Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/CNiXqi2iy9WZPDe119Xvfo637f4.roa
File: CNiXqi2iy9WZPDe119Xvfo637f4.roa (raw, json)
Hash identifier: aGp9YgpyrR+9J8qvV+c3waViBzbXo7jHE3GEgdwGi6c=
Subject key identifier: 08:D8:97:AA:2D:A2:CB:D5:99:3C:37:B5:D7:D5:EF:7E:8E:B7:ED:FE
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A4677BA9E27CCFE6CC745281F2FE8
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/CNiXqi2iy9WZPDe119Xvfo637f4.roa
Signing time: Sun 01 Jan 2023 03:05:07 +0000
ROA not before: Sun 01 Jan 2023 03:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208356
IP address blocks: 188.72.90.0/24 maxlen: 24
188.72.91.0/24 maxlen: 24
188.72.88.0/24 maxlen: 24
188.72.125.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:46:77:ba:9e:27:cc:fe:6c:c7:45:28:1f:2f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08d897aa2da2cbd5993c37b5d7d5ef7e8eb7edfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:da:e8:88:67:92:9f:59:ee:a0:2a:63:15:fb:
84:48:4e:2c:ff:81:19:44:bf:2b:c0:db:05:c0:9b:
ec:d2:82:5d:e2:98:5c:45:c2:6c:53:d2:93:b1:21:
f9:a5:94:06:b9:56:58:0b:03:a6:af:3e:a3:43:ba:
28:db:05:73:e1:00:80:c6:05:0e:7c:71:84:50:ef:
1f:0d:6f:77:8e:9b:17:d2:71:89:f8:b5:e3:88:18:
7a:d4:2a:32:3e:ae:fc:b9:6e:f4:04:dd:44:6e:78:
44:98:89:25:79:99:ba:26:f0:c1:d8:7c:40:fc:10:
b6:31:7d:1a:20:e5:e5:10:45:4c:05:5a:60:62:4a:
d3:90:35:12:22:0b:19:4e:4f:41:5c:e5:20:de:e3:
ac:32:da:82:8b:ac:05:85:e2:82:c2:60:b1:27:05:
0b:7b:bf:62:a7:d7:a0:b3:78:60:59:df:a8:f9:9d:
11:37:66:66:7c:de:a2:20:1b:b6:e8:4c:dc:dc:f0:
43:ba:47:c6:51:4e:69:f9:9c:f7:64:bf:df:fe:94:
a0:e4:f8:b9:42:3b:f1:d8:b2:5f:d8:d1:07:6a:00:
c5:14:de:4c:9d:61:92:81:99:ed:6a:e1:b2:f3:c6:
7b:41:b9:8b:ed:88:a8:6e:22:e1:94:f0:19:14:4e:
08:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D8:97:AA:2D:A2:CB:D5:99:3C:37:B5:D7:D5:EF:7E:8E:B7:ED:FE
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/CNiXqi2iy9WZPDe119Xvfo637f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.88.0/24
188.72.90.0/23
188.72.125.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:da:57:88:a3:af:02:f6:16:53:01:ad:8b:c3:35:d1:2e:d8:
11:33:fc:85:aa:ec:13:81:26:17:1d:23:57:fc:97:b9:8c:1d:
67:e8:f7:57:87:68:cb:a1:85:be:88:bf:c0:7c:5e:52:c8:cc:
8f:fe:30:e0:ca:e5:a6:ab:ea:da:ac:16:aa:bb:b1:46:b1:5c:
36:ea:9b:01:2d:b2:08:f5:42:81:70:de:cf:e5:51:2d:07:94:
d8:ee:2d:f5:c6:33:75:22:11:bf:da:04:56:71:b3:c1:23:1e:
74:e1:12:ce:2d:3b:88:79:11:42:4e:0a:55:d0:59:7a:8e:3f:
ee:3a:37:1c:65:62:5d:da:54:9f:47:45:ad:e9:4f:95:3c:32:
9a:33:28:28:83:21:fa:66:bc:f7:b7:e9:d9:91:b8:c4:93:8b:
4f:55:9b:13:2d:9c:56:81:57:55:54:5a:27:6f:ae:03:1b:07:
35:84:35:bd:44:bc:a4:7a:49:2e:08:a0:2e:af:c8:eb:ab:7f:
f9:b4:4b:7c:c2:e0:71:d4:55:bf:19:29:8a:55:ef:f5:07:59:
3f:7e:01:b6:95:ae:5e:91:1e:80:5f:55:d2:a1:89:dc:57:a8:
19:d9:ee:90:d9:ef:14:26:8f:e3:39:ca:cf:13:fc:d3:bf:82:
a4:d0:7c:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrSkZ3up4nzP5sx0UoHy/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ4OTdhYTJkYTJjYmQ1OTkzYzM3YjVkN2Q1ZWY3ZThlYjdlZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4troiGeSn1nuoCpjFfuESE4s/4EZ
RL8rwNsFwJvs0oJd4phcRcJsU9KTsSH5pZQGuVZYCwOmrz6jQ7oo2wVz4QCAxgUO
fHGEUO8fDW93jpsX0nGJ+LXjiBh61CoyPq78uW70BN1EbnhEmIkleZm6JvDB2HxA
/BC2MX0aIOXlEEVMBVpgYkrTkDUSIgsZTk9BXOUg3uOsMtqCi6wFheKCwmCxJwUL
e79ip9egs3hgWd+o+Z0RN2ZmfN6iIBu26Ezc3PBDukfGUU5p+Zz3ZL/f/pSg5Pi5
Qjvx2LJf2NEHagDFFN5MnWGSgZntauGy88Z7QbmL7YiobiLhlPAZFE4IIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAjYl6otosvVmTw3tdfV736Ot+3+MB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvQ05pWHFpMml5OVdaUERlMTE5WHZmbzYzN2Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvEhYAwQB
vEhaAwQAvEh9MA0GCSqGSIb3DQEBCwUAA4IBAQCK2leIo68C9hZTAa2LwzXRLtgR
M/yFquwTgSYXHSNX/Je5jB1n6PdXh2jLoYW+iL/AfF5SyMyP/jDgyuWmq+rarBaq
u7FGsVw26psBLbII9UKBcN7P5VEtB5TY7i31xjN1IhG/2gRWcbPBIx504RLOLTuI
eRFCTgpV0Fl6jj/uOjccZWJd2lSfR0Wt6U+VPDKaMygogyH6Zrz3t+nZkbjEk4tP
VZsTLZxWgVdVVFonb64DGwc1hDW9RLykekkuCKAur8jrq3/5tEt8wuBx1FW/GSmK
Ve/1B1k/fgG2la5ekR6AX1XSoYncV6gZ2e6Q2e8UJo/jOcrPE/zTv4Kk0HxM
-----END CERTIFICATE-----
Generated at Fri Jul 21 12:28:01 2023 by rpki-client on console-ams.rpki-client.org