Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/kM6XcL1StjeOqGcfcdNHSMfyiTo.roa
File: kM6XcL1StjeOqGcfcdNHSMfyiTo.roa (raw, json)
Hash identifier: 160wxfgyEo1dG09vcJyTXIHfKnHTAeA0rQbYFC5qx7Q=
Subject key identifier: 90:CE:97:70:BD:52:B6:37:8E:A8:67:1F:71:D3:47:48:C7:F2:89:3A
Certificate issuer: /CN=9944f812a0e002c38e84e47628bdba038598090b
Certificate serial: 01856DCB070163EBE07748BD79B1425607C3
Authority key identifier: 99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/kM6XcL1StjeOqGcfcdNHSMfyiTo.roa
Signing time: Sun 01 Jan 2023 14:45:00 +0000
ROA not before: Sun 01 Jan 2023 14:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61071
IP address blocks: 88.213.211.0/24 maxlen: 24
88.213.210.0/24 maxlen: 24
88.213.213.0/24 maxlen: 24
88.213.214.0/23 maxlen: 23
178.217.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 13 Feb 2023 07:37:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:cb:07:01:63:eb:e0:77:48:bd:79:b1:42:56:07:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9944f812a0e002c38e84e47628bdba038598090b
Validity
Not Before: Jan 1 14:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90ce9770bd52b6378ea8671f71d34748c7f2893a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:59:22:bb:b4:57:87:57:3f:11:bb:24:43:8b:
a7:22:c5:d4:1b:2e:82:74:8b:b8:4a:c9:a9:2e:f8:
e9:71:29:fb:02:2b:c1:af:27:98:7f:e8:55:a1:31:
ef:b2:22:25:97:b3:09:d8:4e:f9:b3:73:b7:cd:82:
47:f3:ae:c7:3d:80:39:f8:02:92:fc:6b:db:1e:8a:
7e:c7:9d:39:56:7d:36:59:bd:54:1e:c1:2d:87:7e:
bd:bf:af:d0:3e:78:c3:fe:56:0b:45:75:60:07:b9:
41:7d:04:bd:d8:08:f8:9b:7a:d1:9e:d8:69:79:e1:
b9:3a:f4:4f:8f:fe:1a:eb:5c:c0:ae:e9:d8:cc:81:
aa:51:0a:98:b3:6c:bb:e0:a7:56:a1:0c:7c:70:15:
2d:7c:44:f2:b7:ad:bf:81:66:44:33:a5:f0:14:aa:
20:69:6d:a7:a1:f3:f7:71:a1:9a:ea:23:e6:31:d1:
3f:65:19:9a:3a:43:09:33:7a:05:e7:9b:d5:e6:05:
15:99:70:ad:02:03:85:ef:68:06:7f:cd:d2:2f:13:
3e:64:46:22:79:dc:99:7f:2c:ec:6f:a7:eb:db:96:
c4:aa:66:bb:80:e4:21:bc:c8:e9:16:ae:08:dd:a3:
01:7b:a2:ed:a8:06:94:82:a9:1a:8c:dc:cb:88:c2:
fe:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CE:97:70:BD:52:B6:37:8E:A8:67:1F:71:D3:47:48:C7:F2:89:3A
X509v3 Authority Key Identifier:
keyid:99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/kM6XcL1StjeOqGcfcdNHSMfyiTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.213.210.0/23
88.213.213.0-88.213.215.255
178.217.88.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:9e:df:f7:ae:ca:b2:6d:f7:81:42:29:d6:25:31:cf:56:8c:
1a:3f:c5:21:ae:14:1b:25:52:d9:0f:5d:a7:b8:50:d8:20:25:
b1:59:3c:40:4e:d6:4d:ec:8c:95:6f:73:15:32:75:95:a2:82:
17:09:8e:dd:83:aa:98:8d:d8:74:74:a9:c9:31:9e:3f:93:42:
d3:b3:c5:cc:6a:50:ad:38:12:c9:c3:db:1e:45:e8:d6:b3:6a:
1e:13:b4:a2:63:68:2f:66:33:0d:a3:fe:ff:b0:64:08:23:37:
2f:ac:18:07:d6:32:22:c6:83:3b:36:13:85:5b:e6:76:55:c9:
16:69:09:60:59:e8:5e:13:81:dd:8e:6c:a8:e7:06:d9:64:33:
e8:b2:34:ee:15:60:4f:7d:3a:f6:bd:0c:9e:67:12:44:66:00:
71:6d:e4:30:e4:a6:3a:f9:3d:8b:b2:df:ef:d8:28:d8:b1:28:
e5:c8:9f:69:a3:17:0f:36:b0:77:8d:69:7c:00:e9:02:a9:b1:
ef:f9:26:3f:7e:46:79:d5:71:13:42:e0:2c:5c:ab:74:47:53:
85:3f:99:96:54:b1:1a:29:a0:3a:5c:a0:9f:98:be:af:b5:01:
4e:8f:a4:a6:f8:36:12:5d:aa:0b:8f:bf:34:65:3c:d5:90:cc:
48:2c:03:8c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVtywcBY+vgd0i9ebFCVgfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NDRmODEyYTBlMDAyYzM4ZTg0ZTQ3NjI4YmRiYTAzODU5
ODA5MGIwHhcNMjMwMTAxMTQ0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNlOTc3MGJkNTJiNjM3OGVhODY3MWY3MWQzNDc0OGM3ZjI4OTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1kiu7RXh1c/EbskQ4unIsXUGy6C
dIu4SsmpLvjpcSn7AivBryeYf+hVoTHvsiIll7MJ2E75s3O3zYJH867HPYA5+AKS
/GvbHop+x505Vn02Wb1UHsEth369v6/QPnjD/lYLRXVgB7lBfQS92Aj4m3rRnthp
eeG5OvRPj/4a61zArunYzIGqUQqYs2y74KdWoQx8cBUtfETyt62/gWZEM6XwFKog
aW2nofP3caGa6iPmMdE/ZRmaOkMJM3oF55vV5gUVmXCtAgOF72gGf83SLxM+ZEYi
edyZfyzsb6fr25bEqma7gOQhvMjpFq4I3aMBe6LtqAaUgqkajNzLiML+swIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJDOl3C9UrY3jqhnH3HTR0jH8ok6MB8GA1UdIwQY
MBaAFJlE+BKg4ALDjoTkdii9ugOFmAkLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMt
MzA2YzU2NTEzNDNlLzEva002WGNMMVN0amVPcUdjZmNkTkhTTWZ5aVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMtMzA2YzU2NTEzNDNl
LzEvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBWNXSMAwD
BABY1dUDBANY1dADBAKy2VgwDQYJKoZIhvcNAQELBQADggEBAMKe3/euyrJt94FC
KdYlMc9WjBo/xSGuFBslUtkPXae4UNggJbFZPEBO1k3sjJVvcxUydZWighcJjt2D
qpiN2HR0qckxnj+TQtOzxcxqUK04EsnD2x5F6Nazah4TtKJjaC9mMw2j/v+wZAgj
Ny+sGAfWMiLGgzs2E4Vb5nZVyRZpCWBZ6F4Tgd2ObKjnBtlkM+iyNO4VYE99Ova9
DJ5nEkRmAHFt5DDkpjr5PYuy3+/YKNixKOXIn2mjFw82sHeNaXwA6QKpse/5Jj9+
RnnVcRNC4Cxcq3RHU4U/mZZUsRopoDpcoJ+Yvq+1AU6PpKb4NhJdqguPvzRlPNWQ
zEgsA4w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:51 2024 by rpki-client on console-ams.rpki-client.org