Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/CiCdiY99u9wM-m9zzgtvys6qWvw.roa
File: CiCdiY99u9wM-m9zzgtvys6qWvw.roa (raw, json)
Hash identifier: YFGvFz6sF+p2m2GrgmKIb/jNikOY80II0QpID6EvjSo=
Subject key identifier: 0A:20:9D:89:8F:7D:BB:DC:0C:FA:6F:73:CE:0B:6F:CA:CE:AA:5A:FC
Certificate issuer: /CN=1319f052bc9e7284888074390c9d0bc127606692
Certificate serial: 018D3CC79EBFB8402755BCF6A6DB65E2DE46
Authority key identifier: 13:19:F0:52:BC:9E:72:84:88:80:74:39:0C:9D:0B:C1:27:60:66:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExnwUryecoSIgHQ5DJ0LwSdgZpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/CiCdiY99u9wM-m9zzgtvys6qWvw.roa
Signing time: Wed 24 Jan 2024 18:42:11 +0000
ROA not before: Wed 24 Jan 2024 18:42:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1897
IP address blocks: 88.157.0.0/16 maxlen: 16
88.157.0.0/17 maxlen: 17
88.157.128.0/17 maxlen: 17
193.126.0.0/16 maxlen: 16
194.79.64.0/19 maxlen: 19
195.23.0.0/16 maxlen: 16
212.0.160.0/19 maxlen: 19
212.0.160.0/21 maxlen: 21
213.205.64.0/19 maxlen: 19
Validation: Failed, certificate revoked on Wed 24 Jan 2024 20:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3c:c7:9e:bf:b8:40:27:55:bc:f6:a6:db:65:e2:de:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1319f052bc9e7284888074390c9d0bc127606692
Validity
Not Before: Jan 24 18:42:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a209d898f7dbbdc0cfa6f73ce0b6fcaceaa5afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:46:5e:75:74:ab:ce:6e:c5:9d:63:87:57:65:
1c:f3:e1:a7:d2:fd:09:ee:24:d2:9e:14:58:50:9c:
b1:b8:d3:5a:51:7f:b1:a3:90:b4:9f:f9:bb:4f:d2:
76:ca:48:0c:64:ca:04:e6:0a:b3:fc:4d:8f:19:66:
65:4f:e2:65:06:a5:77:5c:07:e4:89:d8:39:33:14:
bc:67:8f:c6:cb:14:cc:fd:2c:c9:69:e4:d7:8a:9b:
5d:1d:3f:77:be:72:a1:11:a4:8b:23:bb:9c:a2:cd:
bf:38:e9:40:d7:ba:c8:77:51:65:b4:8c:7f:76:59:
29:92:be:46:69:b3:a5:6e:11:2c:88:fe:06:70:4e:
81:c5:71:64:9e:6c:6c:15:37:fa:02:43:a7:fe:29:
fd:48:26:17:95:ad:ca:72:8d:0f:a0:4a:4a:c3:9f:
0c:a1:17:00:d2:de:4e:8d:0c:89:d0:08:f3:7b:b3:
da:16:8b:5a:c2:b9:f1:cc:2c:5b:5f:f0:f9:2d:3c:
3f:e8:de:c4:3c:6d:d1:3b:98:85:59:6d:d6:87:cc:
3b:92:15:7c:e4:b2:49:41:b4:61:db:0d:22:ad:7e:
b5:dd:cb:59:e6:82:6b:aa:0e:a0:d3:c6:93:08:97:
7e:5c:4d:8d:ec:b4:46:ff:6e:98:46:ba:03:99:ed:
e4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:20:9D:89:8F:7D:BB:DC:0C:FA:6F:73:CE:0B:6F:CA:CE:AA:5A:FC
X509v3 Authority Key Identifier:
keyid:13:19:F0:52:BC:9E:72:84:88:80:74:39:0C:9D:0B:C1:27:60:66:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExnwUryecoSIgHQ5DJ0LwSdgZpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/CiCdiY99u9wM-m9zzgtvys6qWvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/ExnwUryecoSIgHQ5DJ0LwSdgZpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.157.0.0/16
