Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/dcacd2-d780-46f7-a5b6-79cc7a14bf9a/1/nU63QN2BbspvEUFmO2bIwBo_enA.roa
File: nU63QN2BbspvEUFmO2bIwBo_enA.roa (raw, json)
Hash identifier: Bg01F/oApnbwMYlM8brygj0t1G5c5kDSyiRXaJDGz9E=
Subject key identifier: 9D:4E:B7:40:DD:81:6E:CA:6F:11:41:66:3B:66:C8:C0:1A:3F:7A:70
Certificate issuer: /CN=4732d0fce83fb67382ceace3756c8b13c0a95c98
Certificate serial: 01857B9D414E095D9E2E57267E2B7CB55671
Authority key identifier: 47:32:D0:FC:E8:3F:B6:73:82:CE:AC:E3:75:6C:8B:13:C0:A9:5C:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RzLQ_Og_tnOCzqzjdWyLE8CpXJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/dcacd2-d780-46f7-a5b6-79cc7a14bf9a/1/nU63QN2BbspvEUFmO2bIwBo_enA.roa
Signing time: Wed 04 Jan 2023 07:09:41 +0000
ROA not before: Wed 04 Jan 2023 07:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213193
IP address blocks: 88.218.157.0/24 maxlen: 24
88.218.158.0/24 maxlen: 24
88.218.159.0/24 maxlen: 24
88.218.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7b:9d:41:4e:09:5d:9e:2e:57:26:7e:2b:7c:b5:56:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4732d0fce83fb67382ceace3756c8b13c0a95c98
Validity
Not Before: Jan 4 07:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d4eb740dd816eca6f1141663b66c8c01a3f7a70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e8:df:7a:6c:71:57:df:09:d6:e2:c8:b7:74:
f2:1a:0f:be:10:41:4a:f4:63:0f:d4:60:78:12:10:
35:af:ff:a7:fe:70:14:2b:df:8e:84:77:e0:42:fa:
40:06:ff:b2:17:a7:87:c0:d3:b9:37:c9:47:e6:65:
4f:31:96:30:4f:64:72:d1:c2:2f:31:a3:83:b8:5e:
6f:8f:ad:16:43:b0:73:2d:54:4e:6d:64:60:12:54:
28:69:ae:7d:ea:cc:4a:20:d5:de:d9:fa:ac:c9:74:
dd:e1:94:78:6f:c0:f9:03:b5:c8:20:72:5d:78:ae:
80:dd:9e:cf:85:5d:dc:3d:92:1d:ae:93:c8:64:52:
f4:ab:24:da:7b:70:69:9b:38:0a:15:cf:58:5a:70:
3d:57:f2:2b:02:f0:90:8e:fb:bc:b9:f8:98:9a:f9:
b5:02:cf:d3:b1:d4:02:64:d4:be:97:37:54:de:67:
01:a1:69:af:63:7d:41:52:3a:8d:4b:e0:0d:63:78:
1b:4e:ae:52:9a:f7:59:c3:c1:f2:9e:ad:ce:a1:50:
96:38:38:c1:0c:33:86:02:dd:e5:52:a1:92:27:7d:
0c:2d:f1:e1:3b:8b:1a:41:a2:f4:98:8f:c4:cd:f9:
63:7f:4f:c2:b1:46:0a:22:f1:8b:6b:82:f0:ba:31:
fc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:4E:B7:40:DD:81:6E:CA:6F:11:41:66:3B:66:C8:C0:1A:3F:7A:70
X509v3 Authority Key Identifier:
keyid:47:32:D0:FC:E8:3F:B6:73:82:CE:AC:E3:75:6C:8B:13:C0:A9:5C:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzLQ_Og_tnOCzqzjdWyLE8CpXJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/dcacd2-d780-46f7-a5b6-79cc7a14bf9a/1/nU63QN2BbspvEUFmO2bIwBo_enA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/dcacd2-d780-46f7-a5b6-79cc7a14bf9a/1/RzLQ_Og_tnOCzqzjdWyLE8CpXJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.156.0/22
