Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/aQMTIAmrL0lR57HhrGe_LxRkrH0.roa
File: aQMTIAmrL0lR57HhrGe_LxRkrH0.roa (raw, json)
Hash identifier: plDBn8h6Ibl94epeEnYPr455+/SkT0zOI2CTrM7x7DU=
Subject key identifier: 69:03:13:20:09:AB:2F:49:51:E7:B1:E1:AC:67:BF:2F:14:64:AC:7D
Certificate issuer: /CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Certificate serial: 01922E005D89FB22D53968AFE5A2960A9478
Authority key identifier: FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/aQMTIAmrL0lR57HhrGe_LxRkrH0.roa
Signing time: Thu 26 Sep 2024 11:03:48 +0000
ROA not before: Thu 26 Sep 2024 11:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 188.208.196.0/23 maxlen: 23
188.214.194.0/24 maxlen: 24
2a06:f940::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 09 Nov 2024 10:03:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2e:00:5d:89:fb:22:d5:39:68:af:e5:a2:96:0a:94:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Validity
Not Before: Sep 26 11:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6903132009ab2f4951e7b1e1ac67bf2f1464ac7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a9:40:a2:1a:1d:00:88:9f:d4:96:ec:e2:01:
82:74:2d:a8:59:8b:3b:80:f5:91:16:9e:88:b7:4e:
08:1d:24:e3:02:5a:13:e5:a2:b0:2b:ea:79:a2:ad:
1b:da:59:63:4f:31:ff:cd:35:65:1e:84:42:c8:d3:
12:f2:51:b5:02:d6:6a:c4:0d:d6:31:52:40:49:1a:
8b:88:95:ab:54:ab:fc:50:b2:29:54:6d:4f:5c:bf:
48:7c:ef:16:ed:3b:c4:b4:45:53:30:0b:72:89:6a:
d1:c7:5c:32:8d:08:c2:e6:67:23:c8:90:ed:06:29:
de:e1:6d:ec:31:4e:97:3c:c9:e9:8e:df:51:05:e8:
c8:ba:2c:96:6b:dd:17:23:26:0a:7d:28:15:43:3e:
8f:9b:4b:d3:f4:d6:c9:90:bb:a8:28:c6:de:52:87:
94:13:25:e6:86:fb:e1:c3:7b:46:6d:d1:d8:99:9e:
d7:a4:e8:2f:9d:01:c5:3f:f9:1d:61:83:d3:b7:86:
b0:b5:23:97:8a:af:33:fa:a7:e5:38:98:ab:0f:75:
fb:e5:0b:f1:22:eb:26:1d:7f:95:aa:31:2c:fc:70:
5d:38:bf:27:f4:6f:80:95:12:76:23:10:57:17:59:
8f:69:09:14:6d:49:50:7d:18:51:a9:2d:a6:7b:62:
af:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:03:13:20:09:AB:2F:49:51:E7:B1:E1:AC:67:BF:2F:14:64:AC:7D
X509v3 Authority Key Identifier:
keyid:FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/aQMTIAmrL0lR57HhrGe_LxRkrH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.196.0/23
188.214.194.0/24
IPv6:
2a06:f940::/48
Signature Algorithm: sha256WithRSAEncryption
c1:8e:b4:d9:21:b4:91:d2:23:f3:9c:04:50:de:b7:b9:0f:22:
c5:ef:5b:13:0c:9f:15:a5:c7:00:27:49:96:54:37:53:bb:07:
