Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/gBgUYtn7MPqhpW_asqKpQJnG5pw.roa
File: gBgUYtn7MPqhpW_asqKpQJnG5pw.roa (raw, json)
Hash identifier: WgAQl3OWK6ZEWYMYBwFATK7CsU9gFHrIMYiFHupqYZk=
Subject key identifier: 80:18:14:62:D9:FB:30:FA:A1:A5:6F:DA:B2:A2:A9:40:99:C6:E6:9C
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 018EBEA4C25D189E2ED6AD2D761F5913C4DA
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/gBgUYtn7MPqhpW_asqKpQJnG5pw.roa
Signing time: Mon 08 Apr 2024 16:57:32 +0000
ROA not before: Mon 08 Apr 2024 16:57:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212655
IP address blocks: 88.97.192.0/21 maxlen: 21
88.97.200.0/21 maxlen: 21
88.97.208.0/21 maxlen: 21
88.97.216.0/21 maxlen: 21
88.97.224.0/21 maxlen: 21
88.97.232.0/21 maxlen: 21
88.97.240.0/21 maxlen: 21
88.97.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 10 Apr 2024 12:41:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:a4:c2:5d:18:9e:2e:d6:ad:2d:76:1f:59:13:c4:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Apr 8 16:57:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80181462d9fb30faa1a56fdab2a2a94099c6e69c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f4:b4:3e:1a:ac:d9:b0:41:87:f5:dd:e6:1a:
6d:57:13:1e:ac:5b:6a:fb:af:d6:05:5e:d3:53:02:
59:4b:58:b4:71:d9:91:d8:14:ba:34:c2:7b:f1:94:
cc:a0:65:6d:5b:82:e6:c8:1a:6f:7a:2e:0d:22:28:
ae:7b:e5:95:7c:01:5a:f3:11:75:f5:9b:be:2a:86:
c6:28:7e:29:1b:d2:e5:77:22:a0:a2:00:35:b6:45:
1e:1f:6e:07:ca:4b:4f:c2:84:97:d4:df:27:6b:bd:
a6:41:fa:1c:40:00:2b:11:b4:f4:c7:1d:28:78:bf:
8d:6c:69:37:7c:b0:90:39:63:57:15:c3:a4:b0:f5:
40:4d:3a:3a:06:c3:4b:a8:0e:21:4d:a6:5f:b9:87:
4b:61:9a:7b:6e:48:0e:81:f7:ea:f7:2c:98:ce:2b:
a6:46:eb:17:3a:32:98:b3:51:ad:bc:07:91:41:a0:
97:3c:e1:e0:17:ab:87:45:7d:fe:e7:6e:fc:b2:01:
3d:e1:85:05:96:96:35:71:82:fa:ad:ed:28:cf:23:
c1:3c:51:1e:7d:78:f1:30:ba:42:58:72:b3:e4:3b:
d5:0e:52:5c:11:97:72:ac:44:62:e8:c6:09:3c:4c:
38:d9:95:bc:1d:e2:06:ae:64:c5:50:cd:1c:45:d5:
36:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:18:14:62:D9:FB:30:FA:A1:A5:6F:DA:B2:A2:A9:40:99:C6:E6:9C
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/gBgUYtn7MPqhpW_asqKpQJnG5pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.97.192.0/18
Signature Algorithm: sha256WithRSAEncryption
06:5e:a6:80:d4:c7:a5:ee:91:ce:5e:a1:04:2c:bd:62:9f:75:
99:4d:9c:9b:4c:8b:f3:de:fc:5a:74:d4:31:a7:02:8a:51:fe:
cb:16:ad:3f:b4:31:3c:67:02:15:2a:a9:3a:43:c4:4f:38:25:
67:1e:1d:40:bf:f0:d3:62:b3:3d:97:9e:0d:45:84:c1:00:7d:
9f:b5:87:8c:8d:07:d1:0f:09:09:06:86:77:e6:2b:f2:aa:f8:
29:0f:0b:02:78:f8:6e:e0:0d:d4:4c:6c:31:79:84:37:a8:f5:
81:ce:fc:e0:c5:f8:7d:bf:82:fc:b1:e7:9f:04:fd:6a:d5:9c:
3e:47:c6:88:d7:ea:35:0c:61:42:ec:e9:bf:1c:66:6a:1e:a8:
46:99:1d:8b:9b:85:40:b9:ee:41:e8:8c:c9:ce:c8:6e:5c:28:
9c:36:84:eb:ab:1d:03:8f:47:25:40:19:da:92:11:9e:e1:9f:
be:64:b4:c6:55:f0:88:97:d6:3e:a6:51:f1:74:42:43:1c:24:
79:c6:1b:62:08:ce:19:f6:6b:65:6e:d3:f4:ef:18:05:66:36:
2d:2d:e0:eb:eb:67:9a:79:9f:56:c7:5f:0f:de:91:f0:70:43:
8f:1d:64:7a:a5:bd:a3:b1:77:16:fb:8f:0e:6d:9c:8a:0b:cc:
d8:ad:be:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6+pMJdGJ4u1q0tdh9ZE8TaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjQwNDA4MTY1NzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDE4MTQ2MmQ5ZmIzMGZhYTFhNTZmZGFiMmEyYTk0MDk5YzZlNjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/S0Phqs2bBBh/Xd5hptVxMerFtq
+6/WBV7TUwJZS1i0cdmR2BS6NMJ78ZTMoGVtW4LmyBpvei4NIiiue+WVfAFa8xF1
9Zu+KobGKH4pG9LldyKgogA1tkUeH24HyktPwoSX1N8na72mQfocQAArEbT0xx0o
eL+NbGk3fLCQOWNXFcOksPVATTo6BsNLqA4hTaZfuYdLYZp7bkgOgffq9yyYzium
RusXOjKYs1GtvAeRQaCXPOHgF6uHRX3+5278sgE94YUFlpY1cYL6re0ozyPBPFEe
fXjxMLpCWHKz5DvVDlJcEZdyrERi6MYJPEw42ZW8HeIGrmTFUM0cRdU2iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAYFGLZ+zD6oaVv2rKiqUCZxuacMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvZ0JnVVl0bjdNUHFocFdfYXNxS3BRSm5HNXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGWGHAMA0G
CSqGSIb3DQEBCwUAA4IBAQAGXqaA1Mel7pHOXqEELL1in3WZTZybTIvz3vxadNQx
pwKKUf7LFq0/tDE8ZwIVKqk6Q8RPOCVnHh1Av/DTYrM9l54NRYTBAH2ftYeMjQfR
DwkJBoZ35ivyqvgpDwsCePhu4A3UTGwxeYQ3qPWBzvzgxfh9v4L8seefBP1q1Zw+
R8aI1+o1DGFC7Om/HGZqHqhGmR2Lm4VAue5B6IzJzshuXCicNoTrqx0Dj0clQBna
khGe4Z++ZLTGVfCIl9Y+plHxdEJDHCR5xhtiCM4Z9mtlbtP07xgFZjYtLeDr62ea
eZ9Wx18P3pHwcEOPHWR6pb2jsXcW+48ObZyKC8zYrb7d
-----END CERTIFICATE-----
Generated at Wed Apr 10 16:53:39 2024 by rpki-client on console-fra.rpki-client.org