Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/dSp-bFfbPpJKhRI63kSlTuExiAg.roa
File: dSp-bFfbPpJKhRI63kSlTuExiAg.roa (raw, json)
Hash identifier: LTzipx5b5jNYuHbY1XMwi1MQDK88NPJRAPlCNC3GAZg=
Subject key identifier: 75:2A:7E:6C:57:DB:3E:92:4A:85:12:3A:DE:44:A5:4E:E1:31:88:08
Certificate issuer: /CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Certificate serial: 018F305F62341D85E6D0E3CC17AEC754BFDB
Authority key identifier: 2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/dSp-bFfbPpJKhRI63kSlTuExiAg.roa
Signing time: Tue 30 Apr 2024 18:58:28 +0000
ROA not before: Tue 30 Apr 2024 18:58:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209275
IP address blocks: 88.214.40.0/24 maxlen: 24
88.214.42.0/24 maxlen: 24
185.225.198.0/24 maxlen: 24
2a09:9d00::/29 maxlen: 29
2a09:9d00:1::/48 maxlen: 48
2a09:9d00:2::/48 maxlen: 48
2a09:9d00:3::/48 maxlen: 48
2a09:9d00:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 May 2024 09:28:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:30:5f:62:34:1d:85:e6:d0:e3:cc:17:ae:c7:54:bf:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Validity
Not Before: Apr 30 18:58:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=752a7e6c57db3e924a85123ade44a54ee1318808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b9:f5:a8:74:8a:fa:e1:6c:15:ba:8c:d4:60:
85:53:92:db:e8:cf:59:2e:bf:d8:90:41:b6:8c:b7:
05:e6:ce:90:76:7e:62:2c:6e:41:a7:67:a3:2a:a5:
55:02:ac:27:82:a8:2b:f7:3f:d9:55:8a:60:1f:62:
71:5d:ab:e2:bc:10:b8:d0:24:03:d7:cc:56:84:b4:
5b:59:16:be:32:82:de:72:e8:ff:85:8d:80:78:64:
02:92:5e:0b:19:ed:a7:2f:19:ee:59:c0:66:2f:d8:
f4:bd:a6:5b:0d:ee:c2:89:45:2e:4b:74:ad:3e:7a:
84:d2:f6:55:30:73:de:74:73:d5:c2:1a:91:09:f9:
de:b3:16:a3:49:0d:4e:cb:d5:94:77:bb:76:e4:6b:
9d:3e:51:c5:66:4d:f2:e5:dd:96:5a:55:bf:e8:06:
9e:7b:df:dc:77:21:8b:13:a4:a2:62:6b:ed:1f:ad:
c6:d0:54:5c:ba:a0:eb:7c:83:42:af:a8:bf:38:61:
e5:82:dc:a8:ee:f9:60:08:9f:d8:13:00:60:b0:ba:
e8:b7:a9:ef:e7:7e:7a:a4:50:55:96:c9:4f:ab:86:
9d:87:7e:d3:0f:36:7f:16:e5:60:cd:dd:29:35:f9:
0c:2a:f4:7b:7d:fc:b7:70:82:2b:51:b6:0f:f8:f9:
5d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:2A:7E:6C:57:DB:3E:92:4A:85:12:3A:DE:44:A5:4E:E1:31:88:08
X509v3 Authority Key Identifier:
keyid:2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/dSp-bFfbPpJKhRI63kSlTuExiAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.40.0/24
88.214.42.0/24
185.225.198.0/24
