Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/U6qYSas81F24kw0yALGeWRqdwsw.roa
File: U6qYSas81F24kw0yALGeWRqdwsw.roa (raw, json)
Hash identifier: N+AxWnFdNmGaAXcmM50hCpXoY+/Ru0HO7SxudqGgSi8=
Subject key identifier: 53:AA:98:49:AB:3C:D4:5D:B8:93:0D:32:00:B1:9E:59:1A:9D:C2:CC
Certificate issuer: /CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Certificate serial: 01933E116E90C7C1D85A4BBA4CEE1A23D3CA
Authority key identifier: BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/U6qYSas81F24kw0yALGeWRqdwsw.roa
Signing time: Mon 18 Nov 2024 06:59:09 +0000
ROA not before: Mon 18 Nov 2024 06:59:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30815
IP address blocks: 88.209.128.0/22 maxlen: 22
88.209.128.0/24 maxlen: 24
88.209.130.0/24 maxlen: 24
88.209.132.0/22 maxlen: 22
88.209.132.0/24 maxlen: 24
88.209.135.0/24 maxlen: 24
88.209.136.0/24 maxlen: 24
88.209.137.0/24 maxlen: 24
88.209.138.0/24 maxlen: 24
88.209.160.0/21 maxlen: 21
88.209.160.0/22 maxlen: 22
88.209.160.0/24 maxlen: 24
88.209.161.0/24 maxlen: 24
88.209.162.0/24 maxlen: 24
88.209.163.0/24 maxlen: 24
88.209.164.0/22 maxlen: 22
88.209.164.0/23 maxlen: 23
88.209.164.0/24 maxlen: 24
88.209.165.0/24 maxlen: 24
88.209.166.0/24 maxlen: 24
88.209.167.0/24 maxlen: 24
88.209.190.0/24 maxlen: 24
88.209.191.0/24 maxlen: 24
93.189.96.0/21 maxlen: 21
93.189.96.0/23 maxlen: 23
93.189.96.0/24 maxlen: 24
93.189.97.0/24 maxlen: 24
93.189.98.0/23 maxlen: 23
93.189.98.0/24 maxlen: 24
93.189.99.0/24 maxlen: 24
93.189.100.0/23 maxlen: 23
93.189.100.0/24 maxlen: 24
93.189.101.0/24 maxlen: 24
93.189.102.0/23 maxlen: 23
93.189.102.0/24 maxlen: 24
93.189.103.0/24 maxlen: 24
185.63.232.0/22 maxlen: 22
185.63.232.0/23 maxlen: 23
185.63.232.0/24 maxlen: 24
185.63.233.0/24 maxlen: 24
185.63.234.0/24 maxlen: 24
185.63.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:11:6e:90:c7:c1:d8:5a:4b:ba:4c:ee:1a:23:d3:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Validity
Not Before: Nov 18 06:59:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53aa9849ab3cd45db8930d3200b19e591a9dc2cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fa:0e:37:14:88:d0:97:c3:b0:28:c3:63:eb:
fa:6c:0a:88:12:3a:49:da:13:3b:95:0e:26:8b:70:
30:89:62:b1:2b:cd:14:25:78:e9:d1:bf:3f:f1:a4:
b8:cc:c7:5f:63:2d:45:78:af:68:33:3c:85:1f:1f:
06:89:02:9d:19:2f:a4:e6:96:65:fe:9a:58:94:87:
d2:2c:be:e7:f2:e7:d4:c3:b6:d9:c0:ff:47:43:b9:
1e:04:a4:e0:3e:e8:f1:9d:a4:67:5f:a8:4b:88:11:
0a:84:79:70:ad:ab:4a:93:91:e3:e0:9b:6b:c7:15:
52:8d:ea:82:b7:9a:21:e1:24:8c:62:a1:1c:52:fc:
d4:11:90:fc:b6:db:88:6c:2e:3e:e0:aa:90:aa:b7:
30:f6:4a:fd:3f:a7:3d:f3:d2:2c:fb:14:2c:ee:bf:
2d:16:21:01:78:11:4d:80:6d:de:b4:de:7a:f5:8b:
d1:43:07:1b:22:1a:cb:a8:70:45:5f:a2:a0:01:62:
78:a1:7d:d6:71:43:81:b5:75:55:98:41:47:a4:69:
7d:49:29:b6:5e:14:d8:3e:d7:9e:c3:e8:27:06:f4:
cc:ab:47:c1:8b:1f:f2:c6:55:05:1b:8e:8a:50:d3:
