Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/LA2dMhPZFnkQVeQRUOh7YdiR4BY.roa
File: LA2dMhPZFnkQVeQRUOh7YdiR4BY.roa (raw, json)
Hash identifier: hYGodtQHA6nHjgZPZIblyOTa+UocDDP750B0BWdkKgg=
Subject key identifier: 2C:0D:9D:32:13:D9:16:79:10:55:E4:11:50:E8:7B:61:D8:91:E0:16
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018570F0A761CD6433C93FD0C8241D00EE98
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/LA2dMhPZFnkQVeQRUOh7YdiR4BY.roa
Signing time: Mon 02 Jan 2023 05:24:57 +0000
ROA not before: Mon 02 Jan 2023 05:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43372
IP address blocks: 88.220.112.0/24 maxlen: 24
195.136.168.0/22 maxlen: 22
88.220.130.0/23 maxlen: 23
88.220.134.0/23 maxlen: 23
88.220.161.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:a7:61:cd:64:33:c9:3f:d0:c8:24:1d:00:ee:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 2 05:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c0d9d3213d916791055e41150e87b61d891e016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e6:c9:30:e8:0f:91:1e:da:e3:f8:26:7e:ab:
74:e6:68:98:23:5e:3f:2d:24:7e:1a:03:3a:c0:f6:
f6:c4:c7:0e:57:de:27:95:0c:42:3f:7c:9c:23:84:
15:95:12:8f:42:c1:e3:21:2a:79:c9:85:3a:6e:47:
f5:50:4d:28:86:0e:c5:aa:f5:a9:54:20:6f:82:fc:
27:0d:41:cc:59:81:70:04:ca:45:7b:02:11:43:71:
c1:20:66:7c:35:b7:34:e5:93:a8:28:d4:e2:1d:b6:
f7:17:87:7b:72:01:3b:94:40:53:34:b5:11:a2:5f:
2b:18:c2:e6:3a:d4:59:b8:7b:76:85:89:af:23:39:
23:26:17:6e:16:ce:97:4f:11:c2:e5:46:27:51:07:
26:e6:d3:d2:7b:43:2c:cc:cf:6b:82:07:12:1f:86:
22:28:55:17:5a:67:3c:cf:bb:54:db:e5:bb:56:d3:
b7:c9:a4:9f:9c:c4:e1:45:77:d5:f8:12:57:e1:3f:
c8:c5:05:81:c0:06:de:b6:c7:9a:3d:24:78:53:5d:
0b:7a:77:b3:22:b6:cf:21:48:c2:b6:11:55:d8:5d:
0c:d6:56:1d:e9:c0:e2:3d:31:f1:4b:2b:ad:47:90:
22:61:5a:68:fe:25:ac:24:7f:07:b6:67:eb:61:4e:
2d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:0D:9D:32:13:D9:16:79:10:55:E4:11:50:E8:7B:61:D8:91:E0:16
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/LA2dMhPZFnkQVeQRUOh7YdiR4BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.112.0/24
88.220.130.0/23
88.220.134.0/23
88.220.161.0/24
195.136.168.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:96:78:f4:7e:4c:9c:3d:cf:0d:22:60:a5:12:10:57:c6:49:
15:3f:4c:8e:99:52:77:63:82:d2:00:ac:66:35:8c:dd:46:46:
de:ca:dc:65:3b:9b:2d:99:ee:90:f9:c9:e6:08:4a:24:37:3a:
7b:de:07:f3:c4:57:2c:18:96:b2:fe:a6:33:4c:bd:8d:fe:bb:
0d:34:48:24:a7:fd:88:14:e2:b8:54:04:ff:b6:72:46:cd:b4:
a6:3a:b7:d2:6d:9b:0d:37:28:ff:a4:74:5b:59:26:4c:29:e8:
ab:8e:cc:94:e3:ee:11:97:66:90:5a:9d:26:22:6b:87:d5:d3:
b3:54:87:1e:b2:a8:3b:d7:49:2e:6a:49:29:43:84:7f:7a:b1:
8e:8c:a3:ec:2e:d1:56:29:25:61:5a:a4:a5:61:37:8e:35:d1:
97:f7:a9:9c:fe:43:eb:e0:bf:ef:c8:79:0c:d1:99:86:c0:b9:
17:82:41:7f:63:88:7c:75:07:ec:41:d5:70:a0:74:63:8d:7f:
ce:b6:fe:97:1c:10:bb:f0:48:7d:9d:6a:cc:d9:b4:ca:71:86:
18:3d:b3:ae:e6:98:cb:20:72:27:e3:4d:c1:4c:d5:d6:74:1d:
75:a2:1e:72:8f:98:3e:f7:81:bb:04:cf:e2:88:57:fc:a4:b9:
7e:a0:e9:05
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVw8KdhzWQzyT/QyCQdAO6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMTAyMDUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzBkOWQzMjEzZDkxNjc5MTA1NWU0MTE1MGU4N2I2MWQ4OTFlMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjebJMOgPkR7a4/gmfqt05miYI14/
LSR+GgM6wPb2xMcOV94nlQxCP3ycI4QVlRKPQsHjISp5yYU6bkf1UE0ohg7FqvWp
VCBvgvwnDUHMWYFwBMpFewIRQ3HBIGZ8Nbc05ZOoKNTiHbb3F4d7cgE7lEBTNLUR
ol8rGMLmOtRZuHt2hYmvIzkjJhduFs6XTxHC5UYnUQcm5tPSe0MszM9rggcSH4Yi
KFUXWmc8z7tU2+W7VtO3yaSfnMThRXfV+BJX4T/IxQWBwAbetseaPSR4U10Lenez
IrbPIUjCthFV2F0M1lYd6cDiPTHxSyutR5AiYVpo/iWsJH8HtmfrYU4t+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCwNnTIT2RZ5EFXkEVDoe2HYkeAWMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvTEEyZE1oUFpGbmtRVmVRUlVPaDdZZGlSNEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWNxwAwQB
WNyCAwQBWNyGAwQAWNyhAwQCw4ioMA0GCSqGSIb3DQEBCwUAA4IBAQAalnj0fkyc
Pc8NImClEhBXxkkVP0yOmVJ3Y4LSAKxmNYzdRkbeytxlO5stme6Q+cnmCEokNzp7
3gfzxFcsGJay/qYzTL2N/rsNNEgkp/2IFOK4VAT/tnJGzbSmOrfSbZsNNyj/pHRb
WSZMKeirjsyU4+4Rl2aQWp0mImuH1dOzVIcesqg710kuakkpQ4R/erGOjKPsLtFW
KSVhWqSlYTeONdGX96mc/kPr4L/vyHkM0ZmGwLkXgkF/Y4h8dQfsQdVwoHRjjX/O
tv6XHBC78Eh9nWrM2bTKcYYYPbOu5pjLIHIn403BTNXWdB11oh5yj5g+94G7BM/i
iFf8pLl+oOkF
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:20 2024 by rpki-client on console-ams.rpki-client.org