Signature Algorithm: sha256WithRSAEncryption
49:66:ba:eb:13:43:08:91:3a:ba:5d:c2:1e:20:c2:b8:41:ec:
99:82:16:7d:92:0e:1f:53:5b:9b:ff:eb:24:31:4b:d8:9f:1c:
78:a4:63:4f:42:f8:6b:a2:4a:68:2f:c7:64:01:eb:46:14:1c:
ac:f8:32:53:8d:df:64:f7:48:76:1a:55:10:ef:1e:4b:b3:1f:
cf:be:fe:b8:4e:d9:4c:5d:5e:78:0e:58:05:fc:5d:bf:90:99:
ad:63:82:f0:bc:ad:16:63:9a:d6:1c:6d:a3:96:c5:b9:e7:dc:
55:27:be:0d:05:7a:26:51:cd:e6:5b:f6:38:12:a6:72:7a:6e:
05:65:f4:a9:45:aa:74:83:55:62:fb:76:f8:c3:5e:15:c8:7c:
1d:82:a9:21:a7:21:6b:b4:23:2b:f8:f0:c5:a5:df:64:d6:f6:
ca:e6:7f:f1:de:bb:3c:09:cc:7c:8d:03:e2:d1:9d:9c:fc:52:
a3:81:d2:0f:d8:49:46:ce:5c:7a:9c:81:4a:b3:73:40:81:84:
1e:08:ff:a0:b8:6a:4a:bf:d9:5b:b9:fc:5a:cc:8e:17:91:92:
a0:a9:16:0f:0d:20:5e:9a:e6:cf:2a:b2:5d:09:de:07:5f:d9:
25:3e:cf:51:f3:4b:62:3a:5c:00:6c:e4:e2:d1:13:c3:b0:5e:
39:23:fe:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV7nUFOCV2eLlcmfit8tVZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MzJkMGZjZTgzZmI2NzM4MmNlYWNlMzc1NmM4YjEzYzBh
OTVjOTgwHhcNMjMwMTA0MDcwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDRlYjc0MGRkODE2ZWNhNmYxMTQxNjYzYjY2YzhjMDFhM2Y3YTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuujfemxxV98J1uLIt3TyGg++EEFK
9GMP1GB4EhA1r/+n/nAUK9+OhHfgQvpABv+yF6eHwNO5N8lH5mVPMZYwT2Ry0cIv
MaODuF5vj60WQ7BzLVRObWRgElQoaa596sxKINXe2fqsyXTd4ZR4b8D5A7XIIHJd
eK6A3Z7PhV3cPZIdrpPIZFL0qyTae3BpmzgKFc9YWnA9V/IrAvCQjvu8ufiYmvm1
As/TsdQCZNS+lzdU3mcBoWmvY31BUjqNS+ANY3gbTq5SmvdZw8Hynq3OoVCWODjB
DDOGAt3lUqGSJ30MLfHhO4saQaL0mI/Ezfljf0/CsUYKIvGLa4LwujH8VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1Ot0DdgW7KbxFBZjtmyMAaP3pwMB8GA1UdIwQY
MBaAFEcy0PzoP7Zzgs6s43VsixPAqVyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpMUV9PZ190bk9DenF6amRXeUxFOENwWEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kY2FjZDItZDc4MC00NmY3LWE1YjYt
NzljYzdhMTRiZjlhLzEvblU2M1FOMkJic3B2RVVGbU8yYkl3Qm9fZW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kY2FjZDItZDc4MC00NmY3LWE1YjYtNzljYzdhMTRiZjlh
LzEvUnpMUV9PZ190bk9DenF6amRXeUxFOENwWEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNqcMA0G
CSqGSIb3DQEBCwUAA4IBAQBJZrrrE0MIkTq6XcIeIMK4QeyZghZ9kg4fU1ub/+sk
MUvYnxx4pGNPQvhrokpoL8dkAetGFBys+DJTjd9k90h2GlUQ7x5Lsx/Pvv64TtlM
XV54DlgF/F2/kJmtY4LwvK0WY5rWHG2jlsW559xVJ74NBXomUc3mW/Y4EqZyem4F
ZfSpRap0g1Vi+3b4w14VyHwdgqkhpyFrtCMr+PDFpd9k1vbK5n/x3rs8Ccx8jQPi
0Z2c/FKjgdIP2ElGzlx6nIFKs3NAgYQeCP+guGpKv9lbufxazI4XkZKgqRYPDSBe
mubPKrJdCd4HX9klPs9R80tiOlwAbOTi0RPDsF45I/5h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:25 2024 by rpki-client on console-fra.rpki-client.org