9c:e6:dd:f9:71:0c:87:a4:52:c6:2a:f8:06:87:0e:
41:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:AA:98:49:AB:3C:D4:5D:B8:93:0D:32:00:B1:9E:59:1A:9D:C2:CC
X509v3 Authority Key Identifier:
keyid:BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/U6qYSas81F24kw0yALGeWRqdwsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/uqpkzSnJTM3hREj2GhcsdjseQFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.128.0-88.209.138.255
88.209.160.0/21
88.209.190.0/23
93.189.96.0/21
185.63.232.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:c0:15:cd:05:db:50:06:3f:25:af:31:81:de:9a:a2:31:fc:
bb:86:fa:b1:2a:b8:8c:db:33:f9:95:9b:b8:90:2d:c7:df:85:
15:a0:3b:1e:73:43:2a:7c:06:f6:f1:e7:a7:37:61:44:d6:46:
e3:ec:94:91:cc:fe:76:a8:d7:2c:02:b3:6b:c4:9a:38:13:1f:
56:aa:24:72:bf:ca:7d:fa:56:8a:f6:6a:2c:6e:ed:da:c9:13:
e4:5b:57:f2:59:07:27:f3:39:ff:53:4b:6d:31:82:4a:c5:99:
09:11:5d:30:0a:bb:69:8f:f0:82:3c:3f:5f:e2:21:e6:a2:3d:
9d:5c:98:65:ea:2c:e4:b9:ea:3a:ab:f8:7a:2f:ca:d0:b7:a1:
49:eb:4b:b6:75:6b:48:ca:30:f7:c5:1b:f9:14:26:0a:91:49:
08:23:80:c2:89:c4:40:42:a6:53:17:53:2e:d9:c5:ed:8a:22:
4f:4f:9b:d9:81:03:79:85:bf:fa:9d:db:bf:b4:27:35:6a:b4:
6f:cc:7d:b4:c3:13:54:3a:82:c6:14:ac:f7:b0:13:a1:bc:d9:
a1:4f:88:02:75:a8:c4:f0:bb:e6:4e:21:25:cd:5d:dd:95:e7:
78:0a:e0:56:25:f0:12:fd:6d:92:ce:c1:7b:0d:d3:e2:9f:10:
35:26:80:7e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZM+EW6Qx8HYWku6TO4aI9PKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE2NGNkMjljOTRjY2RlMTQ0NDhmNjFhMTcyYzc2M2Ix
ZTQwNTAwHhcNMjQxMTE4MDY1OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2FhOTg0OWFiM2NkNDVkYjg5MzBkMzIwMGIxOWU1OTFhOWRjMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfoONxSI0JfDsCjDY+v6bAqIEjpJ
2hM7lQ4mi3AwiWKxK80UJXjp0b8/8aS4zMdfYy1FeK9oMzyFHx8GiQKdGS+k5pZl
/ppYlIfSLL7n8ufUw7bZwP9HQ7keBKTgPujxnaRnX6hLiBEKhHlwratKk5Hj4Jtr
xxVSjeqCt5oh4SSMYqEcUvzUEZD8ttuIbC4+4KqQqrcw9kr9P6c989Is+xQs7r8t
FiEBeBFNgG3etN569YvRQwcbIhrLqHBFX6KgAWJ4oX3WcUOBtXVVmEFHpGl9SSm2
XhTYPteew+gnBvTMq0fBix/yxlUFG46KUNOc5t35cQyHpFLGKvgGhw5BrQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFOqmEmrPNRduJMNMgCxnlkancLMMB8GA1UdIwQY
MBaAFLqqZM0pyUzN4URI9hoXLHY7HkBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUt
OGZjYWE2OTM2YzZjLzEvVTZxWVNhczgxRjI0a3cweUFMR2VXUnFkd3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUtOGZjYWE2OTM2YzZj
LzEvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAdY0YAD
BABY0YoDBANY0aADBAFY0b4DBANdvWADBAK5P+gwDQYJKoZIhvcNAQELBQADggEB
AAzAFc0F21AGPyWvMYHemqIx/LuG+rEquIzbM/mVm7iQLcffhRWgOx5zQyp8Bvbx
56c3YUTWRuPslJHM/nao1ywCs2vEmjgTH1aqJHK/yn36Vor2aixu7drJE+RbV/JZ
ByfzOf9TS20xgkrFmQkRXTAKu2mP8II8P1/iIeaiPZ1cmGXqLOS56jqr+HovytC3
oUnrS7Z1a0jKMPfFG/kUJgqRSQgjgMKJxEBCplMXUy7Zxe2KIk9Pm9mBA3mFv/qd
27+0JzVqtG/MfbTDE1Q6gsYUrPewE6G82aFPiAJ1qMTwu+ZOISXNXd2V53gK4FYl
8BL9bZLOwXsN0+KfEDUmgH4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:03:28 2025 by rpki-client