Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/EhKat1X7oEY3DGhy3MOmxI-zq4U.roa
File: EhKat1X7oEY3DGhy3MOmxI-zq4U.roa (raw, json)
Hash identifier: SHHh+USGgPCmlf5pmYH7vvvkQ3fv7jBOO9PHnwuiDjA=
Subject key identifier: 12:12:9A:B7:55:FB:A0:46:37:0C:68:72:DC:C3:A6:C4:8F:B3:AB:85
Certificate issuer: /CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Certificate serial: 018A0DCBF5A06AD4C28554B5F32B7448A7D3
Authority key identifier: 32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/EhKat1X7oEY3DGhy3MOmxI-zq4U.roa
Signing time: Sat 19 Aug 2023 12:36:25 +0000
ROA not before: Sat 19 Aug 2023 12:36:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210025
IP address blocks: 88.218.204.0/24 maxlen: 24
88.218.207.0/24 maxlen: 24
2a09:b280:ffba::/48 maxlen: 48
2a09:b280:ffb0::/48 maxlen: 48
2a09:b280:1030::/48 maxlen: 48
2a09:b280:1010::/48 maxlen: 48
2a09:b280::/48 maxlen: 48
2a09:b280:ccc0::/48 maxlen: 48
2a09:b280:1020::/48 maxlen: 48
2a09:b280:1000::/48 maxlen: 48
2a09:b280:1100::/47 maxlen: 47
2a09:b280:ffbb::/48 maxlen: 48
2a09:b280:ffbe::/48 maxlen: 48
2a09:b280:ffb9::/48 maxlen: 48
2a09:b280:ffbf::/48 maxlen: 48
2a09:b280:ffb2::/48 maxlen: 48
2a09:b280:ffbd::/48 maxlen: 48
2a09:b280:ffb8::/48 maxlen: 48
2a09:b280:ccc1::/48 maxlen: 48
2a09:b280:ffb1::/48 maxlen: 48
2a09:b280:ffbc::/48 maxlen: 48
2a09:b280:cccc::/48 maxlen: 48
2a09:b280:ffb7::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0d:cb:f5:a0:6a:d4:c2:85:54:b5:f3:2b:74:48:a7:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Validity
Not Before: Aug 19 12:36:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12129ab755fba046370c6872dcc3a6c48fb3ab85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b9:f4:01:09:cb:00:24:24:98:fc:32:21:02:
12:6e:80:db:54:3b:87:c3:8d:36:6c:30:77:ce:37:
23:26:66:fd:d5:92:d4:28:57:2d:93:37:65:c2:4c:
32:17:d6:fa:97:54:52:43:22:bc:fd:0a:b6:35:f8:
97:66:8a:a9:62:f9:35:c5:7a:01:2c:5f:bb:5e:aa:
50:91:d0:9a:52:60:32:a2:85:e9:de:9c:28:af:29:
57:c3:c1:0a:d3:78:67:77:7a:a9:2c:3c:0a:95:ac:
5b:5a:92:0a:b7:6e:36:94:9a:69:ab:c9:22:6f:16:
ea:f9:3b:dc:d2:12:fa:52:a0:e8:e0:fa:4f:2d:f6:
ef:ba:ff:b2:fa:29:b9:ae:f7:af:96:4d:87:0a:ee:
93:3f:93:05:d8:b1:78:6c:6f:45:e6:0c:38:cb:49:
db:c6:46:d3:a3:88:f4:d1:cb:da:6f:9a:00:de:15:
4f:21:99:ed:f3:b8:fa:0b:c2:ef:89:1e:cb:ec:84:
f2:04:8b:fd:5b:c5:c3:fb:d1:ce:63:a9:2a:65:08:
ab:82:5b:9d:ea:23:a5:b9:c5:01:d0:84:b0:db:21:
98:a6:cc:74:7f:c9:03:5c:84:c0:3f:44:1d:e4:fa:
8e:6a:28:93:44:70:84:dc:de:4f:54:de:34:1d:b1:
96:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:12:9A:B7:55:FB:A0:46:37:0C:68:72:DC:C3:A6:C4:8F:B3:AB:85
X509v3 Authority Key Identifier:
keyid:32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/EhKat1X7oEY3DGhy3MOmxI-zq4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/MlCPt4HKbb2CIfLC-VSjp0RrK0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.204.0/24
