Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/gQb1HhLMOKj2FdD5T943wxGRbOM.roa
File: gQb1HhLMOKj2FdD5T943wxGRbOM.roa (raw, json)
Hash identifier: tWp2e5lwYpWBYk7aLQXnFS/BRGpGb+jyadd9YzVt7zo=
Subject key identifier: 81:06:F5:1E:12:CC:38:A8:F6:15:D0:F9:4F:DE:37:C3:11:91:6C:E3
Certificate issuer: /CN=3b5c2467546f4b078a0224da1ccac5c287e93453
Certificate serial: 01856D13D3255020FF62488E2AC4827E5A01
Authority key identifier: 3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/gQb1HhLMOKj2FdD5T943wxGRbOM.roa
Signing time: Sun 01 Jan 2023 11:24:53 +0000
ROA not before: Sun 01 Jan 2023 11:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34078
IP address blocks: 88.135.33.0/24 maxlen: 24
88.135.35.0/24 maxlen: 24
88.135.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:d3:25:50:20:ff:62:48:8e:2a:c4:82:7e:5a:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b5c2467546f4b078a0224da1ccac5c287e93453
Validity
Not Before: Jan 1 11:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8106f51e12cc38a8f615d0f94fde37c311916ce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:73:6c:38:ee:f7:9e:37:fe:14:6e:4e:a3:27:
6d:21:06:cd:30:60:f1:c7:70:b5:8d:68:4e:f6:60:
8a:2a:88:a6:1f:01:bb:9b:a2:f3:73:d3:96:0c:88:
b1:89:3f:33:3a:ac:0a:19:da:81:e3:97:a7:3e:f6:
6b:bb:5f:62:85:a2:8e:aa:2c:f8:df:e0:a9:15:34:
4b:6a:bc:ca:59:5c:76:7d:65:d3:c0:69:62:14:3e:
c4:5f:5f:c5:e5:2d:13:68:3d:69:86:c2:8b:9f:36:
f0:27:9d:a2:b8:aa:d4:30:ca:14:32:15:0d:44:e6:
63:af:4b:6a:c3:56:c6:df:bc:f5:01:10:7e:79:22:
17:c2:84:1c:6f:31:93:26:d9:e3:04:43:ff:aa:41:
95:22:d1:95:af:f2:de:93:23:2b:2e:65:9e:36:6c:
fd:d7:63:be:61:4d:1e:9a:e5:14:bd:6b:34:21:34:
a3:2c:0c:7d:d4:de:db:45:0d:b6:d2:5c:43:76:4d:
4b:7e:87:eb:ad:51:6f:89:6a:2d:41:1a:c5:0a:8e:
3c:ca:86:e0:d0:36:c4:c8:8f:b0:42:0e:3a:4f:79:
71:f1:2b:15:ef:cf:83:81:6a:1c:f3:20:e2:29:d8:
27:de:99:e2:c9:ee:c4:1a:29:06:e7:45:7e:bd:ea:
aa:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:06:F5:1E:12:CC:38:A8:F6:15:D0:F9:4F:DE:37:C3:11:91:6C:E3
X509v3 Authority Key Identifier:
keyid:3B:5C:24:67:54:6F:4B:07:8A:02:24:DA:1C:CA:C5:C2:87:E9:34:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1wkZ1RvSweKAiTaHMrFwofpNFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/gQb1HhLMOKj2FdD5T943wxGRbOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b58d94-b564-4d49-a8fd-5c096a87bb07/1/O1wkZ1RvSweKAiTaHMrFwofpNFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.33.0-88.135.35.255
Signature Algorithm: sha256WithRSAEncryption
