Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/UTXt01U0AMxRuA_qGA26-nuLQY8.roa
File: UTXt01U0AMxRuA_qGA26-nuLQY8.roa (raw, json)
Hash identifier: eY+blmFbgtbI/ACWEKZDMaJjVLmGyKacEfhE1RiKKCc=
Subject key identifier: 51:35:ED:D3:55:34:00:CC:51:B8:0F:EA:18:0D:BA:FA:7B:8B:41:8F
Certificate issuer: /CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Certificate serial: 018CC7954711805168F498F5AE5BFA55A872
Authority key identifier: 32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/UTXt01U0AMxRuA_qGA26-nuLQY8.roa
Signing time: Tue 02 Jan 2024 00:31:38 +0000
ROA not before: Tue 02 Jan 2024 00:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59711
IP address blocks: 88.218.206.0/24 maxlen: 24
2a09:b280:fe00::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 08 Mar 2024 08:31:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:47:11:80:51:68:f4:98:f5:ae:5b:fa:55:a8:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Validity
Not Before: Jan 2 00:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5135edd3553400cc51b80fea180dbafa7b8b418f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b1:57:f8:1d:8c:94:dc:cb:74:02:f6:68:70:
01:97:66:a1:ab:13:bb:53:b5:83:b3:14:b8:2a:c4:
25:43:d2:a3:fe:3a:1a:96:08:7f:f2:0a:24:a2:7e:
16:ce:06:72:d4:8d:38:dc:b7:9b:d5:d3:8e:16:70:
c2:b2:b6:1e:98:75:d4:e1:49:4c:a5:f4:09:a9:dc:
d8:02:2f:7d:31:b8:92:7b:23:9e:84:44:89:c7:f9:
e0:d0:e5:e5:e4:25:a8:bc:35:a1:8f:72:a3:ce:f4:
3e:9b:62:24:55:be:4c:f0:71:b9:b2:07:5b:72:8a:
47:92:08:a3:95:dd:7d:6e:1f:37:4e:ea:a8:20:bb:
74:60:f1:32:7e:c4:6b:9c:88:e1:25:90:bf:ca:df:
18:5c:58:2e:9b:3d:a2:ca:77:37:a4:7d:c9:a0:27:
f4:84:27:0b:eb:76:ef:ed:88:d5:9c:30:a6:8a:e7:
65:b1:88:35:16:19:6b:71:a6:ca:6e:d8:62:12:89:
22:af:81:e2:ec:6a:00:37:41:e6:91:9b:a4:5f:99:
cd:44:1c:4e:3a:2f:07:dd:c2:38:7d:d4:c4:6d:7c:
68:22:6c:da:52:0b:be:c9:10:25:58:da:2d:2b:85:
f3:d1:a0:15:46:b7:5b:1a:a6:54:0d:8d:7c:a3:02:
00:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:35:ED:D3:55:34:00:CC:51:B8:0F:EA:18:0D:BA:FA:7B:8B:41:8F
X509v3 Authority Key Identifier:
keyid:32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/UTXt01U0AMxRuA_qGA26-nuLQY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/MlCPt4HKbb2CIfLC-VSjp0RrK0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.206.0/24
IPv6:
2a09:b280:fe00::/48
Signature Algorithm: sha256WithRSAEncryption
00:71:6c:5a:90:65:38:16:e9:ba:4f:b0:63:bf:dc:45:cb:d8:
8f:2b:6f:4e:32:f4:f8:d0:7b:e1:fd:9c:80:bf:ef:ad:6a:1c:
49:79:ce:83:37:30:67:b9:77:ae:f9:f7:31:11:82:7c:1e:83:
7d:61:7e:13:4c:e1:53:7a:24:20:c4:dc:df:14:d2:70:90:fb:
dc:f8:0f:1a:5e:06:ce:ec:d0:48:af:62:e1:c8:15:f4:e1:d6:
57:73:1c:f9:0e:9a:39:e3:69:14:c9:c3:07:6a:d5:e6:12:b3:
a1:bb:fa:7b:10:4a:5d:ea:3c:0c:79:13:88:f8:71:70:a6:f6:
11:c4:ad:26:99:8f:74:98:a7:82:e6:c0:52:85:94:57:5a:ee:
42:17:52:1c:06:1d:dd:b1:0b:99:a3:c6:ec:51:93:e6:3b:6a:
30:65:02:6d:95:4b:f8:61:f2:03:ab:47:36:26:61:61:89:4c:
b9:54:7a:f0:8a:97:24:71:6b:0c:e0:b3:f7:45:65:8b:1e:ed:
01:a2:64:27:75:e4:16:64:7f:89:51:2a:de:6b:19:4c:8f:87:
b8:45:03:17:20:bd:4f:dd:89:75:79:fd:90:2a:83:76:07:7c:
c3:f8:1c:01:fe:d1:4d:9f:52:6e:7d:04:8e:33:98:22:4d:31:
f3:24:63:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHlUcRgFFo9Jj1rlv6VahyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA4ZmI3ODFjYTZkYmQ4MjIxZjJjMmY5NTRhM2E3NDQ2
YjJiNDIwHhcNMjQwMTAyMDAzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTM1ZWRkMzU1MzQwMGNjNTFiODBmZWExODBkYmFmYTdiOGI0MThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrFX+B2MlNzLdAL2aHABl2ahqxO7
U7WDsxS4KsQlQ9Kj/joalgh/8gokon4WzgZy1I043Leb1dOOFnDCsrYemHXU4UlM
pfQJqdzYAi99MbiSeyOehESJx/ng0OXl5CWovDWhj3KjzvQ+m2IkVb5M8HG5sgdb
copHkgijld19bh83TuqoILt0YPEyfsRrnIjhJZC/yt8YXFgumz2iync3pH3JoCf0
hCcL63bv7YjVnDCmiudlsYg1FhlrcabKbthiEokir4Hi7GoAN0HmkZukX5nNRBxO
Oi8H3cI4fdTEbXxoImzaUgu+yRAlWNotK4Xz0aAVRrdbGqZUDY18owIAbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFE17dNVNADMUbgP6hgNuvp7i0GPMB8GA1UdIwQY
MBaAFDJQj7eBym29giHywvlUo6dEaytCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDkt
YzEyMjE4NzY1MTU0LzEvVVRYdDAxVTBBTXhSdUFfcUdBMjYtbnVMUVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDktYzEyMjE4NzY1MTU0
LzEvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWNrOMA8E
AgACMAkDBwAqCbKA/gAwDQYJKoZIhvcNAQELBQADggEBAABxbFqQZTgW6bpPsGO/
3EXL2I8rb04y9PjQe+H9nIC/761qHEl5zoM3MGe5d6759zERgnweg31hfhNM4VN6
JCDE3N8U0nCQ+9z4DxpeBs7s0EivYuHIFfTh1ldzHPkOmjnjaRTJwwdq1eYSs6G7
+nsQSl3qPAx5E4j4cXCm9hHErSaZj3SYp4LmwFKFlFda7kIXUhwGHd2xC5mjxuxR
k+Y7ajBlAm2VS/hh8gOrRzYmYWGJTLlUevCKlyRxawzgs/dFZYse7QGiZCd15BZk
f4lRKt5rGUyPh7hFAxcgvU/diXV5/ZAqg3YHfMP4HAH+0U2fUm59BI4zmCJNMfMk
Y38=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:33 2025 by rpki-client