Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/spBm7jvxg35uuEvkSoplPgnK4jA.roa
File: spBm7jvxg35uuEvkSoplPgnK4jA.roa (raw, json)
Hash identifier: LpQkAbNV5ucU8pjyeAWRHKwSIkJ/xw+A0FuJDb+tl3w=
Subject key identifier: B2:90:66:EE:3B:F1:83:7E:6E:B8:4B:E4:4A:8A:65:3E:09:CA:E2:30
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 018FD9E09E7D082EF6AD017799726052B145
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/spBm7jvxg35uuEvkSoplPgnK4jA.roa
Signing time: Sun 02 Jun 2024 16:55:27 +0000
ROA not before: Sun 02 Jun 2024 16:55:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51809
IP address blocks: 88.97.160.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d9:e0:9e:7d:08:2e:f6:ad:01:77:99:72:60:52:b1:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Jun 2 16:55:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b29066ee3bf1837e6eb84be44a8a653e09cae230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4a:42:7c:a6:e5:3e:c1:c5:30:7a:b2:5e:10:
d5:96:1d:2b:c1:18:8d:ac:9f:ef:1e:1b:d3:9c:f0:
d5:25:c0:d5:62:66:5b:ad:2a:65:c0:31:0e:03:dc:
60:0f:26:2d:2d:d9:21:51:b0:65:82:2b:b3:2a:8a:
02:5b:64:38:01:c3:27:74:f9:e4:53:43:36:fe:f7:
91:ee:1a:96:82:9b:82:d0:7e:70:59:6b:fc:70:e7:
0b:84:d5:21:4f:0a:97:26:dc:0c:fd:70:d8:c7:43:
b7:7a:91:d6:3d:10:ff:92:f7:ae:3f:8e:c8:1e:b5:
4b:3b:0f:85:d6:09:df:5b:d5:d4:5e:92:cf:d0:aa:
1b:c8:45:a0:13:9f:27:b4:29:3c:2b:be:e8:d2:63:
27:ab:98:fb:b4:1b:96:dc:db:43:bc:79:05:78:84:
15:33:97:da:86:9b:2e:1d:ae:5c:1c:b6:c6:6d:9d:
28:3e:52:2e:9f:f7:21:e8:ba:a3:e2:a8:c9:01:ce:
ec:73:99:67:77:0d:0c:8f:0c:3d:1b:b9:d2:72:30:
94:65:78:6d:67:04:ad:f9:74:f6:67:f3:ca:96:57:
95:de:25:92:fb:a0:e7:93:71:51:79:a0:c2:97:76:
2c:91:3a:79:35:86:7b:e3:85:a4:de:ee:c9:d5:bb:
61:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:90:66:EE:3B:F1:83:7E:6E:B8:4B:E4:4A:8A:65:3E:09:CA:E2:30
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/spBm7jvxg35uuEvkSoplPgnK4jA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.97.160.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:86:6b:d7:63:2c:00:a2:fe:34:8c:86:ea:b7:df:3e:d4:46:
0b:10:6d:87:cd:1a:80:d9:a7:8b:74:6e:29:cc:2f:b3:19:d4:
c8:09:b3:52:14:00:ca:48:a1:24:9c:03:ef:12:ee:02:7a:61:
7f:8c:8a:18:26:8d:31:0d:ce:a6:dc:9e:f9:16:90:f5:67:0e:
ec:d6:97:6b:9e:28:7d:0b:21:80:7e:4c:e1:95:48:9f:69:42:
4b:2f:23:e9:ea:11:d0:28:10:14:a5:a0:ef:9b:49:bc:5b:0a:
04:07:97:55:f1:d0:1b:6f:76:d1:4e:30:7f:0c:34:12:ee:4a:
2b:7a:89:e6:80:70:aa:2c:f8:e8:0c:47:a2:55:b4:a1:f7:b5:
c1:70:2b:31:7e:35:81:85:d8:3a:97:5d:67:17:00:8e:45:11:
9f:d2:c2:79:30:f2:fe:7b:3a:4f:48:e5:c5:57:24:42:af:7b:
4b:c9:b2:f0:f8:e8:5e:25:04:6d:c7:dd:17:3b:5b:51:2e:06:
e9:84:6d:6f:bb:4e:82:9f:03:81:d2:f4:f8:a6:e1:f8:15:82:
73:da:57:f3:78:6b:c6:5f:0e:9d:25:d0:a3:d8:d5:cc:ab:33:
db:32:bc:54:e3:e0:0a:3e:82:bb:e0:ce:27:61:54:2f:5e:44:
98:63:8f:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/Z4J59CC72rQF3mXJgUrFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjQwNjAyMTY1NTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjkwNjZlZTNiZjE4MzdlNmViODRiZTQ0YThhNjUzZTA5Y2FlMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEpCfKblPsHFMHqyXhDVlh0rwRiN
rJ/vHhvTnPDVJcDVYmZbrSplwDEOA9xgDyYtLdkhUbBlgiuzKooCW2Q4AcMndPnk
U0M2/veR7hqWgpuC0H5wWWv8cOcLhNUhTwqXJtwM/XDYx0O3epHWPRD/kveuP47I
HrVLOw+F1gnfW9XUXpLP0KobyEWgE58ntCk8K77o0mMnq5j7tBuW3NtDvHkFeIQV
M5fahpsuHa5cHLbGbZ0oPlIun/ch6Lqj4qjJAc7sc5lndw0Mjww9G7nScjCUZXht
ZwSt+XT2Z/PKlleV3iWS+6Dnk3FReaDCl3YskTp5NYZ744Wk3u7J1bthQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKQZu478YN+brhL5EqKZT4JyuIwMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvc3BCbTdqdnhnMzV1dUV2a1NvcGxQZ25LNGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWGGgMA0G
CSqGSIb3DQEBCwUAA4IBAQAPhmvXYywAov40jIbqt98+1EYLEG2HzRqA2aeLdG4p
zC+zGdTICbNSFADKSKEknAPvEu4CemF/jIoYJo0xDc6m3J75FpD1Zw7s1pdrnih9
CyGAfkzhlUifaUJLLyPp6hHQKBAUpaDvm0m8WwoEB5dV8dAbb3bRTjB/DDQS7kor
eonmgHCqLPjoDEeiVbSh97XBcCsxfjWBhdg6l11nFwCORRGf0sJ5MPL+ezpPSOXF
VyRCr3tLybLw+OheJQRtx90XO1tRLgbphG1vu06CnwOB0vT4puH4FYJz2lfzeGvG
Xw6dJdCj2NXMqzPbMrxU4+AKPoK74M4nYVQvXkSYY4/y
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:58:14 2025 by rpki-client