88.218.207.0/24
IPv6:
2a09:b280::/48
2a09:b280:1000::/48
2a09:b280:1010::/48
2a09:b280:1020::/48
2a09:b280:1030::/48
2a09:b280:1100::/47
2a09:b280:ccc0::/47
2a09:b280:cccc::/48
2a09:b280:ffb0::-2a09:b280:ffb2:ffff:ffff:ffff:ffff:ffff
2a09:b280:ffb7::-2a09:b280:ffbf:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2f:a6:5d:52:60:fd:5d:89:fd:df:bc:7c:98:03:eb:4b:76:a6:
0d:2d:fe:d6:61:df:c7:85:20:d0:46:55:9e:9f:8a:9f:71:e9:
cc:90:02:d7:13:7b:63:00:ef:d9:8a:17:50:8b:12:b6:e0:c5:
a0:e9:9a:83:20:b8:72:06:59:ce:e2:5a:5f:92:5a:58:14:fe:
d4:f6:fc:e1:e6:c2:a0:f5:94:bc:3a:62:44:3f:7a:23:8c:cb:
db:a4:ab:36:31:c4:8d:81:61:bc:54:c0:cb:79:da:20:80:72:
de:af:63:fd:6b:85:6b:d1:ba:7d:23:6a:2e:83:98:c3:f7:5a:
85:84:5c:c9:8f:92:a9:1c:cd:0f:af:4a:5b:cd:ff:73:50:0a:
3d:7d:e9:33:96:23:a6:43:8e:57:01:ad:8c:3b:06:b8:45:cf:
bd:0e:0f:21:84:d3:55:c7:57:9c:69:e3:0c:5f:2d:b1:bb:52:
84:46:2f:77:28:7b:3b:44:76:6f:5b:ef:7e:19:92:b9:ad:91:
02:4a:47:33:4c:1e:1b:a6:6c:89:63:21:0f:6c:7b:d7:3d:4d:
cc:50:16:35:1e:fd:1e:12:f2:13:27:9f:ae:0f:0a:68:39:5f:
93:fd:67:e6:2b:3b:a0:8a:2a:69:2f:58:7a:a1:99:cc:b1:6f:
c3:99:92:ab
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYoNy/WgatTChVS18yt0SKfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA4ZmI3ODFjYTZkYmQ4MjIxZjJjMmY5NTRhM2E3NDQ2
YjJiNDIwHhcNMjMwODE5MTIzNjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjEyOWFiNzU1ZmJhMDQ2MzcwYzY4NzJkY2MzYTZjNDhmYjNhYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbn0AQnLACQkmPwyIQISboDbVDuH
w402bDB3zjcjJmb91ZLUKFctkzdlwkwyF9b6l1RSQyK8/Qq2NfiXZoqpYvk1xXoB
LF+7XqpQkdCaUmAyooXp3pworylXw8EK03hnd3qpLDwKlaxbWpIKt242lJppq8ki
bxbq+Tvc0hL6UqDo4PpPLfbvuv+y+im5rvevlk2HCu6TP5MF2LF4bG9F5gw4y0nb
xkbTo4j00cvab5oA3hVPIZnt87j6C8LviR7L7ITyBIv9W8XD+9HOY6kqZQirglud
6iOlucUB0ISw2yGYpsx0f8kDXITAP0Qd5PqOaiiTRHCE3N5PVN40HbGWfwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFBISmrdV+6BGNwxoctzDpsSPs6uFMB8GA1UdIwQY
MBaAFDJQj7eBym29giHywvlUo6dEaytCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDkt
YzEyMjE4NzY1MTU0LzEvRWhLYXQxWDdvRVkzREdoeTNNT214SS16cTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDktYzEyMjE4NzY1MTU0
LzEvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDASBAIAATAMAwQAWNrM
AwQAWNrPMHYEAgACMHADBwAqCbKAAAADBwAqCbKAEAADBwAqCbKAEBADBwAqCbKA
ECADBwAqCbKAEDADBwEqCbKAEQADBwEqCbKAzMADBwAqCbKAzMwwEgMHBCoJsoD/
sAMHACoJsoD/sjASAwcAKgmygP+3AwcGKgmygP+AMA0GCSqGSIb3DQEBCwUAA4IB
AQAvpl1SYP1dif3fvHyYA+tLdqYNLf7WYd/HhSDQRlWen4qfcenMkALXE3tjAO/Z
ihdQixK24MWg6ZqDILhyBlnO4lpfklpYFP7U9vzh5sKg9ZS8OmJEP3ojjMvbpKs2
McSNgWG8VMDLedoggHLer2P9a4Vr0bp9I2oug5jD91qFhFzJj5KpHM0Pr0pbzf9z
UAo9fekzliOmQ45XAa2MOwa4Rc+9Dg8hhNNVx1ecaeMMXy2xu1KERi93KHs7RHZv
W+9+GZK5rZECSkczTB4bpmyJYyEPbHvXPU3MUBY1Hv0eEvITJ5+uDwpoOV+T/Wfm
KzugiippL1h6oZnMsW/DmZKr
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:29 2024 by rpki-client on console-ams.rpki-client.org