Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/88GD-DkpjkH18Ormk1NwPTK8rkE.roa
File: 88GD-DkpjkH18Ormk1NwPTK8rkE.roa (raw, json)
Hash identifier: 4ZBFkx8ttleCL/jHkAq0fgwCq4W4FAWp5Qpkbd0sN2M=
Subject key identifier: F3:C1:83:F8:39:29:8E:41:F5:F0:EA:E6:93:53:70:3D:32:BC:AE:41
Certificate issuer: /CN=f3cab68fbb0c979476594bdfc56c192042b8dedf
Certificate serial: 01856FF062993BA5C7AB88361C2EF1261B49
Authority key identifier: F3:CA:B6:8F:BB:0C:97:94:76:59:4B:DF:C5:6C:19:20:42:B8:DE:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/88q2j7sMl5R2WUvfxWwZIEK43t8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/88GD-DkpjkH18Ormk1NwPTK8rkE.roa
Signing time: Mon 02 Jan 2023 00:45:02 +0000
ROA not before: Mon 02 Jan 2023 00:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42277
IP address blocks: 37.188.0.0/18 maxlen: 18
77.241.16.0/21 maxlen: 21
178.249.240.0/21 maxlen: 21
94.247.248.0/24 maxlen: 24
94.247.252.0/22 maxlen: 22
94.247.248.0/22 maxlen: 24
176.241.192.0/19 maxlen: 19
5.249.192.0/19 maxlen: 19
46.62.0.0/17 maxlen: 17
2a02:51c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:62:99:3b:a5:c7:ab:88:36:1c:2e:f1:26:1b:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3cab68fbb0c979476594bdfc56c192042b8dedf
Validity
Not Before: Jan 2 00:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3c183f839298e41f5f0eae69353703d32bcae41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:61:a7:46:7a:02:96:ab:6d:46:fd:14:cc:dd:
ac:96:83:3e:fd:02:4e:7c:15:b4:18:11:36:bb:58:
c6:18:ae:12:90:74:3b:ef:fb:dc:42:ac:47:67:6a:
3e:4d:e5:ce:d5:d4:c2:77:23:8b:ce:d2:1c:76:e8:
22:65:8a:12:ba:a5:23:21:d4:00:b9:15:be:76:ae:
ea:41:dd:87:ca:63:89:47:a1:63:14:5a:6b:80:7d:
29:0b:32:3d:68:f9:09:54:1e:c2:8d:47:7e:64:66:
3b:c2:f3:e8:0b:3c:74:96:dc:b9:54:4c:2b:9d:cb:
d4:a2:4d:ca:c0:2a:88:d8:fe:e3:8f:13:50:5c:e0:
3a:06:29:be:ef:3e:3e:73:66:18:16:1e:9b:6b:8d:
b0:f1:75:2c:d8:87:47:c5:92:15:2d:a6:fd:d7:25:
4d:20:c7:e4:8a:98:6e:a0:77:0b:c0:7a:cc:65:84:
c4:9a:87:f3:4b:9e:c5:b4:1d:1e:d7:b9:48:b2:3e:
75:b3:de:90:28:a1:c7:8d:33:1c:61:e7:84:26:ed:
a3:15:78:11:f1:d8:8d:5d:45:db:06:71:0b:15:4d:
db:a0:00:2f:8f:c8:ce:6c:d6:0c:45:f5:8b:bc:89:
12:52:07:7c:74:8a:f4:4f:78:ca:ca:4b:8e:7f:36:
59:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C1:83:F8:39:29:8E:41:F5:F0:EA:E6:93:53:70:3D:32:BC:AE:41
X509v3 Authority Key Identifier:
keyid:F3:CA:B6:8F:BB:0C:97:94:76:59:4B:DF:C5:6C:19:20:42:B8:DE:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/88q2j7sMl5R2WUvfxWwZIEK43t8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/88GD-DkpjkH18Ormk1NwPTK8rkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/88q2j7sMl5R2WUvfxWwZIEK43t8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.192.0/19
37.188.0.0/18
