Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/I231clQ5T07VgbvQ93y0WHBOh-M.roa
File: I231clQ5T07VgbvQ93y0WHBOh-M.roa (raw, json)
Hash identifier: sY0obapGmyrBxwxaYggZJY2gFuUiSIioe5ZLZ4suedA=
Subject key identifier: 23:6D:F5:72:54:39:4F:4E:D5:81:BB:D0:F7:7C:B4:58:70:4E:87:E3
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 01857283593D4675B19329DDA5A171A0B9FF
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/I231clQ5T07VgbvQ93y0WHBOh-M.roa
Signing time: Mon 02 Jan 2023 12:44:48 +0000
ROA not before: Mon 02 Jan 2023 12:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8849
IP address blocks: 88.210.36.0/23 maxlen: 24
2a06:f902:4000::/36 maxlen: 36
2a06:f901:4000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:59:3d:46:75:b1:93:29:dd:a5:a1:71:a0:b9:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Jan 2 12:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=236df57254394f4ed581bbd0f77cb458704e87e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7b:2a:55:68:fc:7d:b6:a9:12:ee:f9:c8:6d:
94:16:e9:59:25:40:e1:c2:a9:de:3b:cc:06:7d:b5:
bf:77:05:aa:ca:1f:67:55:b7:70:97:ef:45:97:2e:
83:e6:82:88:e9:2a:b9:ad:8a:f1:c2:43:4c:63:64:
88:61:35:19:ee:37:d9:09:7f:04:02:ee:82:14:e0:
0f:4b:25:ec:6c:8b:b2:60:fb:3a:bd:3b:62:74:06:
e5:59:f1:17:2b:36:8b:50:f8:10:4c:07:2b:5a:0b:
4a:03:19:ce:e1:a0:35:99:3e:a8:2a:d0:3f:72:bc:
17:ba:88:3b:68:aa:d5:a8:f9:8e:b6:62:64:90:de:
40:53:53:f3:fe:24:00:01:65:47:db:50:79:59:89:
3e:b2:ee:87:c7:18:c3:b9:8e:35:49:fa:68:b4:b5:
9c:74:5c:1b:07:60:ad:a9:81:8c:77:57:87:ca:51:
a3:ec:cb:9e:9c:24:4d:71:1d:e1:90:f4:ee:2c:fe:
a0:6e:f6:c6:91:a4:af:dc:75:62:03:42:18:33:03:
2d:2f:1f:e0:ac:65:97:91:14:6f:0d:ec:3f:52:bd:
d8:9a:27:8c:99:ab:56:2e:c4:4a:62:cd:71:a2:71:
0e:4c:c1:8d:57:69:d8:5e:c0:18:03:c1:b4:fb:0d:
ee:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:6D:F5:72:54:39:4F:4E:D5:81:BB:D0:F7:7C:B4:58:70:4E:87:E3
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/I231clQ5T07VgbvQ93y0WHBOh-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.210.36.0/23
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
Signature Algorithm: sha256WithRSAEncryption
75:e0:c9:7b:a1:04:ba:a9:ca:db:4b:0e:90:24:6f:a9:5f:c8:
e4:a8:78:0a:bd:c8:c5:c5:09:75:a6:df:16:d1:26:fa:8c:be:
7a:6a:c8:19:98:58:86:0a:a3:31:86:84:93:c3:ab:c9:3c:50:
2c:c7:b6:e7:cc:a0:17:5a:56:63:ff:b6:e3:88:f4:44:b0:52:
0f:2d:62:21:f4:66:ee:ca:30:b5:63:ee:e0:7c:38:b0:e2:70:
1d:11:29:cd:29:a1:09:f5:97:44:43:7a:03:61:ee:e1:3d:0d:
b4:97:9d:74:39:f1:28:3c:d0:ec:3e:6d:68:25:a3:a3:9f:08:
04:3b:63:08:8d:77:27:97:68:e7:9a:f7:1b:f3:43:45:59:37:
fa:29:82:7d:d9:e9:1e:78:3e:2c:f7:2e:c5:94:b8:0f:b3:ad:
10:ba:a8:08:dc:53:1f:f5:1a:c9:02:a9:b1:ec:43:be:ae:8c:
8e:21:b3:22:4d:ed:f4:3c:f9:b9:dd:86:6a:e5:40:8e:fd:c2:
3c:e8:c5:1b:4d:7a:10:74:7f:68:e7:f5:f1:2f:d7:1f:6b:05:
60:b7:2e:29:a2:c1:f0:82:58:59:b5:f5:c2:5a:e9:55:db:d5:
1c:e2:5d:b4:a1:99:2a:8f:00:b2:e5:1f:b8:a5:86:ec:70:58:
31:a8:91:81
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVyg1k9RnWxkyndpaFxoLn/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjMwMTAyMTI0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzZkZjU3MjU0Mzk0ZjRlZDU4MWJiZDBmNzdjYjQ1ODcwNGU4N2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnsqVWj8fbapEu75yG2UFulZJUDh
wqneO8wGfbW/dwWqyh9nVbdwl+9Fly6D5oKI6Sq5rYrxwkNMY2SIYTUZ7jfZCX8E
Au6CFOAPSyXsbIuyYPs6vTtidAblWfEXKzaLUPgQTAcrWgtKAxnO4aA1mT6oKtA/
crwXuog7aKrVqPmOtmJkkN5AU1Pz/iQAAWVH21B5WYk+su6HxxjDuY41SfpotLWc
dFwbB2CtqYGMd1eHylGj7MuenCRNcR3hkPTuLP6gbvbGkaSv3HViA0IYMwMtLx/g
rGWXkRRvDew/Ur3YmieMmatWLsRKYs1xonEOTMGNV2nYXsAYA8G0+w3udwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCNt9XJUOU9O1YG70Pd8tFhwTofjMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvSTIzMWNsUTVUMDdWZ2J2UTkzeTBXSEJPaC1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAMBAIAATAGAwQBWNIkMCYE
AgACMCADBgQqBvkBQAMGBCoG+QGAAwYEKgb5AcADBgQqBvkCQDANBgkqhkiG9w0B
AQsFAAOCAQEAdeDJe6EEuqnK20sOkCRvqV/I5Kh4Cr3IxcUJdabfFtEm+oy+emrI
GZhYhgqjMYaEk8OryTxQLMe258ygF1pWY/+244j0RLBSDy1iIfRm7sowtWPu4Hw4
sOJwHREpzSmhCfWXREN6A2Hu4T0NtJeddDnxKDzQ7D5taCWjo58IBDtjCI13J5do
55r3G/NDRVk3+imCfdnpHng+LPcuxZS4D7OtELqoCNxTH/UayQKpsexDvq6MjiGz
Ik3t9Dz5ud2GauVAjv3CPOjFG016EHR/aOf18S/XH2sFYLcuKaLB8IJYWbX1wlrp
VdvVHOJdtKGZKo8AsuUfuKWG7HBYMaiRgQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:11 2023 by rpki-client on console-fra.rpki-client.org