Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/Amr9kNvKH0mbqibKZUtmWp4EWrI.roa
File: Amr9kNvKH0mbqibKZUtmWp4EWrI.roa (raw, json)
Hash identifier: GvodOOVy5yHJpb8fLWUpPAQirnKYSigNhEyD0+uQbd0=
Subject key identifier: 02:6A:FD:90:DB:CA:1F:49:9B:AA:26:CA:65:4B:66:5A:9E:04:5A:B2
Certificate issuer: /CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Certificate serial: 018CC26D1D277D786BBBCBFCA5A3DED93FC7
Authority key identifier: BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/Amr9kNvKH0mbqibKZUtmWp4EWrI.roa
Signing time: Mon 01 Jan 2024 00:29:39 +0000
ROA not before: Mon 01 Jan 2024 00:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30815
IP address blocks: 88.209.191.0/24 maxlen: 24
88.209.132.0/22 maxlen: 22
88.209.132.0/24 maxlen: 24
88.209.130.0/24 maxlen: 24
88.209.128.0/24 maxlen: 24
88.209.128.0/22 maxlen: 22
88.209.136.0/22 maxlen: 22
88.209.135.0/24 maxlen: 24
93.189.98.0/23 maxlen: 23
185.63.233.0/24 maxlen: 24
185.63.232.0/23 maxlen: 23
185.63.232.0/22 maxlen: 22
185.63.232.0/24 maxlen: 24
93.189.96.0/23 maxlen: 23
93.189.96.0/21 maxlen: 21
93.189.100.0/23 maxlen: 23
185.63.235.0/24 maxlen: 24
185.63.234.0/24 maxlen: 24
93.189.102.0/23 maxlen: 23
88.209.160.0/21 maxlen: 21
88.209.160.0/22 maxlen: 22
88.209.164.0/22 maxlen: 22
88.209.164.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 03 Mar 2024 07:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1d:27:7d:78:6b:bb:cb:fc:a5:a3:de:d9:3f:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Validity
Not Before: Jan 1 00:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=026afd90dbca1f499baa26ca654b665a9e045ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:99:29:aa:42:cb:6b:0b:94:d6:6f:65:8c:f2:
a8:6e:0a:20:c5:55:e9:14:5f:b3:da:41:6e:55:6b:
3b:bf:dc:bb:ed:16:89:21:5e:77:b9:49:d5:38:2a:
a0:b2:f6:f7:c8:ae:35:23:e4:d3:09:c1:83:c9:c6:
bd:c6:78:63:8f:56:f2:97:0c:03:59:ee:9c:06:41:
1e:3f:ff:eb:60:87:85:02:ed:32:f9:8f:5b:5f:1a:
f0:07:90:24:ef:06:f5:e9:37:b5:f0:16:e0:b5:c3:
6b:63:8d:60:ba:7d:f6:18:d2:fa:56:e8:86:2b:5b:
92:e1:8e:8e:50:34:f7:67:e7:58:b1:99:26:2c:0a:
99:56:58:2e:9b:5f:68:af:89:f9:81:52:1a:b6:dc:
c9:53:28:cc:37:d7:15:b1:28:67:34:a4:cc:cc:9e:
49:e0:db:75:7d:96:73:39:45:00:de:a4:c4:e6:db:
f1:90:98:95:8c:49:22:19:f7:20:e7:01:b0:63:4d:
7c:2c:e2:72:d9:14:4a:8a:e7:34:8c:12:7e:cf:18:
9c:44:af:1a:95:cd:18:d7:1f:10:e9:76:20:27:bc:
60:a9:35:36:fd:1d:81:39:2d:76:78:96:6e:82:92:
e2:5a:78:60:2c:4e:16:79:63:41:fa:4f:20:79:61:
b8:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:6A:FD:90:DB:CA:1F:49:9B:AA:26:CA:65:4B:66:5A:9E:04:5A:B2
X509v3 Authority Key Identifier:
keyid:BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/Amr9kNvKH0mbqibKZUtmWp4EWrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/uqpkzSnJTM3hREj2GhcsdjseQFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.128.0-88.209.139.255
88.209.160.0/21
88.209.191.0/24
93.189.96.0/21
185.63.232.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:87:5c:e7:bd:de:2d:11:ff:eb:d2:c4:18:3c:ac:69:c0:7e:
9c:30:61:29:ad:18:3b:2a:c8:d4:bb:73:be:e6:51:fc:9d:e7:
6a:e2:88:8f:80:a8:9a:36:0f:96:93:20:8a:3d:7f:4e:50:b2:
85:25:7b:19:ec:52:c3:d8:a5:06:e3:fe:e5:e4:7c:2d:af:25:
de:62:6e:8d:20:78:94:41:56:8d:76:02:40:78:49:80:54:bf:
51:b0:b3:bc:e5:bc:87:b0:d5:cc:ae:b3:d1:7c:d8:28:f4:16:
80:c8:d7:59:9c:91:13:2d:3d:16:25:b8:29:b5:14:86:9d:dc:
05:8b:9c:16:78:a0:29:87:bc:52:15:c6:67:d2:8d:fe:b0:5a:
de:74:10:f9:c3:1d:8e:30:0a:8d:6e:9e:f9:42:ec:f8:20:1a:
23:7e:77:0d:64:7d:f7:01:b8:9e:35:a8:1c:d8:69:ed:5a:7d:
8d:1b:0c:d9:1a:45:0b:3c:2c:09:f3:cf:ac:f8:c5:5b:2a:dd:
ad:34:fc:5e:61:cf:5c:fc:c6:c0:e4:30:4f:dd:ba:4b:2a:6d:
39:72:5f:f7:fe:39:35:8b:6b:a9:b6:aa:82:15:b8:6a:91:c0:
ce:74:e2:d0:2a:81:9b:91:93:1a:e4:be:22:b7:f6:00:b4:99:
92:ad:71:14
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzCbR0nfXhru8v8paPe2T/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE2NGNkMjljOTRjY2RlMTQ0NDhmNjFhMTcyYzc2M2Ix
ZTQwNTAwHhcNMjQwMTAxMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjZhZmQ5MGRiY2ExZjQ5OWJhYTI2Y2E2NTRiNjY1YTllMDQ1YWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpkpqkLLawuU1m9ljPKobgogxVXp
FF+z2kFuVWs7v9y77RaJIV53uUnVOCqgsvb3yK41I+TTCcGDyca9xnhjj1bylwwD
We6cBkEeP//rYIeFAu0y+Y9bXxrwB5Ak7wb16Te18BbgtcNrY41gun32GNL6VuiG
K1uS4Y6OUDT3Z+dYsZkmLAqZVlgum19or4n5gVIattzJUyjMN9cVsShnNKTMzJ5J
4Nt1fZZzOUUA3qTE5tvxkJiVjEkiGfcg5wGwY018LOJy2RRKiuc0jBJ+zxicRK8a
lc0Y1x8Q6XYgJ7xgqTU2/R2BOS12eJZugpLiWnhgLE4WeWNB+k8geWG4RQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAJq/ZDbyh9Jm6omymVLZlqeBFqyMB8GA1UdIwQY
MBaAFLqqZM0pyUzN4URI9hoXLHY7HkBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUt
OGZjYWE2OTM2YzZjLzEvQW1yOWtOdktIMG1icWliS1pVdG1XcDRFV3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUtOGZjYWE2OTM2YzZj
LzEvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAdY0YAD
BAJY0YgDBANY0aADBABY0b8DBANdvWADBAK5P+gwDQYJKoZIhvcNAQELBQADggEB
AHyHXOe93i0R/+vSxBg8rGnAfpwwYSmtGDsqyNS7c77mUfyd52riiI+AqJo2D5aT
IIo9f05QsoUlexnsUsPYpQbj/uXkfC2vJd5ibo0geJRBVo12AkB4SYBUv1Gws7zl
vIew1cyus9F82Cj0FoDI11mckRMtPRYluCm1FIad3AWLnBZ4oCmHvFIVxmfSjf6w
Wt50EPnDHY4wCo1unvlC7PggGiN+dw1kffcBuJ41qBzYae1afY0bDNkaRQs8LAnz
z6z4xVsq3a00/F5hz1z8xsDkME/duksqbTlyX/f+OTWLa6m2qoIVuGqRwM504tAq
gZuRkxrkviK39gC0mZKtcRQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:44 2024 by rpki-client on console-fra.rpki-client.org