Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/xo2cvprkXAnurvuxpiOdr8s0sZw.roa
File: xo2cvprkXAnurvuxpiOdr8s0sZw.roa (raw, json)
Hash identifier: Nuy02+L762u3O6ET7U6yRKXKyt+nzdXL5C96Vg1GkHk=
Subject key identifier: C6:8D:9C:BE:9A:E4:5C:09:EE:AE:FB:B1:A6:23:9D:AF:CB:34:B1:9C
Certificate issuer: /CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
Certificate serial: 01856EB8E85EA30B61ED6F50B8D1DCECB5C6
Authority key identifier: 74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/xo2cvprkXAnurvuxpiOdr8s0sZw.roa
Signing time: Sun 01 Jan 2023 19:04:49 +0000
ROA not before: Sun 01 Jan 2023 19:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 88.212.158.0/24 maxlen: 24
88.212.156.0/24 maxlen: 24
88.212.159.0/24 maxlen: 24
185.8.135.0/24 maxlen: 24
185.8.134.0/24 maxlen: 24
185.8.133.0/24 maxlen: 24
83.151.192.0/24 maxlen: 24
83.151.193.0/24 maxlen: 24
83.151.195.0/24 maxlen: 24
83.151.194.0/24 maxlen: 24
88.202.210.0/24 maxlen: 24
88.202.208.0/24 maxlen: 24
88.202.208.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 04 Jan 2023 12:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:e8:5e:a3:0b:61:ed:6f:50:b8:d1:dc:ec:b5:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
Validity
Not Before: Jan 1 19:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c68d9cbe9ae45c09eeaefbb1a6239dafcb34b19c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:38:a9:37:92:5f:b6:68:79:98:a9:8e:97:f2:
40:16:35:f5:66:77:1f:14:3e:03:0d:8f:6c:8d:7e:
15:14:5b:30:02:61:ff:9c:98:7d:ca:1d:a3:9b:a4:
b7:7f:4b:c0:cc:83:8d:32:c1:c4:fa:eb:96:8c:cc:
2c:d7:ad:bd:65:00:04:c6:51:0a:bd:8e:38:86:55:
79:db:1e:26:c8:46:64:21:ef:54:2f:da:15:00:e6:
84:06:08:ab:31:b0:81:3c:e7:51:e2:5f:4b:d8:8f:
54:1a:53:75:b0:fd:fd:a3:12:68:91:e9:87:18:c5:
9e:ac:b0:41:54:4a:bf:8c:35:85:93:31:08:02:02:
fc:8c:de:72:20:94:06:ea:b8:93:82:49:ce:6b:37:
ca:66:73:b8:5e:c3:d7:cc:15:a2:0f:45:3a:6e:ae:
c8:9d:9c:7f:89:68:61:20:6c:b6:f8:dd:b4:ad:5b:
44:ec:3f:84:d4:6f:fb:2b:b8:49:f7:40:6b:7e:98:
b2:55:3c:17:72:20:9f:24:5c:9a:fd:85:dd:95:37:
cf:83:ae:d5:dd:43:58:60:0d:52:bb:40:cc:38:44:
25:14:18:8b:bb:a1:93:53:41:d9:97:80:6b:ca:47:
73:a4:2a:cf:ad:7a:4e:b5:a6:da:0b:63:6a:fc:d9:
22:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8D:9C:BE:9A:E4:5C:09:EE:AE:FB:B1:A6:23:9D:AF:CB:34:B1:9C
X509v3 Authority Key Identifier:
keyid:74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/xo2cvprkXAnurvuxpiOdr8s0sZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/dEXd7t-9ctMT6e6MzuroQDzDQUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.151.192.0/22
88.202.208.0-88.202.210.255
88.212.156.0/24
88.212.158.0/23
