Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/z3hrbkjjhbmXDMPKiWnhMSN21HU.roa
File: z3hrbkjjhbmXDMPKiWnhMSN21HU.roa (raw, json)
Hash identifier: GSRDY31PnZkkUxLQRVB7bCziXp7i4aM+bLuTMf5aQEQ=
Subject key identifier: CF:78:6B:6E:48:E3:85:B9:97:0C:C3:CA:89:69:E1:31:23:76:D4:75
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 018E8A4DD743DD8CBC5E6E0CD1A09BB532A9
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/z3hrbkjjhbmXDMPKiWnhMSN21HU.roa
Signing time: Fri 29 Mar 2024 13:02:20 +0000
ROA not before: Fri 29 Mar 2024 13:02:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.218.42.0/24 maxlen: 24
88.218.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 10:54:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8a:4d:d7:43:dd:8c:bc:5e:6e:0c:d1:a0:9b:b5:32:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Mar 29 13:02:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf786b6e48e385b9970cc3ca8969e1312376d475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:08:e4:1b:23:db:f9:6d:a4:19:d3:4c:d9:3c:
e7:cf:2b:ed:ef:2d:f3:c1:2b:f3:63:78:e6:00:70:
18:75:eb:6c:df:08:6d:90:c7:78:e0:22:1c:6a:ea:
a8:33:0e:a0:f6:9b:43:b1:b3:5d:9f:ee:64:f1:fe:
53:f8:d7:40:ca:fc:20:a0:92:ff:db:56:67:19:03:
4c:f3:5d:ac:df:05:d9:ed:6a:60:56:5e:60:d0:b5:
5e:0f:db:00:f8:ac:31:52:ff:e5:c3:e5:26:bc:80:
7e:eb:a5:ad:cc:2e:88:81:1a:43:93:32:01:8f:1e:
ba:04:dc:bf:96:d9:70:7e:59:9e:64:00:c5:77:33:
2f:8b:b0:f2:0f:13:52:c1:56:ee:76:f9:06:95:a1:
83:ef:63:34:44:36:5b:b1:5a:32:03:cd:e8:97:03:
4c:f4:ea:9c:cb:5c:a9:c8:43:96:02:fc:88:05:bf:
df:f2:47:08:31:29:e6:3a:89:9a:02:f5:ef:e5:78:
65:60:59:26:43:aa:39:92:50:63:1a:e3:a6:17:c0:
ee:6b:7e:46:dd:36:00:f5:c0:bd:92:00:fc:fd:45:
55:67:61:5f:47:f4:e7:aa:7b:7e:26:f1:a3:45:6e:
96:b3:32:ca:49:a6:2c:89:43:56:b4:ff:4e:3b:de:
19:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:78:6B:6E:48:E3:85:B9:97:0C:C3:CA:89:69:E1:31:23:76:D4:75
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/z3hrbkjjhbmXDMPKiWnhMSN21HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.42.0/23
Signature Algorithm: sha256WithRSAEncryption
67:0c:2f:b2:ca:a4:6d:ba:a2:ce:1f:d1:98:e5:c3:d1:aa:b2:
60:7c:d2:7d:ef:7e:82:46:b9:e2:d5:8d:56:c7:4b:d2:2f:73:
b8:41:b3:e0:1e:67:5e:ff:e4:a1:b8:34:f3:9c:3a:a1:90:3f:
72:fc:b5:23:00:40:53:19:d2:2c:fb:99:ed:08:82:3c:d3:74:
81:d0:61:76:d2:7d:fc:aa:0b:86:81:31:84:f5:f1:48:fb:ef:
7d:fb:3e:1b:e9:13:55:53:91:68:0c:a0:de:9b:e8:54:e4:46:
b6:62:45:d5:a8:2d:62:51:40:a1:b1:3c:ed:de:e2:db:9c:84:
1b:ad:37:99:23:de:14:53:16:c5:b0:20:7c:bc:b5:1b:2e:50:
17:72:2b:14:69:06:d8:60:d1:0f:a4:23:95:26:6c:74:c6:74:
ca:4c:70:ff:9b:93:e5:2a:15:59:4c:b1:ac:37:03:9e:eb:0c:
9b:41:15:e0:c1:08:23:1b:5e:12:b2:32:c1:df:84:d8:1b:82:
22:41:54:01:ee:5b:4f:54:4d:89:6d:71:08:f9:16:0e:92:e7:
29:40:9c:fc:85:1f:17:3d:6c:44:55:28:ea:c1:f8:c1:7f:bf:
0c:fc:2d:c6:4f:4c:92:bc:b0:31:92:7d:d5:cd:5f:be:dc:6b:
fe:37:55:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6KTddD3Yy8Xm4M0aCbtTKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjQwMzI5MTMwMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjc4NmI2ZTQ4ZTM4NWI5OTcwY2MzY2E4OTY5ZTEzMTIzNzZkNDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygjkGyPb+W2kGdNM2Tznzyvt7y3z
wSvzY3jmAHAYdets3whtkMd44CIcauqoMw6g9ptDsbNdn+5k8f5T+NdAyvwgoJL/
21ZnGQNM812s3wXZ7WpgVl5g0LVeD9sA+KwxUv/lw+UmvIB+66WtzC6IgRpDkzIB
jx66BNy/ltlwflmeZADFdzMvi7DyDxNSwVbudvkGlaGD72M0RDZbsVoyA83olwNM
9Oqcy1ypyEOWAvyIBb/f8kcIMSnmOomaAvXv5XhlYFkmQ6o5klBjGuOmF8Dua35G
3TYA9cC9kgD8/UVVZ2FfR/Tnqnt+JvGjRW6WszLKSaYsiUNWtP9OO94ZPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM94a25I44W5lwzDyolp4TEjdtR1MB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvejNocmJrampoYm1YRE1QS2lXbmhNU04yMUhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNoqMA0G
CSqGSIb3DQEBCwUAA4IBAQBnDC+yyqRtuqLOH9GY5cPRqrJgfNJ9736CRrni1Y1W
x0vSL3O4QbPgHmde/+ShuDTznDqhkD9y/LUjAEBTGdIs+5ntCII803SB0GF20n38
qguGgTGE9fFI++99+z4b6RNVU5FoDKDem+hU5Ea2YkXVqC1iUUChsTzt3uLbnIQb
rTeZI94UUxbFsCB8vLUbLlAXcisUaQbYYNEPpCOVJmx0xnTKTHD/m5PlKhVZTLGs
NwOe6wybQRXgwQgjG14SsjLB34TYG4IiQVQB7ltPVE2JbXEI+RYOkucpQJz8hR8X
PWxEVSjqwfjBf78M/C3GT0ySvLAxkn3VzV++3Gv+N1Ud
-----END CERTIFICATE-----
Generated at Thu Apr 4 14:46:19 2024 by rpki-client on console-fra.rpki-client.org