Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Z-dr5LoiIKNtqvMHkB8cMemg3SY.roa
File: Z-dr5LoiIKNtqvMHkB8cMemg3SY.roa (raw, json)
Hash identifier: AMq13QW0v6544XAVHcPtWPwOYc16fXA5qMXEuIV2zdo=
Subject key identifier: 67:E7:6B:E4:BA:22:20:A3:6D:AA:F3:07:90:1F:1C:31:E9:A0:DD:26
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 0191042D5291EA6FBB2456F2055E3BC971AA
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Z-dr5LoiIKNtqvMHkB8cMemg3SY.roa
Signing time: Tue 30 Jul 2024 15:06:04 +0000
ROA not before: Tue 30 Jul 2024 15:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 88.223.154.0/23 maxlen: 24
88.223.176.0/20 maxlen: 24
88.223.224.0/19 maxlen: 24
213.164.96.0/20 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 13:26:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:04:2d:52:91:ea:6f:bb:24:56:f2:05:5e:3b:c9:71:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Jul 30 15:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67e76be4ba2220a36daaf307901f1c31e9a0dd26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:98:55:26:49:65:1e:55:0d:76:57:5a:25:ad:
40:ab:1e:d3:7e:4e:63:f5:ad:0a:87:84:1a:c2:9d:
c1:4a:80:75:09:14:c7:26:f5:33:ef:d0:9c:70:4f:
bd:43:4c:e9:bd:21:cf:51:a6:ca:05:52:06:35:31:
32:70:72:8d:7c:c2:90:c8:20:1a:32:05:52:f1:27:
fc:7d:b2:0c:a6:73:2c:8e:8c:81:29:35:e4:3d:7e:
0d:e8:74:3f:10:9f:46:a5:17:7d:48:1c:22:1b:b0:
c3:1c:6f:cd:bd:74:3e:96:a1:06:02:06:a4:03:7d:
aa:72:42:b9:d9:72:92:96:ea:72:6e:c9:c7:ba:ad:
6d:32:2b:c4:4b:0c:1e:6c:6f:42:4c:65:48:b6:35:
6c:09:17:4a:96:f2:5c:cc:3d:4f:17:c1:e6:75:44:
79:c7:bf:25:6b:5f:ee:11:f8:e8:83:c1:a4:6c:9a:
ad:c9:4f:f7:62:f1:5c:2d:8c:62:64:8f:28:ac:75:
d5:66:fd:8a:a0:8f:4b:dc:ab:0d:a1:a5:42:c8:3e:
cf:54:e8:32:13:12:70:40:d6:a9:bc:a8:90:67:d4:
59:a9:51:e3:81:1c:5d:03:0a:db:d2:aa:d2:e8:41:
59:98:cb:48:fa:f6:95:b7:70:2e:62:3f:8f:e8:f2:
73:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E7:6B:E4:BA:22:20:A3:6D:AA:F3:07:90:1F:1C:31:E9:A0:DD:26
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Z-dr5LoiIKNtqvMHkB8cMemg3SY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.223.154.0/23
88.223.176.0/20
88.223.224.0/19
213.164.96.0/20
Signature Algorithm: sha256WithRSAEncryption
2f:49:90:a5:25:93:d0:aa:d2:fc:04:40:9a:24:89:75:81:39:
f9:73:04:e4:bb:ce:0b:a5:e3:62:55:b9:83:a5:59:2c:72:3b:
4d:77:eb:f5:14:42:87:a8:50:4c:b0:f3:51:ff:60:72:f7:d4:
5d:9e:0b:1b:20:fe:9e:26:76:45:c3:6e:e7:9a:6b:fe:3f:9f:
dc:ef:5b:85:be:cd:74:bf:d3:53:4a:e0:91:98:59:24:ea:09:
72:df:32:37:b8:42:1d:17:a2:3f:64:89:1f:da:ea:57:75:1e:
4f:28:ad:ad:47:6b:73:17:5e:e3:75:9e:95:ab:cd:2c:00:ab:
2f:04:20:15:fe:ad:c9:98:a6:65:56:55:46:5f:b6:00:e2:d6:
02:b3:20:67:98:2d:fc:7b:0a:50:72:a5:dd:34:4c:0c:f0:82:
55:1b:64:3e:ef:d2:6a:d5:b2:2a:3c:bb:b6:3a:a3:c9:90:04:
b8:60:a8:3a:2f:65:f5:37:63:2a:f2:6d:4e:48:a1:03:d2:d2:
2f:0a:5f:33:64:d0:af:84:e6:2a:a9:b6:30:53:cc:2e:cc:d8:
90:4f:0e:1d:29:cd:3f:e4:bc:c5:9a:93:0b:91:4b:0f:3c:d5:
76:1a:29:90:95:0b:0e:11:d4:13:b3:39:1f:3b:9c:9f:59:ec:
11:43:7b:2b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZEELVKR6m+7JFbyBV47yXGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjQwNzMwMTUwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2U3NmJlNGJhMjIyMGEzNmRhYWYzMDc5MDFmMWMzMWU5YTBkZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZhVJkllHlUNdldaJa1Aqx7Tfk5j
9a0Kh4Qawp3BSoB1CRTHJvUz79CccE+9Q0zpvSHPUabKBVIGNTEycHKNfMKQyCAa
MgVS8Sf8fbIMpnMsjoyBKTXkPX4N6HQ/EJ9GpRd9SBwiG7DDHG/NvXQ+lqEGAgak
A32qckK52XKSlupybsnHuq1tMivESwwebG9CTGVItjVsCRdKlvJczD1PF8HmdUR5
x78la1/uEfjog8GkbJqtyU/3YvFcLYxiZI8orHXVZv2KoI9L3KsNoaVCyD7PVOgy
ExJwQNapvKiQZ9RZqVHjgRxdAwrb0qrS6EFZmMtI+vaVt3AuYj+P6PJzvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGfna+S6IiCjbarzB5AfHDHpoN0mMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvWi1kcjVMb2lJS050cXZNSGtCOGNNZW1nM1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWN+aAwQE
WN+wAwQFWN/gAwQE1aRgMA0GCSqGSIb3DQEBCwUAA4IBAQAvSZClJZPQqtL8BECa
JIl1gTn5cwTku84LpeNiVbmDpVkscjtNd+v1FEKHqFBMsPNR/2By99RdngsbIP6e
JnZFw27nmmv+P5/c71uFvs10v9NTSuCRmFkk6gly3zI3uEIdF6I/ZIkf2upXdR5P
KK2tR2tzF17jdZ6Vq80sAKsvBCAV/q3JmKZlVlVGX7YA4tYCsyBnmC38ewpQcqXd
NEwM8IJVG2Q+79Jq1bIqPLu2OqPJkAS4YKg6L2X1N2Mq8m1OSKED0tIvCl8zZNCv
hOYqqbYwU8wuzNiQTw4dKc0/5LzFmpMLkUsPPNV2GimQlQsOEdQTszkfO5yfWewR
Q3sr
-----END CERTIFICATE-----
Generated at Fri Oct 18 16:04:35 2024 by rpki-client on console-fra.rpki-client.org