Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/gMDtMN1dqz1ECehuxWfPb38k0tc.roa
File: gMDtMN1dqz1ECehuxWfPb38k0tc.roa (raw, json)
Hash identifier: nc0iZmh9xjh2HT+A076jK8+05XOxPHqlfoYdQTHlxPU=
Subject key identifier: 80:C0:ED:30:DD:5D:AB:3D:44:09:E8:6E:C5:67:CF:6F:7F:24:D2:D7
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018571F10346075A5B08BA772B1B0D5241A2
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/gMDtMN1dqz1ECehuxWfPb38k0tc.roa
Signing time: Mon 02 Jan 2023 10:04:58 +0000
ROA not before: Mon 02 Jan 2023 10:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203068
IP address blocks: 88.148.88.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f1:03:46:07:5a:5b:08:ba:77:2b:1b:0d:52:41:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 10:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80c0ed30dd5dab3d4409e86ec567cf6f7f24d2d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:36:c4:c0:a0:53:e5:88:24:a5:12:37:8a:1e:
06:2b:0e:ab:a3:6e:9e:04:88:42:b7:13:c7:16:79:
bf:1f:a0:90:fe:df:87:be:ae:4c:66:b3:d4:63:98:
73:b9:43:77:0c:c8:4f:45:a0:ee:bc:1f:86:15:fe:
c4:93:0e:85:ff:08:22:09:fa:b6:b6:bf:a5:66:c6:
aa:eb:ec:00:65:22:46:1a:86:02:0a:27:2d:41:e4:
fb:2f:4b:0d:03:c1:06:54:ee:06:21:4f:73:10:30:
df:39:b8:45:38:e6:a7:ec:cd:f0:80:75:24:eb:17:
9d:69:d5:7a:2a:ca:3e:db:0a:8f:44:01:93:4e:55:
48:a5:c0:92:d2:1a:9c:74:d4:7c:e1:c0:45:26:cf:
37:8a:1d:46:7b:cd:74:ac:78:12:25:fb:b0:5a:6a:
61:3c:50:85:96:c0:87:62:f1:9e:0a:d4:d6:b2:2b:
71:c1:e9:9e:e3:df:d1:9e:d3:5d:60:ca:c4:6b:22:
c4:88:51:15:ca:2c:e0:0d:1e:9a:7b:b0:9b:00:d6:
0e:5a:61:51:2a:63:c9:4f:a3:83:23:3a:b4:39:f4:
6a:a5:2d:37:88:91:ce:ab:d4:93:c2:3c:92:4c:c6:
33:a7:c0:71:47:2c:83:1c:a9:dd:a9:85:c1:32:a9:
3e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:C0:ED:30:DD:5D:AB:3D:44:09:E8:6E:C5:67:CF:6F:7F:24:D2:D7
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/gMDtMN1dqz1ECehuxWfPb38k0tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.148.88.0/24
Signature Algorithm: sha256WithRSAEncryption
32:42:e9:78:69:4d:03:0f:62:e0:d7:8b:20:db:40:fd:ae:be:
e6:66:04:a1:42:61:69:ec:b5:5a:67:23:6f:70:c7:f9:30:e8:
19:5f:f9:f3:69:a8:c6:70:a8:03:94:c7:6e:e6:f1:8a:23:29:
72:06:2a:08:6b:24:22:6a:c3:8c:99:f7:bf:f4:5e:a8:00:53:
b7:12:aa:f3:f9:89:62:34:63:d3:9c:ca:43:4c:89:d2:08:34:
82:89:2d:79:46:22:ae:5d:e5:34:14:d0:e0:81:e0:8f:24:e4:
d2:fa:7b:57:12:4c:49:71:91:25:aa:5b:31:3d:41:3a:ff:0b:
67:92:13:d8:ab:4c:08:6b:98:7a:c4:4d:d0:6c:54:f0:3d:16:
52:01:e5:1f:d9:88:21:86:42:cb:fc:f8:cd:9b:13:5e:9b:e9:
44:11:88:e6:cd:c0:53:75:eb:be:fb:7c:c3:ce:7a:5c:ee:0b:
1f:83:15:31:83:5c:11:ea:e8:7a:a8:7b:3f:08:99:5f:d1:c4:
0d:1b:4f:65:d7:7a:f6:2c:41:dc:7d:49:0b:46:8e:39:29:96:
89:12:cc:e4:d4:28:1d:31:68:b4:b2:06:ad:f3:cb:2d:6d:c2:
ff:da:21:1d:bf:d8:53:10:c5:92:0d:8e:b2:9e:66:ca:71:58:
a4:70:d5:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8QNGB1pbCLp3KxsNUkGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGMwZWQzMGRkNWRhYjNkNDQwOWU4NmVjNTY3Y2Y2ZjdmMjRkMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTbEwKBT5YgkpRI3ih4GKw6ro26e
BIhCtxPHFnm/H6CQ/t+Hvq5MZrPUY5hzuUN3DMhPRaDuvB+GFf7Ekw6F/wgiCfq2
tr+lZsaq6+wAZSJGGoYCCictQeT7L0sNA8EGVO4GIU9zEDDfObhFOOan7M3wgHUk
6xedadV6Kso+2wqPRAGTTlVIpcCS0hqcdNR84cBFJs83ih1Ge810rHgSJfuwWmph
PFCFlsCHYvGeCtTWsitxweme49/RntNdYMrEayLEiFEVyizgDR6ae7CbANYOWmFR
KmPJT6ODIzq0OfRqpS03iJHOq9STwjySTMYzp8BxRyyDHKndqYXBMqk+SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDA7TDdXas9RAnobsVnz29/JNLXMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvZ01EdE1OMWRxejFFQ2VodXhXZlBiMzhrMHRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJRYMA0G
CSqGSIb3DQEBCwUAA4IBAQAyQul4aU0DD2Lg14sg20D9rr7mZgShQmFp7LVaZyNv
cMf5MOgZX/nzaajGcKgDlMdu5vGKIylyBioIayQiasOMmfe/9F6oAFO3Eqrz+Yli
NGPTnMpDTInSCDSCiS15RiKuXeU0FNDggeCPJOTS+ntXEkxJcZElqlsxPUE6/wtn
khPYq0wIa5h6xE3QbFTwPRZSAeUf2YghhkLL/PjNmxNem+lEEYjmzcBTdeu++3zD
znpc7gsfgxUxg1wR6uh6qHs/CJlf0cQNG09l13r2LEHcfUkLRo45KZaJEszk1Cgd
MWi0sgat88stbcL/2iEdv9hTEMWSDY6ynmbKcVikcNV0
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:36 2024 by rpki-client on console-fra.rpki-client.org