Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/Lpvaq6-zbnkdie5v3BwUoT0cSwY.roa
File: Lpvaq6-zbnkdie5v3BwUoT0cSwY.roa (raw, json)
Hash identifier: MVypOaH62vPkO6R82RSSatM61NWrFDdso1DeE8LbouI=
Subject key identifier: 2E:9B:DA:AB:AF:B3:6E:79:1D:89:EE:6F:DC:1C:14:A1:3D:1C:4B:06
Certificate issuer: /CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Certificate serial: 018E78F5E6E6DB8BE5EFD6D9674ABC4474DC
Authority key identifier: BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/Lpvaq6-zbnkdie5v3BwUoT0cSwY.roa
Signing time: Tue 26 Mar 2024 04:12:45 +0000
ROA not before: Tue 26 Mar 2024 04:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30815
IP address blocks: 88.209.128.0/22 maxlen: 22
88.209.128.0/24 maxlen: 24
88.209.130.0/24 maxlen: 24
88.209.132.0/22 maxlen: 22
88.209.132.0/24 maxlen: 24
88.209.135.0/24 maxlen: 24
88.209.136.0/24 maxlen: 24
88.209.137.0/24 maxlen: 24
88.209.160.0/21 maxlen: 21
88.209.160.0/22 maxlen: 22
88.209.164.0/22 maxlen: 22
88.209.164.0/23 maxlen: 23
88.209.191.0/24 maxlen: 24
93.189.96.0/21 maxlen: 21
93.189.96.0/23 maxlen: 23
93.189.98.0/23 maxlen: 23
93.189.100.0/23 maxlen: 23
93.189.102.0/23 maxlen: 23
93.189.103.0/24 maxlen: 24
185.63.232.0/22 maxlen: 22
185.63.232.0/23 maxlen: 23
185.63.232.0/24 maxlen: 24
185.63.233.0/24 maxlen: 24
185.63.234.0/24 maxlen: 24
185.63.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 13:34:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:78:f5:e6:e6:db:8b:e5:ef:d6:d9:67:4a:bc:44:74:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Validity
Not Before: Mar 26 04:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e9bdaabafb36e791d89ee6fdc1c14a13d1c4b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:98:f9:fb:d6:3a:2f:80:98:37:d2:92:54:68:
72:e4:99:e3:fa:ef:7f:0f:00:ce:6b:8d:ec:29:55:
e1:aa:e9:eb:09:f0:ed:b4:c4:0c:7c:2e:b1:b4:3f:
79:78:a7:a2:f8:d7:d3:bd:4d:c9:ec:df:75:04:2e:
5c:7a:bd:5c:f6:32:cb:9c:c9:32:a6:88:87:68:e4:
fb:d3:63:3d:32:db:fc:85:f0:5d:56:2e:8b:3f:36:
a2:06:10:cc:10:58:c3:6c:e3:f6:a1:48:bd:ca:dc:
db:5e:eb:17:04:3b:c5:5f:a2:e1:de:49:cf:ff:b2:
a0:55:82:75:13:91:9b:46:b7:3c:85:31:c7:6e:7a:
6d:3b:bd:87:ed:f7:15:d9:60:0a:e7:1a:36:0e:d6:
be:a7:03:af:ef:4e:0a:3a:e8:d9:5d:8d:9b:37:7c:
eb:17:ac:dd:af:d0:bf:0e:ac:29:98:b9:db:d0:37:
99:ac:22:5f:0d:ac:99:cb:15:07:10:08:ee:7e:bf:
7e:d7:75:77:ac:18:52:d8:03:6f:4b:3c:19:12:1d:
3b:d3:46:66:96:ac:2f:55:28:1b:23:bc:88:71:48:
79:8e:b1:77:cb:17:03:e5:35:16:a6:8d:cf:c0:39:
2a:08:b8:e7:2d:0a:c6:34:28:7e:55:a2:eb:cb:42:
fb:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:9B:DA:AB:AF:B3:6E:79:1D:89:EE:6F:DC:1C:14:A1:3D:1C:4B:06
X509v3 Authority Key Identifier:
