Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/kUoO2sP2sygJjF6nsYPtlICain8.roa
File: kUoO2sP2sygJjF6nsYPtlICain8.roa (raw, json)
Hash identifier: J95gNBQt4v4IMysNq7ghH2DVI75ZTp6dC1J7QsbeExg=
Subject key identifier: 91:4A:0E:DA:C3:F6:B3:28:09:8C:5E:A7:B1:83:ED:94:80:9A:8A:7F
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 01923476B951CB20627C91589B2073BA750C
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/kUoO2sP2sygJjF6nsYPtlICain8.roa
Signing time: Fri 27 Sep 2024 17:10:48 +0000
ROA not before: Fri 27 Sep 2024 17:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35042
IP address blocks: 88.214.25.0/24 maxlen: 24
91.228.101.0/24 maxlen: 24
193.24.208.0/22 maxlen: 22
194.24.160.0/24 maxlen: 24
2a00:1910::/29 maxlen: 29
2a12:5e41::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 08 Oct 2024 15:39:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:34:76:b9:51:cb:20:62:7c:91:58:9b:20:73:ba:75:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Sep 27 17:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=914a0edac3f6b328098c5ea7b183ed94809a8a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f2:ad:df:c1:41:6b:2c:59:b7:2b:d0:06:e9:
9a:c8:31:c4:49:83:6c:90:f5:23:93:a7:f2:9f:0f:
0d:21:33:2f:5e:ea:92:c5:34:f8:de:98:24:44:4c:
9f:b7:22:19:7f:ed:75:ea:39:d7:ce:46:d3:0c:67:
9e:55:11:79:78:6b:6b:5c:c9:b0:a0:ce:c3:b9:a3:
35:56:4f:89:70:0a:c8:ee:5b:0f:b4:7b:40:7f:7e:
f3:cb:a9:fd:60:11:38:35:23:1d:be:79:f6:ce:a0:
47:ec:7b:b6:bb:5b:9b:c9:19:0f:9a:11:11:67:1a:
08:e8:92:be:98:8e:3e:fa:25:ec:15:1a:43:ac:12:
0e:87:36:24:d6:c9:46:0b:f2:48:bc:99:fc:72:bd:
18:6d:8f:9b:55:42:b3:53:f6:7d:a9:fe:a2:95:3a:
90:84:49:ff:40:9c:3d:1f:ae:df:1c:00:c4:8b:3c:
fe:d7:61:32:86:cc:41:c7:74:86:b2:60:f2:05:5e:
4b:e6:05:df:f0:6d:56:ee:7c:45:5b:85:ed:b2:89:
a1:b2:0d:90:27:08:b4:63:1f:24:62:38:b4:b5:bb:
70:97:fb:06:97:46:99:a1:ee:f2:74:b0:4d:40:44:
e0:75:9c:61:86:0d:bf:67:f4:dd:45:2d:4a:86:44:
49:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4A:0E:DA:C3:F6:B3:28:09:8C:5E:A7:B1:83:ED:94:80:9A:8A:7F
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/kUoO2sP2sygJjF6nsYPtlICain8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.25.0/24
91.228.101.0/24
193.24.208.0/22
194.24.160.0/24
IPv6:
2a00:1910::/29
2a12:5e41::/32
Signature Algorithm: sha256WithRSAEncryption
af:3f:c0:99:d5:36:56:c9:8b:9f:9d:e2:93:4a:fb:ee:9a:cc:
99:ec:cd:bd:e0:73:28:43:80:ee:3f:b1:b5:30:7a:f2:72:79:
18:2f:dc:f3:cd:0d:98:41:14:5c:71:0c:4f:b8:aa:97:0c:0d:
6e:ed:89:ae:87:a2:72:33:ec:89:c2:48:20:4f:17:f6:44:2c:
a0:b1:c7:d5:3b:80:8e:9b:48:4a:e4:67:4e:c3:0d:19:d6:cd:
3c:c2:b1:79:36:66:94:f2:24:ad:03:f5:d2:2b:20:c5:ed:a6:
b6:c8:ca:80:84:e5:5b:9c:c4:4f:95:02:31:c3:d9:8b:e3:90:
76:d2:27:50:c3:3d:db:d6:44:c4:64:d5:3c:14:8a:47:7f:0a:
e4:f3:9d:52:8f:d4:1a:09:7f:53:c8:32:39:ca:d5:74:d7:28:
a1:55:d0:2c:9b:84:5e:fd:12:16:10:6a:b1:56:a9:f4:14:7d:
1e:d8:2c:4d:05:46:9c:6f:3b:97:0f:80:88:55:a9:6d:bb:46:
f7:7b:23:33:6b:b7:3a:e6:73:20:4b:fb:eb:e4:9a:6b:ed:99:
67:6f:42:70:16:69:4d:84:1b:43:30:65:06:9d:83:63:e8:38:
09:3c:87:3a:b5:07:3d:19:12:af:cc:47:67:d9:ca:c5:0f:fa:
f2:0a:bb:fa
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZI0drlRyyBifJFYmyBzunUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjQwOTI3MTcxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRhMGVkYWMzZjZiMzI4MDk4YzVlYTdiMTgzZWQ5NDgwOWE4YTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifKt38FBayxZtyvQBumayDHESYNs
kPUjk6fynw8NITMvXuqSxTT43pgkREyftyIZf+116jnXzkbTDGeeVRF5eGtrXMmw
oM7DuaM1Vk+JcArI7lsPtHtAf37zy6n9YBE4NSMdvnn2zqBH7Hu2u1ubyRkPmhER
ZxoI6JK+mI4++iXsFRpDrBIOhzYk1slGC/JIvJn8cr0YbY+bVUKzU/Z9qf6ilTqQ
hEn/QJw9H67fHADEizz+12EyhsxBx3SGsmDyBV5L5gXf8G1W7nxFW4Xtsomhsg2Q
Jwi0Yx8kYji0tbtwl/sGl0aZoe7ydLBNQETgdZxhhg2/Z/TdRS1KhkRJQwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJFKDtrD9rMoCYxep7GD7ZSAmop/MB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEva1VvTzJzUDJzeWdKakY2bnNZUHRsSUNhaW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAWNYZAwQA
W+RlAwQCwRjQAwQAwhigMBQEAgACMA4DBQMqABkQAwUAKhJeQTANBgkqhkiG9w0B
AQsFAAOCAQEArz/AmdU2VsmLn53ik0r77prMmezNveBzKEOA7j+xtTB68nJ5GC/c
880NmEEUXHEMT7iqlwwNbu2JroeicjPsicJIIE8X9kQsoLHH1TuAjptISuRnTsMN
GdbNPMKxeTZmlPIkrQP10isgxe2mtsjKgITlW5zET5UCMcPZi+OQdtInUMM929ZE
xGTVPBSKR38K5POdUo/UGgl/U8gyOcrVdNcooVXQLJuEXv0SFhBqsVap9BR9Htgs
TQVGnG87lw+AiFWpbbtG93sjM2u3OuZzIEv76+Saa+2ZZ29CcBZpTYQbQzBlBp2D
Y+g4CTyHOrUHPRkSr8xHZ9nKxQ/68gq7+g==
-----END CERTIFICATE-----
Generated at Tue Oct 8 20:56:10 2024 by rpki-client on console-fra.rpki-client.org