185.8.133.0-185.8.135.255
Signature Algorithm: sha256WithRSAEncryption
7a:ce:65:87:cb:ac:d0:8d:1c:00:95:f4:91:66:eb:a3:f9:ec:
74:0d:9b:3a:83:14:83:70:a8:78:d8:d5:29:6a:3b:11:cd:2b:
03:df:2b:8e:05:d7:29:01:89:86:c8:9a:c2:87:40:76:8e:84:
c1:02:31:b8:00:51:1d:c5:31:fb:7e:6a:be:e1:30:24:04:2d:
d0:93:45:44:a9:4f:86:79:89:99:a5:d8:1b:1e:4c:d9:9b:67:
56:f1:00:cc:f2:33:29:97:80:7a:83:07:6e:e0:75:56:25:10:
55:0c:a9:15:df:09:c6:2b:47:f5:48:af:3a:19:96:0e:0b:c9:
75:73:e9:33:34:3f:05:fa:77:2e:88:04:8f:9c:6b:df:7e:14:
54:79:9a:43:7f:36:e9:e9:6e:7d:be:c1:30:65:bf:f2:90:bf:
f2:da:04:57:18:05:1b:75:82:16:81:85:ae:fd:05:0c:42:b1:
7d:81:76:1b:89:df:1d:3c:fe:55:2a:bf:0f:99:c2:be:52:58:
87:c6:fd:5b:18:cc:a8:7f:af:ed:62:36:14:9d:a4:b9:6d:5a:
e9:df:a5:87:74:c8:d7:e4:19:20:00:0c:9e:82:ae:b0:cc:c3:
8c:77:f7:d9:3e:a4:48:b7:fd:9f:1f:c7:8b:4b:8a:37:67:0c:
c7:1b:1a:81
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVuuOheowth7W9QuNHc7LXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NDVkZGVlZGZiZDcyZDMxM2U5ZWU4Y2NlZWFlODQwM2Nj
MzQxNDYwHhcNMjMwMTAxMTkwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjhkOWNiZTlhZTQ1YzA5ZWVhZWZiYjFhNjIzOWRhZmNiMzRiMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzipN5Jftmh5mKmOl/JAFjX1Zncf
FD4DDY9sjX4VFFswAmH/nJh9yh2jm6S3f0vAzIONMsHE+uuWjMws1629ZQAExlEK
vY44hlV52x4myEZkIe9UL9oVAOaEBgirMbCBPOdR4l9L2I9UGlN1sP39oxJokemH
GMWerLBBVEq/jDWFkzEIAgL8jN5yIJQG6riTgknOazfKZnO4XsPXzBWiD0U6bq7I
nZx/iWhhIGy2+N20rVtE7D+E1G/7K7hJ90BrfpiyVTwXciCfJFya/YXdlTfPg67V
3UNYYA1Su0DMOEQlFBiLu6GTU0HZl4BrykdzpCrPrXpOtabaC2Nq/NkixQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMaNnL6a5FwJ7q77saYjna/LNLGcMB8GA1UdIwQY
MBaAFHRF3e7fvXLTE+nujM7q6EA8w0FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEVYZDd0LTljdE1UNmU2TXp1cm9RRHpEUVVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jMTc2NWItZTNhNS00MTBjLTljZDMt
NmNhMzQwZmE3NDkzLzEveG8yY3ZwcmtYQW51cnZ1eHBpT2RyOHMwc1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jMTc2NWItZTNhNS00MTBjLTljZDMtNmNhMzQwZmE3NDkz
LzEvZEVYZDd0LTljdE1UNmU2TXp1cm9RRHpEUVVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCU5fAMAwD
BARYytADBABYytIDBABY1JwDBAFY1J4wDAMEALkIhQMEA7kIgDANBgkqhkiG9w0B
AQsFAAOCAQEAes5lh8us0I0cAJX0kWbro/nsdA2bOoMUg3CoeNjVKWo7Ec0rA98r
jgXXKQGJhsiawodAdo6EwQIxuABRHcUx+35qvuEwJAQt0JNFRKlPhnmJmaXYGx5M
2ZtnVvEAzPIzKZeAeoMHbuB1ViUQVQypFd8JxitH9UivOhmWDgvJdXPpMzQ/Bfp3
LogEj5xr334UVHmaQ3826elufb7BMGW/8pC/8toEVxgFG3WCFoGFrv0FDEKxfYF2
G4nfHTz+VSq/D5nCvlJYh8b9WxjMqH+v7WI2FJ2kuW1a6d+lh3TI1+QZIAAMnoKu
sMzDjHf32T6kSLf9nx/Hi0uKN2cMxxsagQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:41 2024 by rpki-client on console-ams.rpki-client.org