Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/3K8QZXYc_AyHgEVGMBB-R8ATsmY.roa
File: 3K8QZXYc_AyHgEVGMBB-R8ATsmY.roa (raw, json)
Hash identifier: g3hmZX0lQzBfcoGz71EqyO/LeZ4GRTgOFFdTGi4HULo=
Subject key identifier: DC:AF:10:65:76:1C:FC:0C:87:80:45:46:30:10:7E:47:C0:13:B2:66
Certificate issuer: /CN=ab7aaabb23cd245bfa828fb02521d644c6d5b566
Certificate serial: 018572F11D26688EB45D71AACBC27D0BB4FE
Authority key identifier: AB:7A:AA:BB:23:CD:24:5B:FA:82:8F:B0:25:21:D6:44:C6:D5:B5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/3K8QZXYc_AyHgEVGMBB-R8ATsmY.roa
Signing time: Mon 02 Jan 2023 14:44:42 +0000
ROA not before: Mon 02 Jan 2023 14:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58001
IP address blocks: 88.218.114.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:f1:1d:26:68:8e:b4:5d:71:aa:cb:c2:7d:0b:b4:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7aaabb23cd245bfa828fb02521d644c6d5b566
Validity
Not Before: Jan 2 14:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcaf1065761cfc0c8780454630107e47c013b266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a0:ff:42:c8:67:71:40:56:82:4e:92:52:0a:
09:9a:53:3b:ec:30:2a:90:ec:23:9b:a6:77:3f:bf:
2b:c8:f1:17:8a:70:d9:93:ed:21:bf:1c:c3:7b:5e:
e3:16:56:b1:77:27:50:5b:ee:1f:ae:6f:dc:46:9c:
f0:52:b6:89:83:6a:84:af:6f:26:a0:33:5c:75:f7:
5f:0a:d5:9c:5b:f3:bf:f7:ba:d2:15:a9:0d:76:fd:
57:fb:54:27:d9:39:65:0a:7a:9b:a9:4c:f6:50:d0:
e3:af:41:d2:57:ba:3a:5f:25:95:b0:ae:73:2d:90:
d9:8d:ea:29:61:30:ea:38:9a:eb:83:5c:62:bd:60:
66:98:ca:4f:fd:11:de:26:c1:52:f0:f6:f0:04:cd:
28:84:d0:1c:d8:15:62:9d:51:4e:6d:4f:95:55:9d:
f1:88:63:16:e7:5c:a3:6c:37:de:3c:2e:af:c9:5c:
76:cc:79:84:bc:d9:13:88:62:51:b9:38:9f:34:ec:
db:79:c4:4e:a2:b0:12:02:d3:f3:3a:cc:b8:b3:22:
16:f6:48:f8:39:e7:bf:74:20:03:cc:e3:f2:1c:e6:
34:31:19:fd:21:bc:49:7f:15:06:7e:54:d0:72:28:
01:bd:66:20:e2:58:2a:ce:ce:fb:82:e5:d0:61:18:
0b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AF:10:65:76:1C:FC:0C:87:80:45:46:30:10:7E:47:C0:13:B2:66
X509v3 Authority Key Identifier:
keyid:AB:7A:AA:BB:23:CD:24:5B:FA:82:8F:B0:25:21:D6:44:C6:D5:B5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/3K8QZXYc_AyHgEVGMBB-R8ATsmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/q3qquyPNJFv6go-wJSHWRMbVtWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.114.0/24
Signature Algorithm: sha256WithRSAEncryption
07:53:3a:72:d0:b8:39:c8:02:02:67:26:06:22:97:86:af:ff:
96:a2:0e:0c:93:ca:4a:60:55:18:34:c0:98:40:a6:5d:f1:07:
aa:fa:03:c1:53:86:a0:60:ed:21:b0:c7:a2:fa:1b:4d:a7:88:
ef:a1:98:c9:cf:17:e8:82:b8:ad:cb:24:00:19:13:ad:63:8d:
0c:e8:d2:b4:52:fd:07:08:19:07:13:fc:b5:47:8e:cf:41:24:
2a:9d:e8:69:90:47:05:76:f5:71:df:0d:0f:ba:b1:1e:df:26:
82:6e:11:3a:72:bc:ff:cd:c9:38:4b:6b:d7:c7:3d:65:41:cd:
37:35:36:cb:4a:a3:31:60:d4:2a:fa:3f:d5:70:7b:3f:12:37:
24:db:5c:07:d7:84:75:42:a7:ab:d0:8b:95:47:cf:0e:d6:34:
a1:08:9d:f2:0a:22:6d:60:d1:b1:ff:9d:c8:61:56:c8:ff:b2:
f9:fe:32:84:f7:15:dd:9f:9c:2a:a5:1e:f8:37:ee:67:21:f7:
21:9c:87:c8:1b:f3:4a:5e:a9:15:14:97:88:96:59:87:7e:7d:
18:e8:1b:ba:1c:d8:08:13:7e:f6:a5:8a:3f:ac:74:46:93:dd:
4a:eb:b9:a0:b1:a4:bc:82:b8:16:f7:75:4a:6c:c7:4d:57:c3:
d0:cd:c5:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy8R0maI60XXGqy8J9C7T+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FhYWJiMjNjZDI0NWJmYTgyOGZiMDI1MjFkNjQ0YzZk
NWI1NjYwHhcNMjMwMTAyMTQ0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2FmMTA2NTc2MWNmYzBjODc4MDQ1NDYzMDEwN2U0N2MwMTNiMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaD/QshncUBWgk6SUgoJmlM77DAq
kOwjm6Z3P78ryPEXinDZk+0hvxzDe17jFlaxdydQW+4frm/cRpzwUraJg2qEr28m
oDNcdfdfCtWcW/O/97rSFakNdv1X+1Qn2TllCnqbqUz2UNDjr0HSV7o6XyWVsK5z
LZDZjeopYTDqOJrrg1xivWBmmMpP/RHeJsFS8PbwBM0ohNAc2BVinVFObU+VVZ3x
iGMW51yjbDfePC6vyVx2zHmEvNkTiGJRuTifNOzbecROorASAtPzOsy4syIW9kj4
Oee/dCADzOPyHOY0MRn9IbxJfxUGflTQcigBvWYg4lgqzs77guXQYRgLYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyvEGV2HPwMh4BFRjAQfkfAE7JmMB8GA1UdIwQY
MBaAFKt6qrsjzSRb+oKPsCUh1kTG1bVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNxcXV5UE5KRnY2Z28td0pTSFdSTWJWdFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80NmRlYzUtYzM4ZC00YzFkLTljZWMt
OWVhZDgxZGEyZTQ0LzEvM0s4UVpYWWNfQXlIZ0VWR01CQi1SOEFUc21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80NmRlYzUtYzM4ZC00YzFkLTljZWMtOWVhZDgxZGEyZTQ0
LzEvcTNxcXV5UE5KRnY2Z28td0pTSFdSTWJWdFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNpyMA0G
CSqGSIb3DQEBCwUAA4IBAQAHUzpy0Lg5yAICZyYGIpeGr/+Wog4Mk8pKYFUYNMCY
QKZd8Qeq+gPBU4agYO0hsMei+htNp4jvoZjJzxfogrityyQAGROtY40M6NK0Uv0H
CBkHE/y1R47PQSQqnehpkEcFdvVx3w0PurEe3yaCbhE6crz/zck4S2vXxz1lQc03
NTbLSqMxYNQq+j/VcHs/Ejck21wH14R1Qqer0IuVR88O1jShCJ3yCiJtYNGx/53I
YVbI/7L5/jKE9xXdn5wqpR74N+5nIfchnIfIG/NKXqkVFJeIllmHfn0Y6Bu6HNgI
E372pYo/rHRGk91K67mgsaS8grgW93VKbMdNV8PQzcWg
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:00 2024 by rpki-client on console-ams.rpki-client.org