keyid:BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/Lpvaq6-zbnkdie5v3BwUoT0cSwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/uqpkzSnJTM3hREj2GhcsdjseQFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.128.0-88.209.137.255
88.209.160.0/21
88.209.191.0/24
93.189.96.0/21
185.63.232.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:da:b4:d9:00:23:c7:e5:85:3b:dc:1a:34:0b:b4:5c:ac:06:
09:5a:92:68:45:3d:32:39:ab:3b:a3:8a:e7:05:c3:a9:39:f2:
33:72:b8:ad:1f:16:d5:be:c3:1e:56:fb:77:6b:e6:85:31:ba:
9b:cb:ff:69:a7:97:37:c2:c9:9e:85:a1:b3:c9:91:11:07:ee:
47:0f:2c:98:c5:3c:d1:a3:2b:32:27:4a:01:88:a6:f1:39:a6:
94:cf:de:b8:dc:67:a0:81:48:a4:b1:fb:b4:06:8a:c8:87:37:
94:25:42:32:7d:6e:02:6f:38:6d:0c:f3:c5:05:3a:87:bb:ff:
6d:ff:d6:03:14:d3:83:0e:11:a4:df:4d:53:f6:e0:7d:a3:be:
e8:97:3a:3a:6e:0c:7c:e4:1a:db:0b:e4:3d:49:3c:2b:cf:2a:
df:3e:69:4b:be:1e:f3:f1:15:09:ec:db:e6:c8:fb:5b:00:a1:
1f:a4:df:57:7c:73:f0:d9:df:31:7d:d8:84:66:b5:1f:1d:cf:
74:b5:46:93:24:bd:74:98:12:3c:e9:de:38:0f:d8:09:90:6d:
79:b2:a8:d4:3e:7c:ab:c6:42:13:31:c5:50:3c:60:11:60:71:
63:45:65:9d:76:91:6d:88:d9:16:fc:b4:d6:6c:c2:98:80:7b:
33:f2:3f:78
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY549ebm24vl79bZZ0q8RHTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE2NGNkMjljOTRjY2RlMTQ0NDhmNjFhMTcyYzc2M2Ix
ZTQwNTAwHhcNMjQwMzI2MDQxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTliZGFhYmFmYjM2ZTc5MWQ4OWVlNmZkYzFjMTRhMTNkMWM0YjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZj5+9Y6L4CYN9KSVGhy5Jnj+u9/
DwDOa43sKVXhqunrCfDttMQMfC6xtD95eKei+NfTvU3J7N91BC5cer1c9jLLnMky
poiHaOT702M9Mtv8hfBdVi6LPzaiBhDMEFjDbOP2oUi9ytzbXusXBDvFX6Lh3knP
/7KgVYJ1E5GbRrc8hTHHbnptO72H7fcV2WAK5xo2Dta+pwOv704KOujZXY2bN3zr
F6zdr9C/DqwpmLnb0DeZrCJfDayZyxUHEAjufr9+13V3rBhS2ANvSzwZEh0700Zm
lqwvVSgbI7yIcUh5jrF3yxcD5TUWpo3PwDkqCLjnLQrGNCh+VaLry0L7bQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFC6b2quvs255HYnub9wcFKE9HEsGMB8GA1UdIwQY
MBaAFLqqZM0pyUzN4URI9hoXLHY7HkBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUt
OGZjYWE2OTM2YzZjLzEvTHB2YXE2LXpibmtkaWU1djNCd1VvVDBjU3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUtOGZjYWE2OTM2YzZj
LzEvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAdY0YAD
BAFY0YgDBANY0aADBABY0b8DBANdvWADBAK5P+gwDQYJKoZIhvcNAQELBQADggEB
AJzatNkAI8flhTvcGjQLtFysBglakmhFPTI5qzujiucFw6k58jNyuK0fFtW+wx5W
+3dr5oUxupvL/2mnlzfCyZ6FobPJkREH7kcPLJjFPNGjKzInSgGIpvE5ppTP3rjc
Z6CBSKSx+7QGisiHN5QlQjJ9bgJvOG0M88UFOoe7/23/1gMU04MOEaTfTVP24H2j
vuiXOjpuDHzkGtsL5D1JPCvPKt8+aUu+HvPxFQns2+bI+1sAoR+k31d8c/DZ3zF9
2IRmtR8dz3S1RpMkvXSYEjzp3jgP2AmQbXmyqNQ+fKvGQhMxxVA8YBFgcWNFZZ12
kW2I2Rb8tNZswpiAezPyP3g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:35 2024 by rpki-client on console-ams.rpki-client.org