193.126.0.0/16
194.79.64.0/19
195.23.0.0/16
212.0.160.0/19
213.205.64.0/19
Signature Algorithm: sha256WithRSAEncryption
52:0d:2f:38:c2:4d:6f:c8:bf:a9:91:eb:78:27:12:bf:3c:23:
74:48:eb:6f:8a:80:54:56:65:dc:cb:91:52:b0:8b:21:2c:32:
1f:3f:25:32:1e:b3:af:36:8f:14:35:80:03:11:66:11:68:07:
ab:b7:91:34:45:80:1b:04:61:a9:be:30:cf:2d:3c:28:36:ea:
07:ee:46:b8:5d:4d:14:1e:fd:a2:73:ae:2d:ab:4b:2c:f5:ec:
da:f0:ad:b6:8a:56:d4:36:7a:0a:3e:8e:3b:a1:14:87:4f:1b:
b4:e7:c0:02:30:d4:d9:f2:2a:7b:b3:ae:12:76:ee:69:02:68:
af:02:bb:fc:13:f5:79:be:2d:d5:b1:4d:70:8c:12:ce:3e:5b:
32:11:6f:06:68:1d:52:9c:f3:c9:12:ac:6e:52:46:c6:22:ed:
3b:9f:98:5b:cf:b1:48:15:ad:26:06:97:c6:eb:59:f0:a3:e1:
48:b3:99:56:cd:8c:63:ba:a6:37:29:ba:89:ba:5f:7d:04:73:
8b:fa:29:ed:f5:8d:ab:ad:65:f3:bf:82:0e:21:d6:ba:4e:32:
c7:f8:4f:98:12:98:0a:4a:d6:1b:0b:f7:b8:b2:3b:99:07:4b:
41:0e:77:ef:32:56:83:61:33:b6:79:68:77:56:6b:6e:ae:24:
a7:c2:9f:40
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY08x56/uEAnVbz2pttl4t5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTlmMDUyYmM5ZTcyODQ4ODgwNzQzOTBjOWQwYmMxMjc2
MDY2OTIwHhcNMjQwMTI0MTg0MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTIwOWQ4OThmN2RiYmRjMGNmYTZmNzNjZTBiNmZjYWNlYWE1YWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEZedXSrzm7FnWOHV2Uc8+Gn0v0J
7iTSnhRYUJyxuNNaUX+xo5C0n/m7T9J2ykgMZMoE5gqz/E2PGWZlT+JlBqV3XAfk
idg5MxS8Z4/GyxTM/SzJaeTXiptdHT93vnKhEaSLI7ucos2/OOlA17rId1FltIx/
dlkpkr5GabOlbhEsiP4GcE6BxXFknmxsFTf6AkOn/in9SCYXla3Kco0PoEpKw58M
oRcA0t5OjQyJ0Ajze7PaFotawrnxzCxbX/D5LTw/6N7EPG3RO5iFWW3Wh8w7khV8
5LJJQbRh2w0irX613ctZ5oJrqg6g08aTCJd+XE2N7LRG/26YRroDme3koQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAognYmPfbvcDPpvc84Lb8rOqlr8MB8GA1UdIwQY
MBaAFBMZ8FK8nnKEiIB0OQydC8EnYGaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhud1VyeWVjb1NJZ0hRNURKMEx3U2RnWnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kNWJiY2UtNDIyMC00ZWM0LThhZjUt
MmMxYTc3MzBiZDI1LzEvQ2lDZGlZOTl1OXdNLW05enpndHZ5czZxV3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kNWJiY2UtNDIyMC00ZWM0LThhZjUtMmMxYTc3MzBiZDI1
LzEvRXhud1VyeWVjb1NJZ0hRNURKMEx3U2RnWnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhAwMAWJ0DAwDB
fgMEBcJPQAMDAMMXAwQF1ACgAwQF1c1AMA0GCSqGSIb3DQEBCwUAA4IBAQBSDS84
wk1vyL+pket4JxK/PCN0SOtvioBUVmXcy5FSsIshLDIfPyUyHrOvNo8UNYADEWYR
aAert5E0RYAbBGGpvjDPLTwoNuoH7ka4XU0UHv2ic64tq0ss9eza8K22ilbUNnoK
Po47oRSHTxu058ACMNTZ8ip7s64Sdu5pAmivArv8E/V5vi3VsU1wjBLOPlsyEW8G
aB1SnPPJEqxuUkbGIu07n5hbz7FIFa0mBpfG61nwo+FIs5lWzYxjuqY3KbqJul99
BHOL+int9Y2rrWXzv4IOIda6TjLH+E+YEpgKStYbC/e4sjuZB0tBDnfvMlaDYTO2
eWh3VmturiSnwp9A
-----END CERTIFICATE-----
Generated at Thu Jan 25 00:38:54 2024 by rpki-client on console-fra.rpki-client.org