Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/5NO6sqMOGKY8FEfn52WNX_EX_Ys.roa
File: 5NO6sqMOGKY8FEfn52WNX_EX_Ys.roa (raw, json)
Hash identifier: 3PEl4bZ3sXjvGpHLkqHw8NtI/mT0lPouLUhhPkUMeMQ=
Subject key identifier: E4:D3:BA:B2:A3:0E:18:A6:3C:14:47:E7:E7:65:8D:5F:F1:17:FD:8B
Certificate issuer: /CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Certificate serial: 018F2EE6308B2C8186F780644CBC15AEA276
Authority key identifier: 2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/5NO6sqMOGKY8FEfn52WNX_EX_Ys.roa
Signing time: Tue 30 Apr 2024 12:06:28 +0000
ROA not before: Tue 30 Apr 2024 12:06:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209275
IP address blocks: 88.214.40.0/24 maxlen: 24
88.214.42.0/24 maxlen: 24
185.225.198.0/24 maxlen: 24
2a09:9d00::/29 maxlen: 29
2a09:9d00:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Apr 2024 18:58:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:e6:30:8b:2c:81:86:f7:80:64:4c:bc:15:ae:a2:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Validity
Not Before: Apr 30 12:06:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4d3bab2a30e18a63c1447e7e7658d5ff117fd8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e2:2b:e4:f2:a1:8b:85:8f:99:5e:0c:8c:34:
83:ad:6e:66:fe:9b:49:b9:36:6c:f0:28:dc:61:75:
e5:a8:f0:2c:51:d3:8f:5b:6c:98:50:8f:f4:de:f8:
65:de:ff:34:1f:ca:0f:08:c9:64:0e:35:e2:7e:bf:
8b:8c:3d:9b:01:6a:83:87:61:e9:e5:d9:2b:2c:f0:
f0:49:f0:ff:82:85:00:d4:aa:7a:6c:09:5a:fe:28:
18:da:01:7a:1e:97:95:d3:b1:f2:82:6f:af:89:60:
10:8e:73:8b:96:6a:19:35:8c:4c:b5:0a:ba:23:57:
04:90:05:fa:a8:d9:24:b1:26:60:cd:c9:a1:57:e7:
bb:a9:48:34:80:3b:d7:7e:7e:ac:76:35:fe:d2:c8:
9a:34:c9:30:e1:a4:56:fb:98:b3:2b:8b:72:92:39:
b9:29:91:51:5e:bd:62:18:8e:36:31:26:29:18:3d:
85:cf:8c:e5:6f:ca:40:d4:37:53:ea:5c:d1:62:f4:
fc:89:3f:8c:07:27:df:55:64:a3:37:3d:bb:00:67:
08:e5:e9:11:b5:ca:13:ab:7b:8b:1b:b3:bb:bf:25:
cc:7c:be:7e:10:47:58:1e:8a:46:5a:66:34:96:4e:
17:ad:ec:1f:c7:3f:97:08:dc:fc:b8:88:e3:63:d9:
e4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D3:BA:B2:A3:0E:18:A6:3C:14:47:E7:E7:65:8D:5F:F1:17:FD:8B
X509v3 Authority Key Identifier:
keyid:2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/5NO6sqMOGKY8FEfn52WNX_EX_Ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.40.0/24
88.214.42.0/24
185.225.198.0/24
IPv6:
2a09:9d00::/29
Signature Algorithm: sha256WithRSAEncryption