86:64:bb:68:21:45:0a:bd:6c:2d:12:5a:7a:3b:d2:12:29:81:
d7:a8:9f:c1:16:ce:92:80:6d:24:2a:52:08:87:0b:a9:db:03:
81:6c:fb:92:3f:fe:e8:3a:35:70:b9:f4:34:81:6a:e7:b0:e6:
ff:40:d1:35:7c:a4:de:f1:4b:c5:3b:fd:99:75:3b:4b:36:51:
43:d3:e6:9c:70:c3:14:72:83:87:e2:c8:74:cc:e4:57:cd:cb:
18:be:d3:2f:97:b5:65:ad:78:30:48:98:a0:c7:24:04:12:de:
b8:f8:7d:4b:97:3f:9f:ed:01:ff:83:19:24:e6:b4:fe:d2:fb:
bf:10:f7:9e:01:65:44:61:f5:22:a0:64:55:e4:54:77:af:3f:
7b:9c:06:9f:4a:6f:a6:0e:2c:b4:bb:42:6a:da:ca:5c:c0:eb:
a5:50:1a:15:d7:96:f3:75:35:62:75:b7:f0:2f:74:b5:55:0c:
2c:d9:f8:94:00:bc:89:9f:cd:bb:7d:94:fd:4e:f9:d6:5d:26:
69:79:37:7a:57:a4:1d:72:b1:b1:ae:98:36:c6:1a:04:26:6f:
6f:e3:b9:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZIuAF2J+yLVOWiv5aKWCpR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMmFhNWFjZmM5YmIwZmU2YjkxMWYxZWNhZDNlYjU0ZDQ1
Y2IzNmYwHhcNMjQwOTI2MTEwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTAzMTMyMDA5YWIyZjQ5NTFlN2IxZTFhYzY3YmYyZjE0NjRhYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6lAohodAIif1Jbs4gGCdC2oWYs7
gPWRFp6It04IHSTjAloT5aKwK+p5oq0b2lljTzH/zTVlHoRCyNMS8lG1AtZqxA3W
MVJASRqLiJWrVKv8ULIpVG1PXL9IfO8W7TvEtEVTMAtyiWrRx1wyjQjC5mcjyJDt
Bine4W3sMU6XPMnpjt9RBejIuiyWa90XIyYKfSgVQz6Pm0vT9NbJkLuoKMbeUoeU
EyXmhvvhw3tGbdHYmZ7XpOgvnQHFP/kdYYPTt4awtSOXiq8z+qflOJirD3X75Qvx
IusmHX+VqjEs/HBdOL8n9G+AlRJ2IxBXF1mPaQkUbUlQfRhRqS2me2KvOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGkDEyAJqy9JUeex4axnvy8UZKx9MB8GA1UdIwQY
MBaAFPsqpaz8m7D+a5EfHsrT61TUXLNvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15cWxyUHlic1A1cmtSOGV5dFByVk5SY3MyOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2
LWVlMDU3Y2Y5YzE2MS8xL2FRTVRJQW1yTDBsUjU3SGhyR2VfTHhSa3JIMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2LWVlMDU3Y2Y5YzE2
MS8xLzEteXFsclB5YnNQNXJrUjhleXRQclZOUmNzMjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAG80MQD
BAC81sIwDwQCAAIwCQMHACoG+UAAADANBgkqhkiG9w0BAQsFAAOCAQEAwY602SG0
kdIj85wEUN63uQ8ixe9bEwyfFaXHACdJllQ3U7sHhmS7aCFFCr1sLRJaejvSEimB
16ifwRbOkoBtJCpSCIcLqdsDgWz7kj/+6Do1cLn0NIFq57Dm/0DRNXyk3vFLxTv9
mXU7SzZRQ9PmnHDDFHKDh+LIdMzkV83LGL7TL5e1Za14MEiYoMckBBLeuPh9S5c/
n+0B/4MZJOa0/tL7vxD3ngFlRGH1IqBkVeRUd68/e5wGn0pvpg4stLtCatrKXMDr
pVAaFdeW83U1YnW38C90tVUMLNn4lAC8iZ/Nu32U/U751l0maXk3elekHXKxsa6Y
NsYaBCZvb+O57g==
-----END CERTIFICATE-----
Generated at Sat Nov 9 12:52:35 2024 by rpki-client on console-ams.rpki-client.org