjU0ZDQ1
Y2IzNmYwHhcNMjMwOTE0MTQwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjljOGNiNThkY2JiYzIwNjQ3MDJlYzU0ZmQwN2RhZWU5MTFiMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdL6v8PUzcz1FPG5Qk9U8H7Z1izo
MNiSP7FZuVwdt78vJwdpTXfDJP1b+NvfVh7/aWGTOY3Qs8aQ9/LkCaj+LbaalBS1
rjCdp1Yr8zUTb4wG14bnWMW79uyS3QVSRDS41OTsxT/Yrx2+dQtcuoAz6c7kDL7t
oKtnyboJ55WU/35XWJF8v9uQ2v3yXvAPKpoWTDM9Jr65zj6sp6Pxz+gLJKyuCaab
0gHVn3Gcp3ZewoOLeDImyZGbOifLHs+hwiKXm0yHHQAvYfEkJVaoqRtvO3/JDHlP
f/3PYPeVZSf1z7+WSXoTh+LhvkDq0PnwYXiaNUv1dp0Cz1vS2VQZivPVmQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGucjLWNy7wgZHAuxU/Qfa7pEbEVMB8GA1UdIwQY
MBaAFPsqpaz8m7D+a5EfHsrT61TUXLNvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15cWxyUHlic1A1cmtSOGV5dFByVk5SY3MyOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2
LWVlMDU3Y2Y5YzE2MS8xL2E1eU10WTNMdkNCa2NDN0ZUOUI5cnVrUnNSVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2LWVlMDU3Y2Y5YzE2
MS8xLzEteXFsclB5YnNQNXJrUjhleXRQclZOUmNzMjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG80MQw
DQYJKoZIhvcNAQELBQADggEBAJyRflC7BF0t1EPT3+8esU7Y6dDd9B0WnvC3gUaN
rJA+C1nxmhxDVg0oWmGW16YLZZXbaLsclcRosbqo18lJPM8qg6e//PNpmO4CMF4C
IN8xLRFrXAuBrJndLgL7guE4n2UoRVilRrFFU12ZI4x8JLdPJ2uVBK2hE57sFlPW
0ngVy7214K5ZUXc2C9udI/HThqmXQhzn4XX1S0vw+eSj8XcKIqTpbIRjTLwFb3aM
2zA2i+Crclkya3FkY0olvwwdgENuWbKcsLOZn9Hyuzkn3/+jc36Ea901/epanW9p
1BFSAGJzHr3PUsysG2pXbafNsiuqThuVxm6LNQ+yfOhJeOI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org