Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/VDtS6pP0tTaCC-yY2T3nPMWThqI.roa
File: VDtS6pP0tTaCC-yY2T3nPMWThqI.roa (raw, json)
Hash identifier: Sw4y5XxLz6Ip07/0tn2waJDSY5ROVKwgN9Nki5Zf93I=
Subject key identifier: 54:3B:52:EA:93:F4:B5:36:82:0B:EC:98:D9:3D:E7:3C:C5:93:86:A2
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018726DE51729481174F2C6A10B9B60646B3
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/VDtS6pP0tTaCC-yY2T3nPMWThqI.roa
Signing time: Tue 28 Mar 2023 06:18:36 +0000
ROA not before: Tue 28 Mar 2023 06:18:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197897
IP address blocks: 88.203.249.0/24 maxlen: 24
88.203.250.0/24 maxlen: 24
88.203.248.0/24 maxlen: 24
88.203.251.0/24 maxlen: 24
88.203.248.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:26:de:51:72:94:81:17:4f:2c:6a:10:b9:b6:06:46:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Mar 28 06:18:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=543b52ea93f4b536820bec98d93de73cc59386a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:01:56:ac:8b:a2:d7:e8:3f:d1:07:f3:f6:13:
c4:d5:53:22:b9:ca:ac:5f:41:e1:04:3c:c0:58:dd:
bd:82:f4:e3:d5:3f:90:68:b0:99:d7:20:34:1f:3b:
46:12:36:f2:2b:b0:98:4e:99:14:32:cd:83:e0:f0:
64:10:d2:38:09:1c:f5:ac:f9:32:f6:17:51:ae:89:
26:92:0f:e1:37:8b:77:39:ea:89:dc:fb:98:5b:93:
70:51:5c:f9:f7:06:c4:49:5b:67:cb:02:2f:9c:f8:
5a:1d:8b:89:08:ed:77:0f:ab:04:2c:b1:10:3a:ff:
28:8e:46:4f:2d:e1:d5:88:b1:86:e3:aa:ac:3b:e9:
df:6c:ff:c6:19:97:18:d5:88:84:9a:4b:7b:23:19:
9f:78:e1:c2:d4:69:9c:5a:ea:fb:dc:2a:86:07:aa:
9b:23:15:99:f3:ea:cd:4c:6e:08:fc:aa:14:85:ba:
62:82:7c:6a:0e:b1:ed:db:bc:cd:26:c6:c8:18:b4:
d3:e6:6b:74:2c:30:71:c3:21:a3:a0:4d:5b:27:dc:
35:70:94:c0:f0:13:d2:d1:6d:fe:ff:a2:f5:29:b3:
3f:5f:a4:7c:2b:3b:7c:ce:ad:4c:14:b6:c0:8a:84:
62:05:7c:85:67:b0:d4:ca:6b:b7:f0:21:bd:6e:57:
47:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:3B:52:EA:93:F4:B5:36:82:0B:EC:98:D9:3D:E7:3C:C5:93:86:A2
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/VDtS6pP0tTaCC-yY2T3nPMWThqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.203.248.0/22
Signature Algorithm: sha256WithRSAEncryption
36:78:dd:b3:1e:4d:e6:ab:03:80:06:f6:d1:0c:de:1e:77:3c:
51:8b:1f:13:20:a8:1a:42:01:e1:43:7f:fd:78:d8:f4:27:15:
9b:c7:8f:bf:d6:e9:73:ca:35:8a:90:0c:9c:9c:bd:6a:b6:36:
8c:e1:ab:6e:3a:5f:9a:49:ff:ac:dc:95:3d:eb:00:6d:ad:d1:
d3:f9:ca:ff:67:05:0e:c6:7f:3e:a2:37:b0:0d:ae:2c:37:8e:
5a:79:76:86:86:a8:67:f3:9e:2a:19:58:41:c1:d2:b3:90:18:
24:57:09:36:5f:73:12:0d:ac:50:e2:cf:87:d6:a6:7b:bb:e4:
6a:0b:6c:14:17:56:52:6c:3a:a9:de:95:36:0f:3e:d0:68:4a:
a6:b9:f0:88:c6:d9:8f:aa:36:b5:48:46:65:f8:3a:de:d1:4c:
53:0e:5f:e1:20:cd:53:f7:a1:0f:d9:c7:8b:36:66:3b:60:47:
a1:6a:6d:e1:09:32:57:e0:1c:8a:80:ff:01:fa:e6:24:9b:87:
89:1e:4c:4d:db:37:ba:32:21:a4:3f:a4:02:61:f3:96:91:a2:
e2:ee:16:95:42:70:7d:f4:d8:60:37:65:a4:49:db:86:05:5d:
17:08:b9:8d:65:e4:e5:b9:76:3f:97:58:f8:65:eb:06:4d:19:
6d:27:02:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcm3lFylIEXTyxqELm2BkazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMzI4MDYxODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDNiNTJlYTkzZjRiNTM2ODIwYmVjOThkOTNkZTczY2M1OTM4NmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwFWrIui1+g/0Qfz9hPE1VMiucqs
X0HhBDzAWN29gvTj1T+QaLCZ1yA0HztGEjbyK7CYTpkUMs2D4PBkENI4CRz1rPky
9hdRrokmkg/hN4t3OeqJ3PuYW5NwUVz59wbESVtnywIvnPhaHYuJCO13D6sELLEQ
Ov8ojkZPLeHViLGG46qsO+nfbP/GGZcY1YiEmkt7IxmfeOHC1GmcWur73CqGB6qb
IxWZ8+rNTG4I/KoUhbpignxqDrHt27zNJsbIGLTT5mt0LDBxwyGjoE1bJ9w1cJTA
8BPS0W3+/6L1KbM/X6R8Kzt8zq1MFLbAioRiBXyFZ7DUymu38CG9bldHOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQ7UuqT9LU2ggvsmNk95zzFk4aiMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvVkR0UzZwUDB0VGFDQy15WTJUM25QTVdUaHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWMv4MA0G
CSqGSIb3DQEBCwUAA4IBAQA2eN2zHk3mqwOABvbRDN4edzxRix8TIKgaQgHhQ3/9
eNj0JxWbx4+/1ulzyjWKkAycnL1qtjaM4atuOl+aSf+s3JU96wBtrdHT+cr/ZwUO
xn8+ojewDa4sN45aeXaGhqhn854qGVhBwdKzkBgkVwk2X3MSDaxQ4s+H1qZ7u+Rq
C2wUF1ZSbDqp3pU2Dz7QaEqmufCIxtmPqja1SEZl+Dre0UxTDl/hIM1T96EP2ceL
NmY7YEeham3hCTJX4ByKgP8B+uYkm4eJHkxN2ze6MiGkP6QCYfOWkaLi7haVQnB9
9NhgN2WkSduGBV0XCLmNZeTluXY/l1j4ZesGTRltJwJR
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:44 2024 by rpki-client on console-ams.rpki-client.org