Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/cac593-6074-4221-befd-0a892ab47db3/1/CprOfuROI-JNz-3ogkFzwlC0IWc.roa
File: CprOfuROI-JNz-3ogkFzwlC0IWc.roa (raw, json)
Hash identifier: rEyCcbprBuGorrTCuyy8vQtvlFyHJwUUq/BOw1Fit0o=
Subject key identifier: 0A:9A:CE:7E:E4:4E:23:E2:4D:CF:ED:E8:82:41:73:C2:50:B4:21:67
Certificate issuer: /CN=4557df3e546d56dbb5d230f611c724c599a72251
Certificate serial: 018AFF8C0FD6B3CC757769A3B0B080C87531
Authority key identifier: 45:57:DF:3E:54:6D:56:DB:B5:D2:30:F6:11:C7:24:C5:99:A7:22:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RVffPlRtVtu10jD2EcckxZmnIlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/cac593-6074-4221-befd-0a892ab47db3/1/CprOfuROI-JNz-3ogkFzwlC0IWc.roa
Signing time: Thu 05 Oct 2023 11:14:43 +0000
ROA not before: Thu 05 Oct 2023 11:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50673
IP address blocks: 88.218.132.0/22 maxlen: 22
2a09:aa80::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 05 Oct 2023 11:57:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:8c:0f:d6:b3:cc:75:77:69:a3:b0:b0:80:c8:75:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4557df3e546d56dbb5d230f611c724c599a72251
Validity
Not Before: Oct 5 11:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a9ace7ee44e23e24dcfede8824173c250b42167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1b:20:f5:77:01:d2:73:40:80:7a:93:0f:a2:
02:80:74:1d:cf:96:f0:88:05:de:97:c4:a9:4a:47:
28:bb:ee:00:cc:07:22:52:7e:b5:2d:13:39:74:dc:
42:f8:dc:1d:cf:f1:64:47:8e:fb:3a:13:2a:76:3d:
77:30:3c:7b:4b:52:86:5f:81:5c:2f:74:b7:8d:1c:
5e:9e:2d:70:e4:08:fd:14:84:bc:86:b7:44:83:46:
62:fa:c1:e3:ec:fa:dc:c2:67:47:62:15:e7:c0:fc:
c4:ea:49:5b:47:1f:67:dc:52:29:ce:0a:b9:b4:cf:
1b:24:a0:21:bd:fc:a1:0d:bc:27:42:a8:3f:cb:8a:
8e:6c:4f:b8:de:08:5c:c6:6c:03:8a:e4:61:6d:0f:
2f:f1:3f:64:09:33:3a:fc:0f:1f:3b:50:df:3e:ec:
98:9c:2f:89:a3:54:4a:5d:8f:0d:1d:f2:97:f6:58:
cf:6d:2a:e0:57:c3:27:08:1a:eb:0a:83:73:e3:66:
76:d6:00:41:75:2d:ba:52:8b:47:36:34:81:7b:e9:
a9:a9:3d:ee:4d:75:81:8b:51:bc:e8:77:f7:e3:1e:
32:83:d0:30:68:8d:19:0f:18:26:3a:2f:a8:e4:54:
35:34:d6:80:cc:27:8c:91:48:04:95:6f:61:fc:1a:
b5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:9A:CE:7E:E4:4E:23:E2:4D:CF:ED:E8:82:41:73:C2:50:B4:21:67
X509v3 Authority Key Identifier:
keyid:45:57:DF:3E:54:6D:56:DB:B5:D2:30:F6:11:C7:24:C5:99:A7:22:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RVffPlRtVtu10jD2EcckxZmnIlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/cac593-6074-4221-befd-0a892ab47db3/1/CprOfuROI-JNz-3ogkFzwlC0IWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/cac593-6074-4221-befd-0a892ab47db3/1/RVffPlRtVtu10jD2EcckxZmnIlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.132.0/22
