Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/dcc48f-cfcc-4a58-a6d0-29b68e048a9e/1/MvuyYJzRc6G0yH1Zss-yoUiyAqo.roa
File: MvuyYJzRc6G0yH1Zss-yoUiyAqo.roa (raw, json)
Hash identifier: VkYYpypTAn+ZhIJmpJIZOeaShtI3aJekq5tKYvDKjeE=
Subject key identifier: 32:FB:B2:60:9C:D1:73:A1:B4:C8:7D:59:B2:CF:B2:A1:48:B2:02:AA
Certificate issuer: /CN=3780e7868fbb2617175062a5e7b9e1c049cbdf74
Certificate serial: 0193D4B3A29334EF947FB7D4AA8DAFD05049
Authority key identifier: 37:80:E7:86:8F:BB:26:17:17:50:62:A5:E7:B9:E1:C0:49:CB:DF:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N4Dnho-7JhcXUGKl57nhwEnL33Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/dcc48f-cfcc-4a58-a6d0-29b68e048a9e/1/MvuyYJzRc6G0yH1Zss-yoUiyAqo.roa
Signing time: Tue 17 Dec 2024 12:59:22 +0000
ROA not before: Tue 17 Dec 2024 12:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207744
IP address blocks: 188.190.192.0/19 maxlen: 19
188.190.200.0/22 maxlen: 22
188.190.204.0/22 maxlen: 22
188.190.208.0/22 maxlen: 22
188.190.212.0/22 maxlen: 22
188.190.217.0/24 maxlen: 24
188.190.222.0/24 maxlen: 24
188.190.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:b3:a2:93:34:ef:94:7f:b7:d4:aa:8d:af:d0:50:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3780e7868fbb2617175062a5e7b9e1c049cbdf74
Validity
Not Before: Dec 17 12:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32fbb2609cd173a1b4c87d59b2cfb2a148b202aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0a:66:67:ad:d5:47:5b:b4:1e:41:67:b2:b3:
fb:f0:0f:59:1e:90:6c:9d:f3:9d:92:0e:1f:8b:41:
14:63:d7:7a:70:ef:7d:f8:4c:5f:fe:a7:a6:ac:08:
7c:a6:d0:0a:a6:23:0e:fb:9f:40:61:58:be:4c:96:
7c:a7:1c:7b:34:5d:8e:b6:6c:61:8a:f3:98:ff:9f:
7f:20:a9:e2:91:8c:47:b9:02:97:4f:a8:47:26:09:
d7:4c:91:68:fb:40:4c:ee:42:7b:2f:75:42:af:34:
e2:0d:95:2a:91:8c:6c:95:ba:69:28:dc:93:8a:ac:
fb:ca:8f:a4:89:d6:42:6b:b3:31:51:88:4f:2f:92:
f1:c4:4c:dc:61:b1:cc:1f:69:a8:ac:28:8e:34:87:
77:85:6a:3b:7e:74:70:91:f9:a2:95:16:d4:69:77:
a9:93:45:26:4d:07:61:cd:54:99:e0:e9:1d:18:3f:
1d:6a:32:59:13:df:1f:07:48:0f:28:34:3a:ca:3b:
6d:5f:2a:29:71:e3:ab:3a:6e:08:23:f3:0f:c9:75:
c7:f3:20:94:a6:5a:79:65:9d:55:d6:b0:49:c1:35:
c6:d8:d7:72:2e:64:d2:10:8d:ea:35:31:6c:2a:e0:
46:37:31:23:92:b1:bb:3a:ab:6d:f4:fd:cb:91:d6:
bc:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:FB:B2:60:9C:D1:73:A1:B4:C8:7D:59:B2:CF:B2:A1:48:B2:02:AA
X509v3 Authority Key Identifier:
keyid:37:80:E7:86:8F:BB:26:17:17:50:62:A5:E7:B9:E1:C0:49:CB:DF:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N4Dnho-7JhcXUGKl57nhwEnL33Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/dcc48f-cfcc-4a58-a6d0-29b68e048a9e/1/MvuyYJzRc6G0yH1Zss-yoUiyAqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/dcc48f-cfcc-4a58-a6d0-29b68e048a9e/1/N4Dnho-7JhcXUGKl57nhwEnL33Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.192.0/19