46.62.0.0/17
77.241.16.0/21
94.247.248.0/21
176.241.192.0/19
178.249.240.0/21
IPv6:
2a02:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
15:07:b6:f9:3b:79:36:68:5c:f6:69:5c:2e:b5:e3:20:af:9c:
96:39:95:d4:a7:74:c4:1c:b3:9c:53:0f:25:02:83:24:29:e3:
83:f2:0b:9a:95:92:d5:a1:67:ad:d7:06:60:90:25:71:46:26:
bc:c4:47:08:db:50:0d:cc:c5:b6:bc:5f:ac:4d:bb:73:d2:4b:
1b:67:a6:9a:a6:07:14:63:6b:8b:80:c9:ef:23:d8:81:95:4f:
26:b2:bb:00:05:ae:22:5c:c5:19:09:c3:29:fd:aa:e8:6d:5b:
94:95:db:9a:68:37:c6:2b:e9:63:53:bb:e1:d9:a3:c8:c4:fa:
b5:ea:25:92:c4:ff:97:1d:3a:f6:69:df:37:45:2e:6c:fa:62:
9e:b4:52:db:0c:7f:f7:89:8a:55:e2:78:1c:c9:c0:aa:b8:ce:
99:e4:4e:04:4d:fb:ca:1b:c7:a8:a8:a3:46:ed:14:0e:46:1b:
34:f7:52:48:3a:7f:75:4a:56:61:87:b4:ef:0c:80:b1:47:ec:
89:6e:dd:ff:f0:1a:76:13:7f:ba:15:0b:21:a1:58:a3:b1:94:
77:e0:67:55:66:be:49:bf:fe:a2:57:34:f8:5f:16:65:45:74:
73:de:2a:05:77:2e:68:4c:31:43:52:b0:ad:78:a7:b1:11:e3:
79:36:ca:b5
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVv8GKZO6XHq4g2HC7xJhtJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzY2FiNjhmYmIwYzk3OTQ3NjU5NGJkZmM1NmMxOTIwNDJi
OGRlZGYwHhcNMjMwMTAyMDA0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2MxODNmODM5Mjk4ZTQxZjVmMGVhZTY5MzUzNzAzZDMyYmNhZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mGnRnoClqttRv0UzN2sloM+/QJO
fBW0GBE2u1jGGK4SkHQ77/vcQqxHZ2o+TeXO1dTCdyOLztIcdugiZYoSuqUjIdQA
uRW+dq7qQd2HymOJR6FjFFprgH0pCzI9aPkJVB7CjUd+ZGY7wvPoCzx0lty5VEwr
ncvUok3KwCqI2P7jjxNQXOA6Bim+7z4+c2YYFh6ba42w8XUs2IdHxZIVLab91yVN
IMfkiphuoHcLwHrMZYTEmofzS57FtB0e17lIsj51s96QKKHHjTMcYeeEJu2jFXgR
8diNXUXbBnELFU3boAAvj8jObNYMRfWLvIkSUgd8dIr0T3jKykuOfzZZDQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFPPBg/g5KY5B9fDq5pNTcD0yvK5BMB8GA1UdIwQY
MBaAFPPKto+7DJeUdllL38VsGSBCuN7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODhxMmo3c01sNVIyV1V2ZnhXd1pJRUs0M3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9hNDQzMzUtNDE0Zi00NDc5LWE3ZmUt
YWE0YTgxYTJlYjIzLzEvODhHRC1Ea3Bqa0gxOE9ybWsxTndQVEs4cmtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9hNDQzMzUtNDE0Zi00NDc5LWE3ZmUtYWE0YTgxYTJlYjIz
LzEvODhxMmo3c01sNVIyV1V2ZnhXd1pJRUs0M3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFBfnAAwQG
JbwAAwQHLj4AAwQDTfEQAwQDXvf4AwQFsPHAAwQDsvnwMA0EAgACMAcDBQAqAlHA
MA0GCSqGSIb3DQEBCwUAA4IBAQAVB7b5O3k2aFz2aVwuteMgr5yWOZXUp3TEHLOc
Uw8lAoMkKeOD8gualZLVoWet1wZgkCVxRia8xEcI21ANzMW2vF+sTbtz0ksbZ6aa
pgcUY2uLgMnvI9iBlU8msrsABa4iXMUZCcMp/arobVuUlduaaDfGK+ljU7vh2aPI
xPq16iWSxP+XHTr2ad83RS5s+mKetFLbDH/3iYpV4ngcycCquM6Z5E4ETfvKG8eo
qKNG7RQORhs091JIOn91SlZhh7TvDICxR+yJbt3/8Bp2E3+6FQshoVijsZR34GdV
Zr5Jv/6iVzT4XxZlRXRz3ioFdy5oTDFDUrCteKexEeN5Nsq1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:02 2024 by rpki-client on console-fra.rpki-client.org