Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/rUDyKIZj8J76Kp0E0c2mIRFRnYY.roa
File: rUDyKIZj8J76Kp0E0c2mIRFRnYY.roa (raw, json)
Hash identifier: /xlZBszVQhtIsx1g5H5dVXjzc6Eo4yPdaC+4b3GtLwA=
Subject key identifier: AD:40:F2:28:86:63:F0:9E:FA:2A:9D:04:D1:CD:A6:21:11:51:9D:86
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 01915AE8F692A010559E917067F582217083
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/rUDyKIZj8J76Kp0E0c2mIRFRnYY.roa
Signing time: Fri 16 Aug 2024 11:18:22 +0000
ROA not before: Fri 16 Aug 2024 11:18:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47583
IP address blocks: 88.222.208.0/20 maxlen: 24
88.222.240.0/21 maxlen: 24
88.223.80.0/20 maxlen: 24
88.223.80.0/21 maxlen: 21
88.223.88.0/22 maxlen: 22
88.223.92.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 20 Aug 2024 05:37:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5a:e8:f6:92:a0:10:55:9e:91:70:67:f5:82:21:70:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Aug 16 11:18:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad40f2288663f09efa2a9d04d1cda62111519d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b6:a0:5c:50:bc:94:7d:c7:db:71:f2:7c:8a:
38:0f:fe:87:d6:8d:a1:8e:da:c3:9c:53:0d:4d:13:
bc:fc:bc:d0:80:bb:0e:ad:7c:ae:04:6d:2d:c5:e0:
66:30:4c:83:3c:f1:63:b8:51:8d:3d:d0:a6:50:2d:
6a:83:40:26:2c:87:41:cf:43:aa:32:57:59:b6:f1:
de:c9:ca:b9:a4:7b:07:1b:28:9f:34:18:39:89:6c:
46:99:e0:1a:62:22:2c:f0:40:a2:b1:ff:c0:ad:70:
e8:f0:68:68:61:a9:a6:29:6c:c5:2f:5b:8b:1d:3e:
c0:30:21:5f:46:64:a8:f3:24:92:c1:34:5b:75:23:
03:47:ab:f4:28:ae:46:31:ae:8d:cf:31:fd:e4:77:
4d:45:67:07:a8:94:61:98:b5:a0:52:1a:e1:b3:d7:
e0:6c:af:5c:fb:23:e7:16:58:58:be:17:2a:2e:54:
99:e3:d3:b6:5c:f9:d3:4a:06:b4:76:65:b5:54:d8:
1c:f8:f8:ca:8e:8a:f8:62:dc:70:f5:a3:52:85:f3:
4b:1a:72:f7:18:c6:f4:af:65:db:0f:16:0f:1c:2c:
aa:db:2d:c0:21:d9:83:59:d1:2e:64:79:7d:55:1c:
80:35:d5:6f:6e:0c:75:12:8d:d5:56:61:53:05:43:
a6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:40:F2:28:86:63:F0:9E:FA:2A:9D:04:D1:CD:A6:21:11:51:9D:86
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/rUDyKIZj8J76Kp0E0c2mIRFRnYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.222.208.0/20
88.222.240.0/21
88.223.80.0/20
Signature Algorithm: sha256WithRSAEncryption
62:3a:1d:ec:28:66:97:cc:ac:48:ef:97:72:37:50:7e:f7:18:
e0:72:b3:34:75:9f:f9:7b:4b:b0:cd:9b:1a:82:da:b4:0a:b7:
f3:b8:ad:4a:70:66:6b:44:78:22:2e:b1:a4:d3:20:f2:d7:3c:
34:46:11:36:c2:52:92:ac:51:d3:9c:82:64:a2:1a:fa:75:50:
03:1b:0f:cf:9a:b8:af:b7:b9:ec:30:d3:b5:7f:35:9d:d8:6a:
2c:da:2e:81:b0:70:41:de:dd:a5:5e:33:0c:d5:c5:20:1d:5c:
d5:37:f2:c2:5e:c4:17:41:02:70:c8:31:1a:80:42:91:af:ed:
7e:8f:ff:9c:ff:c4:05:6d:42:2a:50:45:1c:33:f4:72:84:df:
d7:2e:73:28:28:4b:f0:93:c8:bd:66:c2:5b:01:c1:ff:88:9a:
b8:1d:80:61:60:3e:5d:2e:0f:d8:e8:49:20:88:86:8d:55:80:
3e:61:b7:4a:04:58:d3:c6:31:c9:5a:15:83:98:64:83:2e:e1:
b7:e1:bf:df:a6:26:ef:2b:eb:35:5b:06:4d:91:5e:dc:1f:32:
05:dc:01:65:ad:7f:3c:d8:ad:29:13:36:e4:d0:6d:eb:bc:91:
67:1e:29:f1:d2:a4:55:5b:c2:9e:a4:0f:8d:f4:a1:c8:e4:cd:
d2:5b:51:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFa6PaSoBBVnpFwZ/WCIXCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjQwODE2MTExODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDQwZjIyODg2NjNmMDllZmEyYTlkMDRkMWNkYTYyMTExNTE5ZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7agXFC8lH3H23HyfIo4D/6H1o2h
jtrDnFMNTRO8/LzQgLsOrXyuBG0txeBmMEyDPPFjuFGNPdCmUC1qg0AmLIdBz0Oq
MldZtvHeycq5pHsHGyifNBg5iWxGmeAaYiIs8ECisf/ArXDo8GhoYammKWzFL1uL
HT7AMCFfRmSo8ySSwTRbdSMDR6v0KK5GMa6NzzH95HdNRWcHqJRhmLWgUhrhs9fg
bK9c+yPnFlhYvhcqLlSZ49O2XPnTSga0dmW1VNgc+PjKjor4Ytxw9aNShfNLGnL3
GMb0r2XbDxYPHCyq2y3AIdmDWdEuZHl9VRyANdVvbgx1Eo3VVmFTBUOm+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK1A8iiGY/Ce+iqdBNHNpiERUZ2GMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvclVEeUtJWmo4Sjc2S3AwRTBjMm1JUkZSbllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEWN7QAwQD
WN7wAwQEWN9QMA0GCSqGSIb3DQEBCwUAA4IBAQBiOh3sKGaXzKxI75dyN1B+9xjg
crM0dZ/5e0uwzZsagtq0CrfzuK1KcGZrRHgiLrGk0yDy1zw0RhE2wlKSrFHTnIJk
ohr6dVADGw/Pmrivt7nsMNO1fzWd2Gos2i6BsHBB3t2lXjMM1cUgHVzVN/LCXsQX
QQJwyDEagEKRr+1+j/+c/8QFbUIqUEUcM/RyhN/XLnMoKEvwk8i9ZsJbAcH/iJq4
HYBhYD5dLg/Y6EkgiIaNVYA+YbdKBFjTxjHJWhWDmGSDLuG34b/fpibvK+s1WwZN
kV7cHzIF3AFlrX882K0pEzbk0G3rvJFnHinx0qRVW8KepA+N9KHI5M3SW1Hs
-----END CERTIFICATE-----
Generated at Tue Aug 20 08:01:56 2024 by rpki-client on console-ams.rpki-client.org