IPv6:
2a09:aa80::/32
Signature Algorithm: sha256WithRSAEncryption
62:b2:4a:9b:46:17:96:11:59:bc:9a:ff:05:c4:fe:ea:32:c1:
29:54:37:48:0a:2a:71:e5:27:aa:4e:3f:71:96:8c:5b:fb:ee:
2f:87:0b:45:76:d4:c8:ff:91:71:8c:46:aa:f9:da:cd:7a:f1:
43:b9:ae:37:ef:b5:3d:e9:f9:63:d7:e8:d9:95:83:b7:65:99:
04:9e:17:28:50:d0:b1:43:64:20:33:eb:b4:03:c6:7d:e2:1e:
c2:c4:2d:5c:79:bd:d1:80:9a:e3:aa:e2:4d:b9:de:de:ae:10:
16:02:96:34:da:80:5e:4c:14:c1:20:7d:75:cd:36:c8:a1:8c:
dd:5b:ca:7f:aa:40:5c:fd:2c:54:54:1e:a4:00:71:4f:fd:58:
90:bd:a5:58:cb:15:89:bf:c0:aa:89:3f:54:d1:d7:fd:99:44:
c8:d9:29:7c:08:48:7b:e8:7f:a5:90:5b:4b:12:a0:5f:15:3a:
c9:5a:f2:be:80:01:76:62:77:4b:ca:f5:12:74:3b:26:1b:ea:
1b:07:62:20:a1:97:dc:16:ec:10:58:7e:94:46:b7:0c:bd:f1:
51:be:8b:40:05:d4:bc:3f:9f:b7:8c:a0:72:d4:fd:e8:c4:cf:
12:fe:7e:a6:f7:f0:6e:36:fa:cd:70:aa:88:b9:1a:86:6e:52:
45:6c:1c:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYr/jA/Ws8x1d2mjsLCAyHUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NTdkZjNlNTQ2ZDU2ZGJiNWQyMzBmNjExYzcyNGM1OTlh
NzIyNTEwHhcNMjMxMDA1MTExNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTlhY2U3ZWU0NGUyM2UyNGRjZmVkZTg4MjQxNzNjMjUwYjQyMTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBsg9XcB0nNAgHqTD6ICgHQdz5bw
iAXel8SpSkcou+4AzAciUn61LRM5dNxC+Nwdz/FkR477OhMqdj13MDx7S1KGX4Fc
L3S3jRxeni1w5Aj9FIS8hrdEg0Zi+sHj7PrcwmdHYhXnwPzE6klbRx9n3FIpzgq5
tM8bJKAhvfyhDbwnQqg/y4qObE+43ghcxmwDiuRhbQ8v8T9kCTM6/A8fO1DfPuyY
nC+Jo1RKXY8NHfKX9ljPbSrgV8MnCBrrCoNz42Z21gBBdS26UotHNjSBe+mpqT3u
TXWBi1G86Hf34x4yg9AwaI0ZDxgmOi+o5FQ1NNaAzCeMkUgElW9h/Bq1dQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAqazn7kTiPiTc/t6IJBc8JQtCFnMB8GA1UdIwQY
MBaAFEVX3z5UbVbbtdIw9hHHJMWZpyJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlZmZlBsUnRWdHUxMGpEMkVjY2t4Wm1uSWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jYWM1OTMtNjA3NC00MjIxLWJlZmQt
MGE4OTJhYjQ3ZGIzLzEvQ3ByT2Z1Uk9JLUpOei0zb2drRnp3bEMwSVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jYWM1OTMtNjA3NC00MjIxLWJlZmQtMGE4OTJhYjQ3ZGIz
LzEvUlZmZlBsUnRWdHUxMGpEMkVjY2t4Wm1uSWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCWNqEMA0E
AgACMAcDBQAqCaqAMA0GCSqGSIb3DQEBCwUAA4IBAQBiskqbRheWEVm8mv8FxP7q
MsEpVDdICipx5SeqTj9xloxb++4vhwtFdtTI/5FxjEaq+drNevFDua4377U96flj
1+jZlYO3ZZkEnhcoUNCxQ2QgM+u0A8Z94h7CxC1ceb3RgJrjquJNud7erhAWApY0
2oBeTBTBIH11zTbIoYzdW8p/qkBc/SxUVB6kAHFP/ViQvaVYyxWJv8CqiT9U0df9
mUTI2Sl8CEh76H+lkFtLEqBfFTrJWvK+gAF2YndLyvUSdDsmG+obB2IgoZfcFuwQ
WH6URrcMvfFRvotABdS8P5+3jKBy1P3oxM8S/n6m9/BuNvrNcKqIuRqGblJFbBwg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:05 2024 by rpki-client on console-fra.rpki-client.org