Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/i12_3b4PKsKd8p7PKAzwHzyIUzA.roa
File: i12_3b4PKsKd8p7PKAzwHzyIUzA.roa (raw, json)
Hash identifier: XkK7oRdnr8ppa6R0FR+fT5mGqSLgAbr2cKkVJk0eAlU=
Subject key identifier: 8B:5D:BF:DD:BE:0F:2A:C2:9D:F2:9E:CF:28:0C:F0:1F:3C:88:53:30
Certificate issuer: /CN=9944f812a0e002c38e84e47628bdba038598090b
Certificate serial: 018649B4C26E36A980CA5DB40853856873E7
Authority key identifier: 99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/i12_3b4PKsKd8p7PKAzwHzyIUzA.roa
Signing time: Mon 13 Feb 2023 07:37:08 +0000
ROA not before: Mon 13 Feb 2023 07:37:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212652
IP address blocks: 88.213.208.0/24 maxlen: 24
88.213.208.0/23 maxlen: 23
88.213.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:b4:c2:6e:36:a9:80:ca:5d:b4:08:53:85:68:73:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9944f812a0e002c38e84e47628bdba038598090b
Validity
Not Before: Feb 13 07:37:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b5dbfddbe0f2ac29df29ecf280cf01f3c885330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:56:6c:71:2d:f8:f3:48:b0:13:89:58:cc:67:
5c:a0:72:95:2b:b2:a0:1b:a8:27:1a:6d:3e:e2:ec:
32:4b:e2:e1:2d:cc:d1:94:9b:3b:f9:41:fd:13:30:
5a:0c:03:89:dd:36:a7:e8:36:cd:a7:bc:11:13:63:
ce:d4:41:43:fd:45:bf:51:91:29:c0:8f:c5:2e:27:
66:1a:5f:f6:d4:5a:6d:69:5c:a6:0c:86:9a:cc:1c:
00:f5:72:b4:3d:5d:a9:3e:a3:16:8e:64:20:6e:6f:
53:1e:2c:72:46:eb:97:d4:3f:51:0a:d4:2e:df:cb:
dc:cc:e1:56:3b:6d:40:32:58:82:9b:6e:79:71:28:
0d:1a:30:15:d5:2e:00:e1:d8:c8:eb:53:52:ce:ab:
48:e1:7d:f9:97:a0:dc:9a:f1:eb:e2:a5:f0:e1:dd:
bd:d7:7a:e2:1c:07:dd:da:1e:86:f4:8f:a9:1e:e5:
f9:1a:3e:4a:70:cd:eb:5b:df:3b:27:dc:d6:b4:40:
8e:65:6c:fc:f4:81:22:00:9f:37:29:76:55:21:b7:
25:91:0b:e5:f4:d1:9e:89:46:3d:98:e7:6d:d0:f2:
04:d9:0b:41:2f:2c:96:31:71:0d:40:92:ac:9b:98:
9f:9b:94:6d:44:8f:8d:76:d5:f8:16:b9:7d:d8:bc:
b9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5D:BF:DD:BE:0F:2A:C2:9D:F2:9E:CF:28:0C:F0:1F:3C:88:53:30
X509v3 Authority Key Identifier:
keyid:99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/i12_3b4PKsKd8p7PKAzwHzyIUzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.213.208.0/23
Signature Algorithm: sha256WithRSAEncryption
34:22:9a:da:78:7b:01:20:d2:24:c2:3c:1f:e0:c4:09:b9:77:
75:b1:27:34:ed:59:d0:da:cb:49:dc:85:01:46:81:fd:66:f2:
7b:5b:6f:50:90:77:cf:8c:b9:f2:62:c8:f2:2a:5f:ea:19:ef:
e3:ce:89:68:c6:6c:e7:fb:e2:34:08:f0:a2:43:14:82:74:3b:
f7:1a:db:e9:91:a8:8e:2d:b9:5a:47:a3:fd:29:86:1c:81:e2:
1c:07:1d:6c:f6:62:c3:de:0b:63:99:60:75:6b:2b:04:bc:90:
ee:bb:02:5b:eb:2f:19:bf:e0:02:8a:98:f3:9e:dc:4b:e2:5b:
f7:02:98:19:51:8a:6e:32:45:7f:c2:91:81:75:92:6e:bf:9d:
0b:7d:d6:2e:2a:2b:94:9d:af:24:b9:65:e7:ec:51:ff:60:e5:
ff:6d:1f:8e:2d:7b:cb:87:a6:10:b3:9f:ee:97:d0:36:93:8e:
0b:46:43:78:88:10:b4:67:a0:33:9b:5f:82:bf:6e:bc:a3:03:
a2:72:ef:0f:ad:1e:94:f6:38:b7:bf:99:5f:ef:da:b3:2a:af:
d3:3d:26:96:df:07:d7:38:d4:11:c0:6c:13:c4:a7:09:38:b2:
82:44:31:bd:e0:d4:d1:ee:44:19:3e:21:e8:46:bf:e9:c8:3c:
c2:30:75:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZJtMJuNqmAyl20CFOFaHPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NDRmODEyYTBlMDAyYzM4ZTg0ZTQ3NjI4YmRiYTAzODU5
ODA5MGIwHhcNMjMwMjEzMDczNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjVkYmZkZGJlMGYyYWMyOWRmMjllY2YyODBjZjAxZjNjODg1MzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlZscS3480iwE4lYzGdcoHKVK7Kg
G6gnGm0+4uwyS+LhLczRlJs7+UH9EzBaDAOJ3Tan6DbNp7wRE2PO1EFD/UW/UZEp
wI/FLidmGl/21FptaVymDIaazBwA9XK0PV2pPqMWjmQgbm9THixyRuuX1D9RCtQu
38vczOFWO21AMliCm255cSgNGjAV1S4A4djI61NSzqtI4X35l6DcmvHr4qXw4d29
13riHAfd2h6G9I+pHuX5Gj5KcM3rW987J9zWtECOZWz89IEiAJ83KXZVIbclkQvl
9NGeiUY9mOdt0PIE2QtBLyyWMXENQJKsm5ifm5RtRI+NdtX4Frl92Ly5lwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItdv92+DyrCnfKezygM8B88iFMwMB8GA1UdIwQY
MBaAFJlE+BKg4ALDjoTkdii9ugOFmAkLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMt
MzA2YzU2NTEzNDNlLzEvaTEyXzNiNFBLc0tkOHA3UEtBendIenlJVXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMtMzA2YzU2NTEzNDNl
LzEvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNXQMA0G
CSqGSIb3DQEBCwUAA4IBAQA0IpraeHsBINIkwjwf4MQJuXd1sSc07VnQ2stJ3IUB
RoH9ZvJ7W29QkHfPjLnyYsjyKl/qGe/jzoloxmzn++I0CPCiQxSCdDv3GtvpkaiO
LblaR6P9KYYcgeIcBx1s9mLD3gtjmWB1aysEvJDuuwJb6y8Zv+ACipjzntxL4lv3
ApgZUYpuMkV/wpGBdZJuv50LfdYuKiuUna8kuWXn7FH/YOX/bR+OLXvLh6YQs5/u
l9A2k44LRkN4iBC0Z6Azm1+Cv268owOicu8PrR6U9ji3v5lf79qzKq/TPSaW3wfX
ONQRwGwTxKcJOLKCRDG94NTR7kQZPiHoRr/pyDzCMHX9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:59 2024 by rpki-client on console-fra.rpki-client.org