Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/PYw_pajOO4nsXONQjIYrX72gH2c.roa
File: PYw_pajOO4nsXONQjIYrX72gH2c.roa (raw, json)
Hash identifier: BlRddElu2fQJLZvUnpwjztoMdVrsdTJqd/QbgXtYf0A=
Subject key identifier: 3D:8C:3F:A5:A8:CE:3B:89:EC:5C:E3:50:8C:86:2B:5F:BD:A0:1F:67
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 019137095679C27467149F4266ADDD5D2EE4
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/PYw_pajOO4nsXONQjIYrX72gH2c.roa
Signing time: Fri 09 Aug 2024 12:07:24 +0000
ROA not before: Fri 09 Aug 2024 12:07:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47583
IP address blocks: 88.222.208.0/20 maxlen: 24
88.222.240.0/21 maxlen: 24
88.223.80.0/20 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Aug 2024 11:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:09:56:79:c2:74:67:14:9f:42:66:ad:dd:5d:2e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Aug 9 12:07:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d8c3fa5a8ce3b89ec5ce3508c862b5fbda01f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ae:52:44:51:c0:9d:85:ae:ef:3d:f6:44:71:
62:6e:27:c6:dd:03:c9:02:64:a6:a3:c0:2f:7e:22:
37:0f:90:f4:9e:d9:72:8a:2e:db:34:e3:71:79:f1:
ce:86:2e:f0:f3:79:da:81:86:1f:2c:10:ee:77:a5:
9d:4e:69:b8:aa:1f:fb:97:15:74:20:ae:b7:61:3c:
a7:5e:a8:17:fd:33:95:6e:4b:2c:be:d5:db:b6:f5:
cb:5c:e5:c6:35:7e:2a:a5:7b:3b:90:14:99:57:aa:
37:54:dc:d2:ef:36:b8:c4:51:5a:96:48:92:33:6b:
95:6c:1c:40:c9:f2:08:f8:d6:34:9d:4e:19:ed:22:
fa:1b:26:3a:71:de:f2:f6:44:cf:54:50:25:78:bd:
1e:2b:cc:ef:4e:14:78:21:3b:e2:cc:af:82:b4:58:
c6:f1:cd:d6:94:8e:9c:d8:df:ef:af:73:aa:fe:aa:
6d:c3:ad:56:0e:08:b6:2e:e2:25:95:e2:4e:ec:4b:
62:e3:60:3a:ed:c6:98:c1:88:e2:72:39:0f:36:bc:
a6:85:a1:87:1c:82:0f:b4:86:d9:d8:08:35:63:d3:
e4:a8:35:67:73:d5:d1:3b:7b:9a:9c:8e:0b:1e:c4:
f8:b1:ce:ce:3f:8a:de:1c:8a:25:85:7f:a7:bc:74:
c7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8C:3F:A5:A8:CE:3B:89:EC:5C:E3:50:8C:86:2B:5F:BD:A0:1F:67
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/PYw_pajOO4nsXONQjIYrX72gH2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.222.208.0/20
88.222.240.0/21
88.223.80.0/20
Signature Algorithm: sha256WithRSAEncryption
16:f2:81:f3:39:2c:e7:c3:d8:0a:8a:ae:2a:71:da:3a:d4:0b:
4e:64:9c:e9:f1:97:01:91:59:c6:5e:44:c0:67:df:2f:df:85:
a8:a2:e9:72:e3:f7:36:ab:49:d4:75:49:cb:f5:c4:03:1e:61:
1a:16:32:3c:74:bf:63:b8:fb:a7:62:72:42:fc:50:01:9b:90:
6f:38:c0:8c:23:fa:4d:47:54:80:d7:f6:70:53:f7:a9:86:8b:
16:e5:83:f6:9e:96:d3:f9:dd:d6:97:31:78:fc:5a:22:35:41:
4f:d1:c7:c4:61:b2:03:bd:a0:97:80:8e:6c:aa:38:2d:a2:ab:
7f:81:6b:0d:b8:1d:d5:fd:44:5b:3d:09:6e:ab:ae:3a:fd:2e:
5b:d6:c7:1a:cd:1b:d8:12:be:a3:0d:b9:79:53:b0:bd:8e:c6:
bc:48:5c:b8:85:ef:5c:6a:d4:0f:46:c2:7a:39:d2:f6:65:dc:
97:04:97:b4:8e:f9:1b:be:7c:18:66:62:5a:56:d5:31:04:d3:
83:d3:a4:4d:26:8c:ce:09:05:bb:7d:6f:96:be:98:5c:66:69:
27:98:aa:e7:71:c6:f2:77:7a:af:c2:d9:ea:65:11:2b:b8:aa:
e4:bb:6d:0d:c3:a0:d0:58:87:f9:b8:49:01:f0:47:5a:90:76:
ee:5d:a3:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZE3CVZ5wnRnFJ9CZq3dXS7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjQwODA5MTIwNzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhjM2ZhNWE4Y2UzYjg5ZWM1Y2UzNTA4Yzg2MmI1ZmJkYTAxZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK5SRFHAnYWu7z32RHFibifG3QPJ
AmSmo8AvfiI3D5D0ntlyii7bNONxefHOhi7w83nagYYfLBDud6WdTmm4qh/7lxV0
IK63YTynXqgX/TOVbkssvtXbtvXLXOXGNX4qpXs7kBSZV6o3VNzS7za4xFFalkiS
M2uVbBxAyfII+NY0nU4Z7SL6GyY6cd7y9kTPVFAleL0eK8zvThR4ITvizK+CtFjG
8c3WlI6c2N/vr3Oq/qptw61WDgi2LuIlleJO7Eti42A67caYwYjicjkPNrymhaGH
HIIPtIbZ2Ag1Y9PkqDVnc9XRO3uanI4LHsT4sc7OP4reHIolhX+nvHTHMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD2MP6WozjuJ7FzjUIyGK1+9oB9nMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvUFl3X3Bhak9PNG5zWE9OUWpJWXJYNzJnSDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEWN7QAwQD
WN7wAwQEWN9QMA0GCSqGSIb3DQEBCwUAA4IBAQAW8oHzOSznw9gKiq4qcdo61AtO
ZJzp8ZcBkVnGXkTAZ98v34Woouly4/c2q0nUdUnL9cQDHmEaFjI8dL9juPunYnJC
/FABm5BvOMCMI/pNR1SA1/ZwU/ephosW5YP2npbT+d3WlzF4/FoiNUFP0cfEYbID
vaCXgI5sqjgtoqt/gWsNuB3V/URbPQluq646/S5b1scazRvYEr6jDbl5U7C9jsa8
SFy4he9catQPRsJ6OdL2ZdyXBJe0jvkbvnwYZmJaVtUxBNOD06RNJozOCQW7fW+W
vphcZmknmKrnccbyd3qvwtnqZREruKrku20Nw6DQWIf5uEkB8EdakHbuXaPM
-----END CERTIFICATE-----
Generated at Fri Aug 16 15:18:28 2024 by rpki-client on console-fra.rpki-client.org