49:86:0c:4f:ac:03:81:4c:3f:52:8d:a8:90:31:ab:60:15:02:
7e:31:2a:ce:1b:22:0e:fb:28:12:d1:1b:43:f6:59:c7:8a:64:
f1:da:6b:e6:c8:4a:68:5c:ee:9c:75:44:98:8c:d3:f8:78:43:
d6:16:49:41:82:f0:37:b1:47:48:b1:a3:4a:27:a9:32:8d:cd:
7d:e8:d2:95:41:96:b7:71:75:ca:28:97:e9:1c:08:16:c2:e1:
16:20:d0:43:cf:ac:38:49:08:2c:dd:d6:4a:8f:91:15:a9:66:
25:53:24:9d:4f:48:44:d5:92:0d:1d:84:f7:16:e4:d4:54:95:
04:b1:0b:6d:68:b2:bb:f0:55:0b:9e:36:63:1c:6d:ab:54:09:
52:4f:62:1d:25:ca:a1:27:ac:d4:24:85:1f:94:2d:2b:b7:4c:
d9:fa:03:a6:ec:b5:b7:7d:24:51:36:87:95:c4:ae:bc:1e:43:
f1:a3:b7:02:87:99:2d:c5:21:56:5a:6a:07:19:aa:cf:9f:91:
06:9c:e2:3d:90:4d:15:e1:d6:0d:da:4c:a7:00:f9:71:28:ca:
a7:6a:5c:25:fd:0b:be:5a:20:a2:13:47:be:91:3c:c7:13:0e:
38:9a:73:19:96:41:05:e0:33:b8:7c:f4:a2:4b:23:c8:8a:64:
e3:c0:5f:5e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8u5jCLLIGG94BkTLwVrqJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDNkYWM4ZWE1NTY5MzQzOWRkMWI4YjQ4MTJiYTcxODM0
ZjEwMzEwHhcNMjQwNDMwMTIwNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGQzYmFiMmEzMGUxOGE2M2MxNDQ3ZTdlNzY1OGQ1ZmYxMTdmZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOIr5PKhi4WPmV4MjDSDrW5m/ptJ
uTZs8CjcYXXlqPAsUdOPW2yYUI/03vhl3v80H8oPCMlkDjXifr+LjD2bAWqDh2Hp
5dkrLPDwSfD/goUA1Kp6bAla/igY2gF6HpeV07Hygm+viWAQjnOLlmoZNYxMtQq6
I1cEkAX6qNkksSZgzcmhV+e7qUg0gDvXfn6sdjX+0siaNMkw4aRW+5izK4tykjm5
KZFRXr1iGI42MSYpGD2Fz4zlb8pA1DdT6lzRYvT8iT+MByffVWSjNz27AGcI5ekR
tcoTq3uLG7O7vyXMfL5+EEdYHopGWmY0lk4Xrewfxz+XCNz8uIjjY9nkxwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOTTurKjDhimPBRH5+dljV/xF/2LMB8GA1UdIwQY
MBaAFC5D2sjqVWk0Od0bi0gSunGDTxAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQt
MjZjN2M5NjNhNzY5LzEvNU5PNnNxTU9HS1k4RkVmbjUyV05YX0VYX1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQtMjZjN2M5NjNhNzY5
LzEvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWNYoAwQA
WNYqAwQAueHGMA0EAgACMAcDBQMqCZ0AMA0GCSqGSIb3DQEBCwUAA4IBAQBJhgxP
rAOBTD9SjaiQMatgFQJ+MSrOGyIO+ygS0RtD9lnHimTx2mvmyEpoXO6cdUSYjNP4
eEPWFklBgvA3sUdIsaNKJ6kyjc196NKVQZa3cXXKKJfpHAgWwuEWINBDz6w4SQgs
3dZKj5EVqWYlUySdT0hE1ZINHYT3FuTUVJUEsQttaLK78FULnjZjHG2rVAlST2Id
JcqhJ6zUJIUflC0rt0zZ+gOm7LW3fSRRNoeVxK68HkPxo7cCh5ktxSFWWmoHGarP
n5EGnOI9kE0V4dYN2kynAPlxKMqnalwl/Qu+WiCiE0e+kTzHEw44mnMZlkEF4DO4
fPSiSyPIimTjwF9e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:45 2024 by rpki-client on console-fra.rpki-client.org