IPv6:
2a09:9d00::/29
Signature Algorithm: sha256WithRSAEncryption
07:f9:2f:30:7e:cd:cd:b9:f9:29:24:8d:99:59:67:ef:e7:58:
ca:f8:86:08:da:1b:87:be:91:f1:3b:50:c3:76:42:2d:3a:5b:
61:72:1a:ca:3a:96:9d:0f:22:ee:dd:71:cb:20:ea:b7:c0:96:
39:7d:39:de:32:49:d8:c8:d4:55:be:41:d5:db:78:b3:e6:43:
94:08:9c:b6:98:15:b5:16:01:86:1b:33:64:e7:29:ae:69:3c:
7e:ac:bb:28:33:e6:43:6f:26:f8:c0:b9:02:67:09:a3:47:37:
67:a4:c1:76:67:1d:9c:7b:84:80:82:90:e4:b5:7d:9f:15:d8:
3b:65:9f:45:6e:b9:72:11:68:de:02:99:ea:d1:28:51:48:1b:
5b:0a:5c:63:17:39:47:2f:1a:05:96:08:1c:e1:89:ee:9e:be:
5b:04:fa:eb:ba:da:14:b6:67:05:11:2f:94:13:2f:dd:88:b7:
22:8a:9e:61:86:87:b8:43:86:a8:46:16:57:29:ac:03:b5:9b:
67:8b:cf:2d:99:1d:6f:de:36:aa:3e:f4:96:e8:5c:95:5b:e4:
80:14:41:d5:a6:2c:b0:ba:19:44:a0:98:28:bb:d5:40:9b:ba:
2b:8e:03:ac:c1:27:ad:c1:cc:70:af:4d:ce:51:8a:2f:53:d1:
f8:00:f4:66
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8wX2I0HYXm0OPMF67HVL/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDNkYWM4ZWE1NTY5MzQzOWRkMWI4YjQ4MTJiYTcxODM0
ZjEwMzEwHhcNMjQwNDMwMTg1ODI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTJhN2U2YzU3ZGIzZTkyNGE4NTEyM2FkZTQ0YTU0ZWUxMzE4ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorn1qHSK+uFsFbqM1GCFU5Lb6M9Z
Lr/YkEG2jLcF5s6Qdn5iLG5Bp2ejKqVVAqwngqgr9z/ZVYpgH2JxXavivBC40CQD
18xWhLRbWRa+MoLecuj/hY2AeGQCkl4LGe2nLxnuWcBmL9j0vaZbDe7CiUUuS3St
PnqE0vZVMHPedHPVwhqRCfnesxajSQ1Oy9WUd7t25GudPlHFZk3y5d2WWlW/6Aae
e9/cdyGLE6SiYmvtH63G0FRcuqDrfINCr6i/OGHlgtyo7vlgCJ/YEwBgsLrot6nv
5356pFBVlslPq4adh37TDzZ/FuVgzd0pNfkMKvR7ffy3cIIrUbYP+PldrwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHUqfmxX2z6SSoUSOt5EpU7hMYgIMB8GA1UdIwQY
MBaAFC5D2sjqVWk0Od0bi0gSunGDTxAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQt
MjZjN2M5NjNhNzY5LzEvZFNwLWJGZmJQcEpLaFJJNjNrU2xUdUV4aUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQtMjZjN2M5NjNhNzY5
LzEvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWNYoAwQA
WNYqAwQAueHGMA0EAgACMAcDBQMqCZ0AMA0GCSqGSIb3DQEBCwUAA4IBAQAH+S8w
fs3NufkpJI2ZWWfv51jK+IYI2huHvpHxO1DDdkItOlthchrKOpadDyLu3XHLIOq3
wJY5fTneMknYyNRVvkHV23iz5kOUCJy2mBW1FgGGGzNk5ymuaTx+rLsoM+ZDbyb4
wLkCZwmjRzdnpMF2Zx2ce4SAgpDktX2fFdg7ZZ9FbrlyEWjeApnq0ShRSBtbClxj
FzlHLxoFlggc4Ynunr5bBPrrutoUtmcFES+UEy/diLciip5hhoe4Q4aoRhZXKawD
tZtni88tmR1v3jaqPvSW6FyVW+SAFEHVpiywuhlEoJgou9VAm7orjgOswSetwcxw
r03OUYovU9H4APRm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org