Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/axBnmS-_ALxC2zXGHDc3Gl2VqxI.roa
File: axBnmS-_ALxC2zXGHDc3Gl2VqxI.roa (raw, json)
Hash identifier: F9OPmVfE0cbWbMWSwGiAKSAdAr1V01L3XuLoxhZuAL0=
Subject key identifier: 6B:10:67:99:2F:BF:00:BC:42:DB:35:C6:1C:37:37:1A:5D:95:AB:12
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018EA7A5323ABF1591A9BD65044E3A68DC9E
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/axBnmS-_ALxC2zXGHDc3Gl2VqxI.roa
Signing time: Thu 04 Apr 2024 05:46:45 +0000
ROA not before: Thu 04 Apr 2024 05:46:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6134
IP address blocks: 88.218.192.0/24 maxlen: 24
88.218.194.0/24 maxlen: 24
88.218.195.0/24 maxlen: 24
176.113.68.0/22 maxlen: 24
176.113.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Oct 2024 13:17:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:a5:32:3a:bf:15:91:a9:bd:65:04:4e:3a:68:dc:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Apr 4 05:46:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b1067992fbf00bc42db35c61c37371a5d95ab12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:58:40:7e:46:6c:80:f6:a2:53:ed:8b:7a:b0:
32:74:90:9f:1e:9b:db:2d:de:31:af:b2:d0:c0:df:
24:e9:dd:e3:ed:6b:bf:4a:81:f0:e5:df:73:81:d4:
f2:6b:a9:33:38:fc:c1:1c:35:a9:de:32:54:09:6b:
de:1e:22:46:c2:b7:29:0f:37:db:dd:6f:f2:a4:54:
52:97:e7:eb:b8:c2:fc:51:01:19:77:8a:4c:ac:ba:
66:16:20:16:ff:57:8a:20:01:de:a3:0d:5b:40:36:
e5:54:1f:3e:03:ac:eb:b3:43:1c:1c:f9:17:85:96:
95:1b:4a:68:1a:f4:ec:73:b9:49:f7:d3:61:ee:aa:
da:4a:cc:be:66:45:01:a3:f3:e5:3f:48:d8:50:26:
48:e9:46:47:99:34:f1:50:fe:a8:a8:fd:ce:3e:a8:
8f:a4:8f:19:da:96:8c:65:8f:d0:ad:74:6d:a5:59:
9c:e2:73:9f:01:0a:51:6d:81:e6:95:01:97:fa:97:
a7:91:7b:13:11:0f:59:8f:2f:53:7d:d5:45:5a:a5:
ab:41:a9:a0:a2:6f:12:ab:ff:f3:2d:11:92:69:44:
8d:fd:a1:7d:80:02:bd:0f:47:6f:eb:11:8f:00:f6:
7a:14:17:8d:6c:8a:93:86:28:21:06:3d:9c:8b:89:
fe:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:10:67:99:2F:BF:00:BC:42:DB:35:C6:1C:37:37:1A:5D:95:AB:12
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/axBnmS-_ALxC2zXGHDc3Gl2VqxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.192.0/24
88.218.194.0/23
176.113.68.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:ae:0a:16:23:85:af:1b:a3:4e:56:11:7a:61:47:0d:b2:c1:
d2:82:23:99:e0:54:c1:66:00:a1:64:d8:db:75:0c:f4:fd:6f:
26:f7:2a:05:3f:a0:da:63:5b:00:38:08:73:b9:48:6c:8f:93:
6c:e2:e3:ab:65:f6:bd:7e:e6:f9:0f:cd:60:39:da:76:ed:05:
0c:4d:7c:c1:b7:32:f2:9c:04:63:40:ea:bc:48:96:0d:42:40:
1a:0d:f6:69:77:b9:d2:ad:c6:13:7f:19:02:1a:b1:3f:ea:d7:
36:bf:20:5e:d9:85:8e:2d:f9:74:22:ad:7d:e0:0c:c2:e9:bc:
93:d2:4e:dd:f8:00:c7:84:86:43:77:b4:3f:0b:05:06:cd:b2:
fd:54:56:45:93:03:f1:60:67:60:f7:3d:64:b8:73:27:86:1b:
d8:4e:0d:a0:26:97:f9:3a:7f:a9:5e:78:b0:a4:12:6f:91:92:
e9:f5:ec:d3:1e:9f:05:55:21:bc:1f:7e:61:df:3a:b2:7d:5b:
96:78:57:9e:50:f9:db:b6:0d:0d:17:00:fb:d1:98:29:6f:83:
e4:47:f5:b8:22:c0:65:b1:db:3e:b3:20:e9:5a:f7:17:14:b6:
4e:82:ee:70:a8:47:10:fb:2c:17:7e:cd:17:eb:b4:95:10:c3:
4e:cf:34:88
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6npTI6vxWRqb1lBE46aNyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwNDA0MDU0NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjEwNjc5OTJmYmYwMGJjNDJkYjM1YzYxYzM3MzcxYTVkOTVhYjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlhAfkZsgPaiU+2LerAydJCfHpvb
Ld4xr7LQwN8k6d3j7Wu/SoHw5d9zgdTya6kzOPzBHDWp3jJUCWveHiJGwrcpDzfb
3W/ypFRSl+fruML8UQEZd4pMrLpmFiAW/1eKIAHeow1bQDblVB8+A6zrs0McHPkX
hZaVG0poGvTsc7lJ99Nh7qraSsy+ZkUBo/PlP0jYUCZI6UZHmTTxUP6oqP3OPqiP
pI8Z2paMZY/QrXRtpVmc4nOfAQpRbYHmlQGX+penkXsTEQ9Zjy9TfdVFWqWrQamg
om8Sq//zLRGSaUSN/aF9gAK9D0dv6xGPAPZ6FBeNbIqThighBj2ci4n+CQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGsQZ5kvvwC8Qts1xhw3NxpdlasSMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvYXhCbm1TLV9BTHhDMnpYR0hEYzNHbDJWcXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNrAAwQB
WNrCAwQCsHFEMA0GCSqGSIb3DQEBCwUAA4IBAQBergoWI4WvG6NOVhF6YUcNssHS
giOZ4FTBZgChZNjbdQz0/W8m9yoFP6DaY1sAOAhzuUhsj5Ns4uOrZfa9fub5D81g
Odp27QUMTXzBtzLynARjQOq8SJYNQkAaDfZpd7nSrcYTfxkCGrE/6tc2vyBe2YWO
Lfl0Iq194AzC6byT0k7d+ADHhIZDd7Q/CwUGzbL9VFZFkwPxYGdg9z1kuHMnhhvY
Tg2gJpf5On+pXniwpBJvkZLp9ezTHp8FVSG8H35h3zqyfVuWeFeeUPnbtg0NFwD7
0Zgpb4PkR/W4IsBlsds+syDpWvcXFLZOgu5wqEcQ+ywXfs0X67SVEMNOzzSI
-----END CERTIFICATE-----
Generated at Thu Oct 17 15:02:38 2024 by rpki-client on console-fra.rpki-client.org