Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/iDMlgXsOFPX6E3FGElGZ9rLSmK8.roa
File: iDMlgXsOFPX6E3FGElGZ9rLSmK8.roa (raw, json)
Hash identifier: +krHImY7NQAdPIm+V903upTIfV21uAA8O5OL/tEAMaM=
Subject key identifier: 88:33:25:81:7B:0E:14:F5:FA:13:71:46:12:51:99:F6:B2:D2:98:AF
Certificate issuer: /CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Certificate serial: 0185736862A70CF425BAD9BBF6C928906BC7
Authority key identifier: B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/iDMlgXsOFPX6E3FGElGZ9rLSmK8.roa
Signing time: Mon 02 Jan 2023 16:54:58 +0000
ROA not before: Mon 02 Jan 2023 16:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15547
IP address blocks: 81.88.176.0/20 maxlen: 20
81.88.176.0/21 maxlen: 21
213.221.128.0/19 maxlen: 19
Validation: Failed, certificate revoked on Fri 17 Mar 2023 17:42:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:62:a7:0c:f4:25:ba:d9:bb:f6:c9:28:90:6b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Validity
Not Before: Jan 2 16:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=883325817b0e14f5fa137146125199f6b2d298af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e6:c3:fd:3d:2a:50:af:6c:cb:76:1b:b2:ef:
f7:a9:58:26:39:c6:f1:ff:01:be:7b:d1:a9:de:37:
80:88:fd:80:93:3b:dd:05:5f:bf:35:ef:63:ad:71:
46:66:c7:ed:d7:6e:08:ea:73:75:2d:ff:e2:bc:53:
cb:c4:23:ab:4c:76:8c:5e:8b:57:22:d5:71:55:bb:
97:15:52:67:5c:0c:9d:f9:43:7e:c6:cd:c8:38:23:
97:bc:93:4b:75:1a:53:ea:3d:2c:c1:8d:72:37:65:
89:ed:30:98:7f:1d:d2:5f:f5:ee:7f:ed:f5:b4:af:
1d:23:ab:a5:c7:0a:ef:1f:60:6c:bd:f2:7a:d1:fe:
9e:1c:6f:6a:9e:da:80:fb:3a:98:de:0c:a6:a1:f0:
80:65:2b:18:0a:13:49:5d:f7:eb:1f:b6:c9:ec:e8:
2b:1a:92:8f:18:6f:da:22:87:22:7b:ee:11:36:ca:
8a:d8:49:59:fe:7f:55:3a:d9:1c:65:68:0d:32:6e:
91:c6:dc:50:0e:55:f8:76:b8:c2:d6:32:36:bc:b0:
da:42:97:aa:0c:72:32:98:91:d7:bf:e2:ca:99:cd:
fb:3f:9f:a9:ca:b2:c6:9e:4c:45:2a:6e:d4:b7:43:
c6:dd:35:08:73:38:87:71:06:37:61:3d:fa:54:26:
6d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:33:25:81:7B:0E:14:F5:FA:13:71:46:12:51:99:F6:B2:D2:98:AF
X509v3 Authority Key Identifier:
keyid:B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/iDMlgXsOFPX6E3FGElGZ9rLSmK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.176.0/20
213.221.128.0/19
Signature Algorithm: sha256WithRSAEncryption
01:38:ca:c7:7b:5e:8c:56:1e:1f:d6:28:f6:95:b0:8a:3a:3d:
ba:0a:77:f2:0c:34:d5:86:ee:30:18:23:fc:28:3a:3b:3f:72:
32:b6:25:89:0e:d8:33:56:6f:aa:8b:ae:d6:da:f4:13:1a:65:
03:38:77:04:c6:72:92:0f:fa:97:1d:a0:77:2c:86:50:e7:b6:
af:dd:1c:4d:c6:9a:4d:d4:11:6f:31:c1:8c:78:87:3e:d7:8f:
e8:28:3d:37:54:9c:45:aa:0a:dc:48:02:47:26:79:16:02:f3:
70:fc:a8:6c:db:8b:73:da:e6:be:de:6b:97:a3:1b:8a:38:d4:
04:5c:d8:d7:2d:09:ba:19:a1:ef:ee:fc:98:42:95:0d:3b:18:
47:bc:f8:54:7d:d2:da:bc:de:ad:97:70:8b:3a:0f:c6:eb:f1:
03:cf:ee:99:e5:ce:e3:f5:23:d3:30:b2:ef:7d:84:5b:a8:76:
44:00:18:6c:40:ca:8e:19:4d:35:73:e3:b6:53:a1:32:4c:eb:
84:f0:c0:5e:4a:ae:16:df:67:27:fb:57:17:94:df:f8:d1:5b:
a5:8b:b1:fd:2c:a4:67:e2:61:45:00:b3:73:7c:e1:26:b1:91:
3c:77:b4:ec:1c:1c:3f:9e:de:4d:86:dc:16:0c:1f:76:d5:bf:
95:14:02:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzaGKnDPQlutm79skokGvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTY3ZmNiMGJkYzYwMDFkOGNmNzA3M2M2NDllYjk4MTlm
YzVlYjgwHhcNMjMwMTAyMTY1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODMzMjU4MTdiMGUxNGY1ZmExMzcxNDYxMjUxOTlmNmIyZDI5OGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgubD/T0qUK9sy3Ybsu/3qVgmOcbx
/wG+e9Gp3jeAiP2AkzvdBV+/Ne9jrXFGZsft124I6nN1Lf/ivFPLxCOrTHaMXotX
ItVxVbuXFVJnXAyd+UN+xs3IOCOXvJNLdRpT6j0swY1yN2WJ7TCYfx3SX/Xuf+31
tK8dI6ulxwrvH2BsvfJ60f6eHG9qntqA+zqY3gymofCAZSsYChNJXffrH7bJ7Ogr
GpKPGG/aIocie+4RNsqK2ElZ/n9VOtkcZWgNMm6RxtxQDlX4drjC1jI2vLDaQpeq
DHIymJHXv+LKmc37P5+pyrLGnkxFKm7Ut0PG3TUIcziHcQY3YT36VCZtEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIgzJYF7DhT1+hNxRhJRmfay0pivMB8GA1UdIwQY
MBaAFLnmf8sL3GAB2M9wc8ZJ65gZ/F64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEt
ZmE3MWFlMDVkYzNmLzEvaURNbGdYc09GUFg2RTNGR0VsR1o5ckxTbUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEtZmE3MWFlMDVkYzNm
LzEvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUViwAwQF
1d2AMA0GCSqGSIb3DQEBCwUAA4IBAQABOMrHe16MVh4f1ij2lbCKOj26CnfyDDTV
hu4wGCP8KDo7P3IytiWJDtgzVm+qi67W2vQTGmUDOHcExnKSD/qXHaB3LIZQ57av
3RxNxppN1BFvMcGMeIc+14/oKD03VJxFqgrcSAJHJnkWAvNw/Khs24tz2ua+3muX
oxuKONQEXNjXLQm6GaHv7vyYQpUNOxhHvPhUfdLavN6tl3CLOg/G6/EDz+6Z5c7j
9SPTMLLvfYRbqHZEABhsQMqOGU01c+O2U6EyTOuE8MBeSq4W32cn+1cXlN/40Vul
i7H9LKRn4mFFALNzfOEmsZE8d7TsHBw/nt5NhtwWDB921b+VFAL9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:33 2024 by rpki-client on console-fra.rpki-client.org