Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/gIMMewW3U8Zhza3mk0V3_69AhaI.roa
File: gIMMewW3U8Zhza3mk0V3_69AhaI.roa (raw, json)
Hash identifier: RM/LDrvXs4goP+iXMFSiOqtzMb8vbskBfvNPXV29eHo=
Subject key identifier: 80:83:0C:7B:05:B7:53:C6:61:CD:AD:E6:93:45:77:FF:AF:40:85:A2
Certificate issuer: /CN=aca77c708af0ba1f81549c9f87089559390167a5
Certificate serial: 0193B199BBB44F764F50086623088F88935F
Authority key identifier: AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/gIMMewW3U8Zhza3mk0V3_69AhaI.roa
Signing time: Tue 10 Dec 2024 17:24:22 +0000
ROA not before: Tue 10 Dec 2024 17:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 88.84.128.0/21 maxlen: 24
88.84.136.0/21 maxlen: 24
88.84.144.0/21 maxlen: 24
88.84.152.0/21 maxlen: 24
89.202.0.0/17 maxlen: 24
193.110.116.0/22 maxlen: 24
217.68.144.0/20 maxlen: 24
217.79.208.0/20 maxlen: 24
2001:4c68::/32 maxlen: 48
2a02:20a8::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b1:99:bb:b4:4f:76:4f:50:08:66:23:08:8f:88:93:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca77c708af0ba1f81549c9f87089559390167a5
Validity
Not Before: Dec 10 17:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80830c7b05b753c661cdade6934577ffaf4085a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0e:49:17:c8:52:0f:3e:7c:af:77:d5:15:e9:
de:b7:89:01:14:58:1b:76:f5:a5:3b:62:0c:2b:ea:
e0:d1:9c:fa:cc:5a:3e:9c:b6:d0:d7:da:24:c9:63:
86:09:49:76:4c:fb:3b:52:1c:40:21:d2:66:26:da:
39:2b:b9:e8:56:11:0c:82:bd:83:c7:43:46:14:1c:
31:dd:f4:d7:17:47:6a:11:ae:24:4a:a8:aa:91:91:
94:85:08:44:f6:58:fd:73:5a:f0:fc:44:3b:1d:ca:
36:fc:c2:51:2d:de:77:f2:82:a1:5f:81:34:0c:60:
38:82:c7:10:96:99:25:89:51:85:53:1c:0b:71:04:
ff:ee:e8:c0:2f:08:1b:b0:30:47:e1:71:04:e0:8b:
45:78:10:60:55:2f:07:50:c9:fc:7f:23:1f:f9:84:
79:07:04:01:57:64:53:86:72:bf:13:e5:c7:09:3b:
01:32:2c:14:18:2c:a0:07:a7:dc:8a:b3:79:8a:d2:
0e:fa:48:49:ac:84:8c:f1:2a:05:36:91:31:51:7c:
77:0b:ef:35:03:d5:00:03:8d:84:f1:12:57:33:08:
06:98:50:50:30:8d:49:05:47:f1:14:f6:fa:b3:28:
11:ec:5a:17:51:b2:bc:91:92:ff:f0:9d:9c:e2:49:
09:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:83:0C:7B:05:B7:53:C6:61:CD:AD:E6:93:45:77:FF:AF:40:85:A2
X509v3 Authority Key Identifier:
keyid:AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/gIMMewW3U8Zhza3mk0V3_69AhaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.128.0/19
89.202.0.0/17
193.110.116.0/22
217.68.144.0/20
217.79.208.0/20
IPv6:
2001:4c68::/32
2a02:20a8::/29
Signature Algorithm: sha256WithRSAEncryption
59:57:79:2f:8c:8b:65:bb:a1:6a:14:c5:17:cf:72:79:16:e4:
d5:df:7f:a7:9e:82:b4:76:dc:c2:87:c9:bc:8c:02:40:2a:08:
d8:97:07:83:bf:3c:64:9b:2f:d1:c1:bb:32:f4:e2:00:85:1c:
5d:0d:46:cb:06:88:73:97:f3:e9:eb:2e:de:c7:fd:f6:6e:b4:
a6:15:6b:10:f3:9c:0f:2c:f1:53:40:de:b6:5c:83:d3:6c:ed:
81:39:d4:76:b3:4b:14:a4:de:d2:75:b3:c4:67:40:bc:03:91:
da:1b:6c:60:38:24:f4:9d:53:2d:52:35:d1:d3:f2:4b:3f:6f:
35:ff:9d:51:4f:fc:ae:1c:40:13:b7:26:20:f4:9d:39:13:27:
ba:da:86:52:08:fa:66:ab:79:89:e6:7d:c8:81:66:a0:62:00:
eb:ac:04:9b:23:24:b1:cf:04:d2:8d:34:f4:6b:d4:5f:bb:8f:
b9:94:c6:8f:7a:8e:c3:16:93:36:cc:4d:d3:d7:91:aa:0c:41:
6a:4e:56:88:e7:13:40:92:c1:cc:ca:f9:56:70:02:7c:75:4f:
9b:61:41:a7:69:b9:83:b9:c8:3a:31:af:fc:5e:38:70:be:7f:
06:8d:f2:1f:7a:fd:99:85:8f:13:c9:5e:46:92:17:c0:27:01:
42:8e:00:1d
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZOxmbu0T3ZPUAhmIwiPiJNfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTc3YzcwOGFmMGJhMWY4MTU0OWM5Zjg3MDg5NTU5Mzkw
MTY3YTUwHhcNMjQxMjEwMTcyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDgzMGM3YjA1Yjc1M2M2NjFjZGFkZTY5MzQ1NzdmZmFmNDA4NWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q5JF8hSDz58r3fVFenet4kBFFgb
dvWlO2IMK+rg0Zz6zFo+nLbQ19okyWOGCUl2TPs7UhxAIdJmJto5K7noVhEMgr2D
x0NGFBwx3fTXF0dqEa4kSqiqkZGUhQhE9lj9c1rw/EQ7Hco2/MJRLd538oKhX4E0
DGA4gscQlpkliVGFUxwLcQT/7ujALwgbsDBH4XEE4ItFeBBgVS8HUMn8fyMf+YR5
BwQBV2RThnK/E+XHCTsBMiwUGCygB6fcirN5itIO+khJrISM8SoFNpExUXx3C+81
A9UAA42E8RJXMwgGmFBQMI1JBUfxFPb6sygR7FoXUbK8kZL/8J2c4kkJPwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFICDDHsFt1PGYc2t5pNFd/+vQIWiMB8GA1UdIwQY
MBaAFKynfHCK8LofgVScn4cIlVk5AWelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktkOGNJcnd1aC1CVkp5Zmh3aVZXVGtCWjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84ZmU3ZDgtMDE3Yi00MWFhLWE5MWYt
MjhiMTllM2ZkNGE2LzEvZ0lNTWV3VzNVOFpoemEzbWswVjNfNjlBaGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84ZmU3ZDgtMDE3Yi00MWFhLWE5MWYtMjhiMTllM2ZkNGE2
LzEvcktkOGNJcnd1aC1CVkp5Zmh3aVZXVGtCWjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQFWFSAAwQH
WcoAAwQCwW50AwQE2USQAwQE2U/QMBQEAgACMA4DBQAgAUxoAwUDKgIgqDANBgkq
hkiG9w0BAQsFAAOCAQEAWVd5L4yLZbuhahTFF89yeRbk1d9/p56CtHbcwofJvIwC
QCoI2JcHg788ZJsv0cG7MvTiAIUcXQ1GywaIc5fz6esu3sf99m60phVrEPOcDyzx
U0DetlyD02ztgTnUdrNLFKTe0nWzxGdAvAOR2htsYDgk9J1TLVI10dPySz9vNf+d
UU/8rhxAE7cmIPSdORMnutqGUgj6Zqt5ieZ9yIFmoGIA66wEmyMksc8E0o009GvU
X7uPuZTGj3qOwxaTNsxN09eRqgxBak5WiOcTQJLBzMr5VnACfHVPm2FBp2m5g7nI
OjGv/F44cL5/Bo3yH3r9mYWPE8leRpIXwCcBQo4AHQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:01:20 2025 by rpki-client