Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/TCowzPe7mF8kwgeQoMeytlAJQiA.roa
File: TCowzPe7mF8kwgeQoMeytlAJQiA.roa (raw, json)
Hash identifier: bDUfhmvlLK+Y3KK+Rel2RMV0KKCHQtLQeMa+uq4pK50=
Subject key identifier: 4C:2A:30:CC:F7:BB:98:5F:24:C2:07:90:A0:C7:B2:B6:50:09:42:20
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 018B18E580F2E80AB2E936C48502DDF312FF
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/TCowzPe7mF8kwgeQoMeytlAJQiA.roa
Signing time: Tue 10 Oct 2023 09:22:55 +0000
ROA not before: Tue 10 Oct 2023 09:22:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48716
IP address blocks: 188.225.31.0/24 maxlen: 24
2a03:6f06::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:18:e5:80:f2:e8:0a:b2:e9:36:c4:85:02:dd:f3:12:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Oct 10 09:22:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c2a30ccf7bb985f24c20790a0c7b2b650094220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ad:55:a8:d3:84:79:6d:97:52:eb:d3:ab:1a:
23:37:fd:c4:c6:30:48:eb:84:66:a9:5e:d1:9d:3c:
bd:45:8e:c4:4a:1b:79:44:2e:d7:26:04:e3:a8:f7:
47:87:0b:61:e2:99:c5:37:01:46:8e:61:db:b6:0c:
ac:43:49:6e:32:3c:e9:88:eb:e3:2e:f9:51:54:de:
44:a7:8c:db:42:09:6c:05:2a:6d:4d:9f:14:bb:bf:
a0:be:95:ae:6e:42:8e:30:06:51:4d:d9:83:9b:30:
86:e1:6a:80:92:ac:5f:ad:1f:ac:1b:dd:39:f0:c7:
45:af:dd:61:b0:d7:7c:1d:13:83:8e:94:ed:2a:ec:
41:69:c5:1f:01:09:ab:1e:b6:61:34:ca:cf:95:eb:
6d:0d:3d:16:f3:28:86:af:70:d6:ae:42:99:6c:f6:
5a:69:ad:8c:33:14:91:e4:92:8a:61:9a:14:4d:28:
14:16:e3:d3:db:b1:ae:36:2e:ed:07:bc:b8:00:11:
84:3f:37:63:37:19:a9:db:6e:a7:78:50:60:6d:69:
d4:2d:f5:c6:76:3e:82:7d:a1:44:a9:85:0b:98:b1:
b3:5a:66:7f:c4:9b:c5:34:a3:43:32:2d:78:fb:e9:
ce:4f:ee:d9:d6:ba:c4:af:30:09:d6:50:50:0d:b9:
67:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:2A:30:CC:F7:BB:98:5F:24:C2:07:90:A0:C7:B2:B6:50:09:42:20
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/TCowzPe7mF8kwgeQoMeytlAJQiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.225.31.0/24
IPv6:
2a03:6f06::/32
Signature Algorithm: sha256WithRSAEncryption
18:e5:23:a7:4f:b6:73:c1:ab:8c:38:53:23:89:14:c7:0b:e8:
ad:20:3a:b5:73:da:ae:31:13:cd:48:4f:a5:d2:a2:db:0d:80:
ee:81:01:9b:18:84:4d:cb:ef:b3:57:36:fd:84:5f:bc:7d:92:
7d:74:6e:2f:23:01:cd:54:db:fb:ff:c1:ce:45:90:ce:ec:a5:
2d:3f:48:98:42:e6:c8:4d:1a:7b:b6:ec:90:e3:96:5f:0d:85:
67:4b:58:b9:48:6d:13:23:cd:9b:32:0c:73:96:3a:ad:f9:1c:
ec:9f:84:1e:3b:80:46:5f:a0:64:cd:cf:ea:21:eb:d3:87:10:
7e:b0:bb:73:42:d9:c3:25:0d:39:9e:d6:e2:18:8d:46:62:ba:
dd:55:0d:24:61:6a:b5:33:0f:9d:ed:a8:ab:26:c7:89:bb:dc:
8b:13:82:3e:a9:eb:a9:fe:70:99:c9:20:04:26:51:bc:b2:2d:
09:0c:f2:7f:fc:b9:65:b7:7a:29:1f:19:1d:02:e4:6c:c2:d8:
2c:6b:0b:fd:72:ae:5d:03:3d:49:19:a3:24:71:8c:2a:64:18:
5b:57:cf:3f:ac:63:62:dc:8c:66:f9:69:51:38:8b:63:9f:7d:
41:cd:b5:cd:fc:1c:a6:08:c2:e3:3d:9e:4b:2b:ea:4e:f8:07:
9a:12:b3:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYsY5YDy6Aqy6TbEhQLd8xL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjMxMDEwMDkyMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzJhMzBjY2Y3YmI5ODVmMjRjMjA3OTBhMGM3YjJiNjUwMDk0MjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra1VqNOEeW2XUuvTqxojN/3ExjBI
64RmqV7RnTy9RY7ESht5RC7XJgTjqPdHhwth4pnFNwFGjmHbtgysQ0luMjzpiOvj
LvlRVN5Ep4zbQglsBSptTZ8Uu7+gvpWubkKOMAZRTdmDmzCG4WqAkqxfrR+sG905
8MdFr91hsNd8HRODjpTtKuxBacUfAQmrHrZhNMrPlettDT0W8yiGr3DWrkKZbPZa
aa2MMxSR5JKKYZoUTSgUFuPT27GuNi7tB7y4ABGEPzdjNxmp226neFBgbWnULfXG
dj6CfaFEqYULmLGzWmZ/xJvFNKNDMi14++nOT+7Z1rrErzAJ1lBQDblnqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEwqMMz3u5hfJMIHkKDHsrZQCUIgMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvVENvd3pQZTdtRjhrd2dlUW9NZXl0bEFKUWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAvOEfMA0E
AgACMAcDBQAqA28GMA0GCSqGSIb3DQEBCwUAA4IBAQAY5SOnT7ZzwauMOFMjiRTH
C+itIDq1c9quMRPNSE+l0qLbDYDugQGbGIRNy++zVzb9hF+8fZJ9dG4vIwHNVNv7
/8HORZDO7KUtP0iYQubITRp7tuyQ45ZfDYVnS1i5SG0TI82bMgxzljqt+Rzsn4Qe
O4BGX6Bkzc/qIevThxB+sLtzQtnDJQ05ntbiGI1GYrrdVQ0kYWq1Mw+d7airJseJ
u9yLE4I+qeup/nCZySAEJlG8si0JDPJ//Lllt3opHxkdAuRswtgsawv9cq5dAz1J
GaMkcYwqZBhbV88/rGNi3Ixm+WlROItjn31BzbXN/BymCMLjPZ5LK+pO+AeaErM5
-----END CERTIFICATE-----
Generated at Tue Oct 10 12:18:25 2023 by rpki-client on console-fra.rpki-client.org