4a:2c:11:57:e4:cd:9c:c9:ed:d9:29:66:7b:a9:a3:ba:c6:25:
c1:98:44:30:af:68:07:ee:68:72:05:48:c2:ce:1a:aa:99:ad:
ea:fe:65:65:00:d0:e7:77:07:bd:d4:7f:57:e1:79:b7:2b:8d:
e5:95:d2:e5:96:c6:d5:83:0f:d6:7d:24:92:91:92:6e:1b:b8:
f5:41:71:4e:16:88:74:da:19:3e:c6:f1:05:4c:21:4b:22:65:
dd:eb:98:c4:75:9c:5f:be:a3:50:21:81:fe:bb:64:42:20:da:
87:c6:ea:5d:37:c7:88:b1:35:bc:ad:f8:2e:8c:28:3e:76:12:
f2:94:d0:cc:70:59:07:d1:aa:1d:f3:bf:0d:a1:66:ee:3c:99:
3e:29:4e:0a:bc:40:40:4c:e7:8b:8f:98:e9:2a:67:26:6b:61:
c6:9a:1c:71:11:c8:59:0e:53:c9:9e:1d:1e:6e:a2:b0:fc:e4:
39:bd:6d:ac:53:ee:57:72:d3:de:81:30:48:47:4d:26:5e:7e:
92:bb:14:1a:15:bb:e4:b7:fa:4a:82:8f:c0:fa:2a:44:3c:74:
a3:0b:f1:8b:8c:c9:1e:aa:73:c0:7a:12:f8:9c:ac:dc:f6:10:
a9:9f:8e:78:d6:39:c2:c5:54:3c:51:35:4c:18:60:56:b0:45:
9a:f3:37:6e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtE9MlUCD/YkiOKsSCfloBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNWMyNDY3NTQ2ZjRiMDc4YTAyMjRkYTFjY2FjNWMyODdl
OTM0NTMwHhcNMjMwMTAxMTEyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTA2ZjUxZTEyY2MzOGE4ZjYxNWQwZjk0ZmRlMzdjMzExOTE2Y2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXNsOO73njf+FG5OoydtIQbNMGDx
x3C1jWhO9mCKKoimHwG7m6Lzc9OWDIixiT8zOqwKGdqB45enPvZru19ihaKOqiz4
3+CpFTRLarzKWVx2fWXTwGliFD7EX1/F5S0TaD1phsKLnzbwJ52iuKrUMMoUMhUN
ROZjr0tqw1bG37z1ARB+eSIXwoQcbzGTJtnjBEP/qkGVItGVr/LekyMrLmWeNmz9
12O+YU0emuUUvWs0ITSjLAx91N7bRQ220lxDdk1LfofrrVFviWotQRrFCo48yobg
0DbEyI+wQg46T3lx8SsV78+DgWoc8yDiKdgn3pniye7EGikG50V+veqqwQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIEG9R4SzDio9hXQ+U/eN8MRkWzjMB8GA1UdIwQY
MBaAFDtcJGdUb0sHigIk2hzKxcKH6TRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzF3a1oxUnZTd2VLQWlUYUhNckZ3b2ZwTkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iNThkOTQtYjU2NC00ZDQ5LWE4ZmQt
NWMwOTZhODdiYjA3LzEvZ1FiMUhoTE1PS2oyRmRENVQ5NDN3eEdSYk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iNThkOTQtYjU2NC00ZDQ5LWE4ZmQtNWMwOTZhODdiYjA3
LzEvTzF3a1oxUnZTd2VLQWlUYUhNckZ3b2ZwTkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABYhyED
BAJYhyAwDQYJKoZIhvcNAQELBQADggEBAEosEVfkzZzJ7dkpZnupo7rGJcGYRDCv
aAfuaHIFSMLOGqqZrer+ZWUA0Od3B73Uf1fhebcrjeWV0uWWxtWDD9Z9JJKRkm4b
uPVBcU4WiHTaGT7G8QVMIUsiZd3rmMR1nF++o1Ahgf67ZEIg2ofG6l03x4ixNbyt
+C6MKD52EvKU0MxwWQfRqh3zvw2hZu48mT4pTgq8QEBM54uPmOkqZyZrYcaaHHER
yFkOU8meHR5uorD85Dm9baxT7ldy096BMEhHTSZefpK7FBoVu+S3+kqCj8D6KkQ8
dKML8YuMyR6qc8B6EvicrNz2EKmfjnjWOcLFVDxRNUwYYFawRZrzN24=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:20 2024 by rpki-client on console-ams.rpki-client.org