Signature Algorithm: sha256WithRSAEncryption
31:a7:b7:b5:2f:3d:ce:a3:09:f5:f2:be:80:f1:8a:ee:a2:51:
ca:17:bc:fe:10:e7:e9:9e:26:01:19:f7:9f:61:e7:27:0c:e0:
32:26:96:c8:e0:57:a7:a9:96:d0:83:a9:99:5b:1b:b6:75:fd:
b2:7c:27:86:c1:c9:7d:6e:cb:0e:fc:02:74:17:98:dd:a7:64:
83:58:57:ff:f3:ae:7c:41:cf:63:ec:19:2c:43:be:a4:c0:96:
8a:9e:53:76:3b:15:b8:2c:cb:e3:8f:d9:43:f4:a2:c5:e3:1d:
fc:a7:7a:9f:25:00:be:6a:57:33:87:7d:9f:f1:e8:43:ea:1f:
c7:54:ed:5c:e1:1e:70:d1:25:40:10:0a:14:ad:27:95:18:c7:
c5:87:39:94:a7:a1:58:2d:f7:ed:77:3c:0b:c9:43:95:66:af:
0e:4e:b6:1a:a7:9c:f5:4b:90:93:7b:53:21:8e:ac:f5:87:98:
be:2b:41:a6:71:fe:13:7e:15:a7:0b:20:75:67:0f:a2:c9:6a:
59:f0:c1:fb:a9:cb:ac:43:07:30:c2:46:74:06:b1:82:93:9a:
c9:88:71:9a:99:92:22:dc:75:bc:f3:f6:15:d9:83:93:6d:2e:
f4:3f:94:a2:77:8b:59:0f:d6:d4:bc:40:42:26:d2:ca:d6:40:
de:e2:74:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPUs6KTNO+Uf7fUqo2v0FBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ODBlNzg2OGZiYjI2MTcxNzUwNjJhNWU3YjllMWMwNDlj
YmRmNzQwHhcNMjQxMjE3MTI1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmZiYjI2MDljZDE3M2ExYjRjODdkNTliMmNmYjJhMTQ4YjIwMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQpmZ63VR1u0HkFnsrP78A9ZHpBs
nfOdkg4fi0EUY9d6cO99+Exf/qemrAh8ptAKpiMO+59AYVi+TJZ8pxx7NF2Otmxh
ivOY/59/IKnikYxHuQKXT6hHJgnXTJFo+0BM7kJ7L3VCrzTiDZUqkYxslbppKNyT
iqz7yo+kidZCa7MxUYhPL5LxxEzcYbHMH2morCiONId3hWo7fnRwkfmilRbUaXep
k0UmTQdhzVSZ4OkdGD8dajJZE98fB0gPKDQ6yjttXyopceOrOm4II/MPyXXH8yCU
plp5ZZ1V1rBJwTXG2NdyLmTSEI3qNTFsKuBGNzEjkrG7Oqtt9P3Lkda8iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDL7smCc0XOhtMh9WbLPsqFIsgKqMB8GA1UdIwQY
MBaAFDeA54aPuyYXF1Bipee54cBJy990MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjREbmhvLTdKaGNYVUdLbDU3bmh3RW5MMzNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kY2M0OGYtY2ZjYy00YTU4LWE2ZDAt
MjliNjhlMDQ4YTllLzEvTXZ1eVlKelJjNkcweUgxWnNzLXlvVWl5QXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kY2M0OGYtY2ZjYy00YTU4LWE2ZDAtMjliNjhlMDQ4YTll
LzEvTjREbmhvLTdKaGNYVUdLbDU3bmh3RW5MMzNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFvL7AMA0G
CSqGSIb3DQEBCwUAA4IBAQAxp7e1Lz3Oown18r6A8YruolHKF7z+EOfpniYBGfef
YecnDOAyJpbI4FenqZbQg6mZWxu2df2yfCeGwcl9bssO/AJ0F5jdp2SDWFf/8658
Qc9j7BksQ76kwJaKnlN2OxW4LMvjj9lD9KLF4x38p3qfJQC+alczh32f8ehD6h/H
VO1c4R5w0SVAEAoUrSeVGMfFhzmUp6FYLfftdzwLyUOVZq8OTrYap5z1S5CTe1Mh
jqz1h5i+K0Gmcf4TfhWnCyB1Zw+iyWpZ8MH7qcusQwcwwkZ0BrGCk5rJiHGamZIi
3HW88/YV2YOTbS70P5Sid4tZD9bUvEBCJtLK1kDe4nTs
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:23:17 2025 by rpki-client