Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Px3dbddYAyOgdji1y38Ze7t34vk.roa
File: Px3dbddYAyOgdji1y38Ze7t34vk.roa (raw, json)
Hash identifier: /GbZySlMveuk7BtbV7g491RdrMnmAb7ZmgUsLw2SVDo=
Subject key identifier: 3F:1D:DD:6D:D7:58:03:23:A0:76:38:B5:CB:7F:19:7B:BB:77:E2:F9
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 01916E4A34FF748BE0C29E98B6F55750FB2C
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Px3dbddYAyOgdji1y38Ze7t34vk.roa
Signing time: Tue 20 Aug 2024 05:37:22 +0000
ROA not before: Tue 20 Aug 2024 05:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47583
IP address blocks: 88.222.208.0/20 maxlen: 24
88.222.240.0/21 maxlen: 24
88.223.80.0/20 maxlen: 24
88.223.80.0/21 maxlen: 24
88.223.88.0/22 maxlen: 24
88.223.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 10:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6e:4a:34:ff:74:8b:e0:c2:9e:98:b6:f5:57:50:fb:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Aug 20 05:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f1ddd6dd7580323a07638b5cb7f197bbb77e2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:aa:f1:de:9b:d4:cc:ec:ed:1c:88:4a:59:0a:
a8:84:ba:39:6b:2d:6a:b4:b2:03:3e:09:f5:7b:85:
ec:0f:f0:17:c1:1d:88:82:2d:32:dd:3b:fb:fb:91:
89:24:ea:aa:e9:a8:2f:8c:54:d4:fc:d6:0b:f5:bc:
69:6c:b1:b8:4a:8a:f4:18:6d:41:63:3e:a5:90:ec:
38:76:69:80:0a:b5:01:c3:41:80:ff:3d:7f:eb:14:
64:a1:f0:19:45:54:e3:d2:51:41:05:63:cb:fa:ec:
a2:94:1b:e9:81:77:85:1f:ef:c0:dc:24:d1:65:f5:
c1:c4:b7:1e:db:02:49:0f:08:57:15:38:34:67:b5:
57:3e:7f:36:58:f4:42:78:40:10:cb:a0:9a:ff:7d:
0d:6a:ea:47:92:7e:4e:1d:3e:6a:60:2b:0b:ae:34:
9d:6b:91:19:5d:f3:26:49:d8:cd:b5:ff:c6:a1:2d:
bc:f5:54:4a:94:00:f5:46:9b:31:0b:29:81:6b:8b:
98:ad:03:ff:2a:86:ba:2f:88:1e:99:d1:37:93:e5:
a3:80:a9:a9:a0:7e:60:f8:4d:9e:37:d3:a9:ff:92:
48:5f:f1:15:f4:a5:21:d6:2d:27:8f:2d:df:a1:72:
d1:ab:dc:dd:72:5b:fd:25:0d:40:cd:a7:27:32:31:
3a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:1D:DD:6D:D7:58:03:23:A0:76:38:B5:CB:7F:19:7B:BB:77:E2:F9
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Px3dbddYAyOgdji1y38Ze7t34vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.222.208.0/20
88.222.240.0/21
88.223.80.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:20:a7:db:2d:d3:d5:bc:17:34:9d:a4:07:58:19:60:41:b1:
ca:eb:eb:8f:7d:1b:e2:70:88:f1:a3:81:0e:89:2b:25:e7:4d:
37:5c:d1:37:18:0b:d7:95:0d:b6:52:bd:6b:d8:c6:68:f5:14:
f7:10:c0:b2:a9:29:bf:a6:a0:21:66:04:11:9f:91:e5:1d:68:
f6:c7:f2:25:72:df:c2:18:a1:9a:53:e2:53:9a:ad:e6:19:db:
e9:1e:f5:6e:9a:96:19:8a:93:c4:83:c7:af:74:04:a0:28:5d:
93:20:84:9d:91:36:5d:21:0d:1b:3e:0c:ac:9f:f7:d5:b9:73:
50:d5:17:4c:e0:e4:40:f9:89:fa:97:f0:e9:60:d7:0c:e2:03:
ea:66:06:9d:7e:42:8b:2a:a5:cc:6c:98:7d:b9:e9:ad:cd:44:
15:ae:18:34:44:8f:b8:01:42:69:bc:a6:e5:90:e5:6a:df:aa:
96:f8:ca:d9:0b:eb:38:1a:2f:a7:a3:cc:74:70:d0:7e:04:0d:
3b:34:6e:98:48:12:0b:ff:70:fc:7b:e4:4a:17:1c:ed:86:a5:
ce:c0:c2:8c:3c:5c:2a:b6:d8:51:2f:23:80:9f:d2:45:a3:92:
b7:1e:84:cf:2e:48:bd:fe:3e:6f:34:82:a6:f6:c9:01:2a:40:
50:45:ad:fe
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFuSjT/dIvgwp6YtvVXUPssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjQwODIwMDUzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjFkZGQ2ZGQ3NTgwMzIzYTA3NjM4YjVjYjdmMTk3YmJiNzdlMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6rx3pvUzOztHIhKWQqohLo5ay1q
tLIDPgn1e4XsD/AXwR2Igi0y3Tv7+5GJJOqq6agvjFTU/NYL9bxpbLG4Sor0GG1B
Yz6lkOw4dmmACrUBw0GA/z1/6xRkofAZRVTj0lFBBWPL+uyilBvpgXeFH+/A3CTR
ZfXBxLce2wJJDwhXFTg0Z7VXPn82WPRCeEAQy6Ca/30NaupHkn5OHT5qYCsLrjSd
a5EZXfMmSdjNtf/GoS289VRKlAD1RpsxCymBa4uYrQP/Koa6L4gemdE3k+WjgKmp
oH5g+E2eN9Op/5JIX/EV9KUh1i0njy3foXLRq9zdclv9JQ1AzacnMjE6MwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD8d3W3XWAMjoHY4tct/GXu7d+L5MB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvUHgzZGJkZFlBeU9nZGppMXkzOFplN3QzNHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEWN7QAwQD
WN7wAwQEWN9QMA0GCSqGSIb3DQEBCwUAA4IBAQCPIKfbLdPVvBc0naQHWBlgQbHK
6+uPfRvicIjxo4EOiSsl5003XNE3GAvXlQ22Ur1r2MZo9RT3EMCyqSm/pqAhZgQR
n5HlHWj2x/Ilct/CGKGaU+JTmq3mGdvpHvVumpYZipPEg8evdASgKF2TIISdkTZd
IQ0bPgysn/fVuXNQ1RdM4ORA+Yn6l/DpYNcM4gPqZgadfkKLKqXMbJh9uemtzUQV
rhg0RI+4AUJpvKblkOVq36qW+MrZC+s4Gi+no8x0cNB+BA07NG6YSBIL/3D8e+RK
FxzthqXOwMKMPFwqtthRLyOAn9JFo5K3HoTPLki9/j5vNIKm9skBKkBQRa3+
-----END CERTIFICATE-----
Generated at Tue Aug 27 13:37:28 2024 by rpki-client on console-fra.rpki-client.org