Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KcBNGXfhPVEj6kOsMbUl_9oqa3w.roa
File: KcBNGXfhPVEj6kOsMbUl_9oqa3w.roa (raw, json)
Hash identifier: TlU+O+b6Ozw6jhVfdLqXjbpJPxiNBHbdu1irveGQsh4=
Subject key identifier: 29:C0:4D:19:77:E1:3D:51:23:EA:43:AC:31:B5:25:FF:DA:2A:6B:7C
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01912243A87E495A673E90095AD6FE55F47E
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KcBNGXfhPVEj6kOsMbUl_9oqa3w.roa
Signing time: Mon 05 Aug 2024 11:19:04 +0000
ROA not before: Mon 05 Aug 2024 11:19:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44554
IP address blocks: 88.151.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:22:43:a8:7e:49:5a:67:3e:90:09:5a:d6:fe:55:f4:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 5 11:19:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29c04d1977e13d5123ea43ac31b525ffda2a6b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1d:41:21:7a:be:e5:60:31:ce:86:c9:26:c6:
68:ef:d7:c2:54:19:ed:cb:0e:94:10:45:6c:4b:31:
4e:4a:15:df:6a:13:8d:e2:57:db:4b:96:a5:d4:f7:
92:19:cc:f6:e9:2e:41:0e:95:43:bd:1a:a9:b1:83:
7e:f0:7b:0b:84:7c:1b:41:90:6f:36:21:f3:c3:17:
7a:b5:e5:da:46:2f:40:b9:6d:56:61:f6:b3:c5:f6:
d2:bf:bd:43:b4:bf:5f:32:3d:7c:c6:bb:20:5f:9c:
6f:37:0a:11:61:34:09:87:35:20:9b:e5:e4:11:23:
4f:f6:30:08:38:66:f5:3d:a5:d3:49:58:b5:b7:91:
1d:f5:8d:2a:cf:95:b9:76:04:76:df:65:64:d7:b4:
f6:1c:a3:5a:27:2b:63:fd:c7:2f:eb:7a:2d:8a:73:
f9:64:a5:c8:98:8b:e5:5e:99:fb:f7:84:01:f6:3a:
c8:e2:a1:c6:c2:42:9a:1f:8c:f5:12:ed:e9:0b:40:
fd:86:18:93:c7:e9:62:0d:3f:c4:24:97:3e:d7:0c:
7a:0b:5b:4d:a3:51:d5:12:a9:96:30:10:03:8c:5f:
c2:09:93:c8:7b:21:e7:6f:ea:d6:e5:4f:e7:42:69:
f5:32:cd:7a:bc:fc:8b:ea:9d:0f:a4:9f:e0:ea:cc:
a2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C0:4D:19:77:E1:3D:51:23:EA:43:AC:31:B5:25:FF:DA:2A:6B:7C
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KcBNGXfhPVEj6kOsMbUl_9oqa3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.119.0/24
Signature Algorithm: sha256WithRSAEncryption
94:69:9f:84:df:de:9f:64:2a:b9:9e:ae:45:bf:ba:cb:87:21:
b7:7e:b1:c9:41:53:52:c9:4e:ee:5f:49:e3:73:9c:66:85:46:
c9:e4:5f:4f:6d:05:97:6a:70:34:ca:6f:08:4a:ec:88:31:46:
91:b7:3d:1a:d7:e5:56:a0:93:29:3c:69:7c:b4:44:c0:23:a3:
2f:0d:32:ad:c9:65:fe:f8:b5:af:53:91:22:7d:1f:d7:e4:28:
2a:88:88:59:a5:22:70:db:fb:0a:e3:46:75:8e:63:0c:9e:d0:
a7:82:cd:22:ec:66:28:97:84:a0:8c:c2:9d:b9:2f:ba:5c:13:
04:90:91:7e:0d:e3:c0:c0:a7:7d:73:db:eb:66:6c:f4:23:0f:
3c:0e:83:1c:bc:fa:ee:b8:d7:c1:fa:66:fa:4b:cc:f2:d9:d5:
05:d6:4d:3d:0f:24:da:f4:34:e1:4f:b1:80:6b:08:8e:2e:4a:
97:99:04:f5:10:e5:6e:a3:10:fd:ba:02:57:59:77:8f:04:48:
12:11:58:50:05:40:7e:d6:85:e8:d3:63:ee:90:7f:24:14:26:
9d:61:d6:68:f9:06:e1:33:68:f9:5d:fc:a0:f0:a0:d7:41:98:
63:34:bb:80:38:86:8d:cc:18:84:24:2d:d5:97:74:67:a0:cf:
25:da:a6:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEiQ6h+SVpnPpAJWtb+VfR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODA1MTExOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWMwNGQxOTc3ZTEzZDUxMjNlYTQzYWMzMWI1MjVmZmRhMmE2YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR1BIXq+5WAxzobJJsZo79fCVBnt
yw6UEEVsSzFOShXfahON4lfbS5al1PeSGcz26S5BDpVDvRqpsYN+8HsLhHwbQZBv
NiHzwxd6teXaRi9AuW1WYfazxfbSv71DtL9fMj18xrsgX5xvNwoRYTQJhzUgm+Xk
ESNP9jAIOGb1PaXTSVi1t5Ed9Y0qz5W5dgR232Vk17T2HKNaJytj/ccv63otinP5
ZKXImIvlXpn794QB9jrI4qHGwkKaH4z1Eu3pC0D9hhiTx+liDT/EJJc+1wx6C1tN
o1HVEqmWMBADjF/CCZPIeyHnb+rW5U/nQmn1Ms16vPyL6p0PpJ/g6syiaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnATRl34T1RI+pDrDG1Jf/aKmt8MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvS2NCTkdYZmhQVkVqNmtPc01iVWxfOW9xYTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJd3MA0G
CSqGSIb3DQEBCwUAA4IBAQCUaZ+E396fZCq5nq5Fv7rLhyG3frHJQVNSyU7uX0nj
c5xmhUbJ5F9PbQWXanA0ym8ISuyIMUaRtz0a1+VWoJMpPGl8tETAI6MvDTKtyWX+
+LWvU5EifR/X5CgqiIhZpSJw2/sK40Z1jmMMntCngs0i7GYol4SgjMKduS+6XBME
kJF+DePAwKd9c9vrZmz0Iw88DoMcvPruuNfB+mb6S8zy2dUF1k09DyTa9DThT7GA
awiOLkqXmQT1EOVuoxD9ugJXWXePBEgSEVhQBUB+1oXo02PukH8kFCadYdZo+Qbh
M2j5Xfyg8KDXQZhjNLuAOIaNzBiEJC3Vl3RnoM8l2qaY
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:25 2025 by rpki-client