Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/Cs_yV6ij7o7xquzzh-c6ebv1HKQ.roa
File: Cs_yV6ij7o7xquzzh-c6ebv1HKQ.roa (raw, json)
Hash identifier: 1Yt5SHXppHWFJQ9VszzIIrHKlsw6PwjhVoMzEZCLMRI=
Subject key identifier: 0A:CF:F2:57:A8:A3:EE:8E:F1:AA:EC:F3:87:E7:3A:79:BB:F5:1C:A4
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 0189C53257771F7AC32289DC4EE3F22370E6
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/Cs_yV6ij7o7xquzzh-c6ebv1HKQ.roa
Signing time: Sat 05 Aug 2023 10:15:57 +0000
ROA not before: Sat 05 Aug 2023 10:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56407
IP address blocks: 188.190.136.0/21 maxlen: 21
188.190.144.0/21 maxlen: 21
188.190.152.0/22 maxlen: 22
188.190.156.0/22 maxlen: 22
188.190.128.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c5:32:57:77:1f:7a:c3:22:89:dc:4e:e3:f2:23:70:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Aug 5 10:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0acff257a8a3ee8ef1aaecf387e73a79bbf51ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ef:29:e9:b8:76:6e:35:bc:7a:3e:10:25:d4:
90:5e:72:55:23:6d:70:59:da:4a:a0:86:6b:8c:e8:
e3:16:80:50:a8:94:db:44:4d:1c:4e:4e:10:64:80:
ba:1c:c1:df:59:1c:46:c5:6f:59:5b:a3:f0:1a:e5:
2e:17:5c:2d:64:e3:0c:d4:a1:62:0b:83:b8:0c:ac:
d1:cd:a5:aa:61:37:38:1b:fe:a3:d4:5a:e6:8b:cc:
b9:a9:de:06:95:ba:5f:f6:11:19:bd:0c:00:03:0a:
65:e7:cb:ec:83:7a:7b:97:28:d5:4b:02:90:8a:6f:
cf:ca:ca:19:78:5c:bb:92:5c:98:0f:73:5f:93:ad:
a0:99:31:92:c8:35:7b:39:73:26:55:78:7d:6e:b3:
05:55:90:07:95:c9:67:cc:40:de:5b:07:88:0a:c4:
a9:9c:9e:7c:d7:2f:a8:c7:1a:1f:ec:96:55:8a:12:
26:36:92:9c:5f:34:08:f2:a9:aa:db:6e:15:d1:5f:
b9:e1:94:3e:6c:06:c3:17:45:8a:4a:23:7d:75:cd:
46:b1:d5:08:63:51:01:0c:4b:7a:8c:e6:01:05:3b:
5b:75:5d:05:f4:fc:09:d9:d7:8e:b5:64:71:2b:03:
36:4b:c7:26:14:03:c9:3b:7c:bf:78:21:b8:f9:6a:
11:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CF:F2:57:A8:A3:EE:8E:F1:AA:EC:F3:87:E7:3A:79:BB:F5:1C:A4
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/Cs_yV6ij7o7xquzzh-c6ebv1HKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.128.0/19
Signature Algorithm: sha256WithRSAEncryption
7f:54:88:31:0a:12:8d:87:5c:52:67:28:fd:9e:09:e8:62:00:
45:f5:75:78:94:e8:93:fc:9f:3f:38:d4:fe:8d:65:56:02:fa:
d2:ef:bd:09:a7:20:5a:76:c0:8c:7c:8e:e2:7c:5c:3e:42:48:
8a:0d:31:1b:5e:12:0a:4c:c2:58:1a:9f:b2:96:18:c3:f2:e4:
d3:95:a8:5f:5a:94:84:2c:37:12:3e:e4:77:91:0e:58:42:b3:
bc:af:d3:c8:49:9f:c8:ca:65:8b:58:e9:06:fd:be:e4:51:08:
41:0c:2a:a0:c6:7c:f4:fe:83:b2:14:1c:ba:46:7a:07:7c:e8:
b2:6b:07:bd:a4:4d:22:21:3e:54:7a:5f:9d:63:a2:3e:05:e9:
bd:06:cc:86:91:0f:4a:d4:9e:ff:45:0e:86:c6:6b:96:1c:df:
2c:4d:cb:87:de:a3:83:5c:c1:eb:3e:ba:a6:04:49:f7:c3:de:
14:30:fa:b8:31:4d:88:53:fd:53:4b:72:5b:67:4f:b0:c0:4c:
0d:6c:37:f8:9f:30:fd:d6:91:10:70:40:0a:e5:8d:11:c9:47:
38:46:80:6e:6a:7f:0d:7a:7c:3c:c9:2a:37:96:bf:a9:fa:f9:
e8:b0:40:1b:bd:72:65:be:22:19:34:b1:8a:a1:b9:b9:91:03:
5c:f6:de:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnFMld3H3rDIoncTuPyI3DmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjMwODA1MTAxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWNmZjI1N2E4YTNlZThlZjFhYWVjZjM4N2U3M2E3OWJiZjUxY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApe8p6bh2bjW8ej4QJdSQXnJVI21w
WdpKoIZrjOjjFoBQqJTbRE0cTk4QZIC6HMHfWRxGxW9ZW6PwGuUuF1wtZOMM1KFi
C4O4DKzRzaWqYTc4G/6j1Frmi8y5qd4Glbpf9hEZvQwAAwpl58vsg3p7lyjVSwKQ
im/PysoZeFy7klyYD3Nfk62gmTGSyDV7OXMmVXh9brMFVZAHlclnzEDeWweICsSp
nJ581y+oxxof7JZVihImNpKcXzQI8qmq224V0V+54ZQ+bAbDF0WKSiN9dc1GsdUI
Y1EBDEt6jOYBBTtbdV0F9PwJ2deOtWRxKwM2S8cmFAPJO3y/eCG4+WoRxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArP8leoo+6O8ars84fnOnm79RykMB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEvQ3NfeVY2aWo3bzd4cXV6emgtYzZlYnYxSEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFvL6AMA0G
CSqGSIb3DQEBCwUAA4IBAQB/VIgxChKNh1xSZyj9ngnoYgBF9XV4lOiT/J8/ONT+
jWVWAvrS770JpyBadsCMfI7ifFw+QkiKDTEbXhIKTMJYGp+ylhjD8uTTlahfWpSE
LDcSPuR3kQ5YQrO8r9PISZ/IymWLWOkG/b7kUQhBDCqgxnz0/oOyFBy6RnoHfOiy
awe9pE0iIT5Uel+dY6I+Bem9BsyGkQ9K1J7/RQ6GxmuWHN8sTcuH3qODXMHrPrqm
BEn3w94UMPq4MU2IU/1TS3JbZ0+wwEwNbDf4nzD91pEQcEAK5Y0RyUc4RoBuan8N
enw8ySo3lr+p+vnosEAbvXJlviIZNLGKobm5kQNc9t6T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:38 2024 by rpki-client on console-ams.rpki-client.org