Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/07NhZbhfem4_-uH_XGYsgZ8-lGY.roa
File: 07NhZbhfem4_-uH_XGYsgZ8-lGY.roa (raw, json)
Hash identifier: Z+v44ToGDOXazA68W278R5+d2fq6fB8INKuA6PxbFa0=
Subject key identifier: D3:B3:61:65:B8:5F:7A:6E:3F:FA:E1:FF:5C:66:2C:81:9F:3E:94:66
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0194C1B8E1329FFEB45C2FBA2A7002A6B2DB
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/07NhZbhfem4_-uH_XGYsgZ8-lGY.roa
Signing time: Sat 01 Feb 2025 13:35:06 +0000
ROA not before: Sat 01 Feb 2025 13:35:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 07:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c1:b8:e1:32:9f:fe:b4:5c:2f:ba:2a:70:02:a6:b2:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 1 13:35:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3b36165b85f7a6e3ffae1ff5c662c819f3e9466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:8b:eb:47:15:f3:52:1c:3a:c6:08:c9:3f:87:
56:1b:dd:3d:c3:79:4c:3b:4b:f1:a1:e7:11:49:ee:
e4:c4:df:fc:bd:94:b4:fc:65:a1:64:1b:fc:9a:57:
cb:6d:ae:53:82:7b:7a:aa:f7:c6:72:b5:fe:b4:b1:
7e:a4:49:2d:26:07:70:6f:a0:e2:16:56:97:20:7f:
ae:64:94:e1:51:9c:4b:7a:4e:a4:f1:da:52:99:8f:
5a:7e:ba:48:bf:d4:3d:e5:d3:f9:fe:94:85:63:87:
73:e4:6c:15:ec:6e:9f:ed:a4:e7:03:07:a0:5d:9d:
b6:a1:c9:a7:13:07:0c:a2:a4:e2:01:22:08:01:83:
5b:73:fe:ed:5a:6e:65:6a:8c:87:b9:0e:54:b9:66:
13:ac:dc:8d:3d:88:ba:f5:15:da:ff:33:91:fa:87:
01:af:d9:19:59:48:d9:dc:e8:6a:0a:6d:41:c6:73:
73:98:5c:ce:5d:78:5e:dc:c0:00:dd:a9:e3:04:a2:
ef:45:d5:c4:cb:87:ac:f1:7f:22:9e:8a:09:9c:8b:
46:16:f6:f3:28:6c:c9:ec:a8:0b:a8:57:21:aa:86:
d6:06:6f:7a:5e:dc:0b:13:e6:f0:12:ec:35:a8:86:
c1:3d:27:3a:12:bb:81:8c:cb:b0:40:72:bb:aa:a6:
25:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B3:61:65:B8:5F:7A:6E:3F:FA:E1:FF:5C:66:2C:81:9F:3E:94:66
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/07NhZbhfem4_-uH_XGYsgZ8-lGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
78:15:1d:87:dd:65:44:b0:3c:83:f9:19:de:eb:de:c1:d9:99:
78:40:0f:4f:15:50:6f:38:65:73:63:d5:8f:a4:59:7b:8e:df:
12:c5:90:55:62:ae:30:ab:fb:75:39:14:e5:20:48:d8:9b:26:
9a:29:f8:ad:36:be:c0:f9:ec:23:8f:b1:83:b2:22:11:98:be:
cc:44:aa:54:62:de:84:9c:5b:77:3c:b1:bb:30:2c:fd:2c:4c:
60:e2:0f:b6:73:b0:c8:34:fc:03:d1:bf:fa:88:db:30:25:99:
a9:05:ff:85:45:b1:d1:c4:2b:ec:9f:e1:0d:ef:fb:dd:4e:7f:
8c:79:b1:be:35:01:23:fd:34:c5:04:b1:b5:ff:2f:e7:a5:48:
5d:7b:6e:cf:b0:e8:34:3e:e0:0f:66:d7:b2:42:d6:db:d7:20:
9d:77:b4:01:9c:44:ca:96:4b:f8:7e:c1:27:0e:6d:b8:b8:93:
0c:54:3c:df:4e:e1:d0:46:61:b5:7a:af:5a:c7:c5:46:3c:c1:
bf:33:05:78:ff:d9:b4:56:62:d9:81:4d:86:30:ac:77:41:26:
32:06:3e:1f:c6:eb:c5:83:e1:6e:a8:b9:0f:51:29:c0:f1:3d:
0d:c9:4d:32:89:57:91:39:d7:06:93:27:93:0c:61:5f:8d:4d:
1a:cc:c0:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTBuOEyn/60XC+6KnACprLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMjAxMTMzNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2IzNjE2NWI4NWY3YTZlM2ZmYWUxZmY1YzY2MmM4MTlmM2U5NDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ovrRxXzUhw6xgjJP4dWG909w3lM
O0vxoecRSe7kxN/8vZS0/GWhZBv8mlfLba5Tgnt6qvfGcrX+tLF+pEktJgdwb6Di
FlaXIH+uZJThUZxLek6k8dpSmY9afrpIv9Q95dP5/pSFY4dz5GwV7G6f7aTnAweg
XZ22ocmnEwcMoqTiASIIAYNbc/7tWm5laoyHuQ5UuWYTrNyNPYi69RXa/zOR+ocB
r9kZWUjZ3OhqCm1BxnNzmFzOXXhe3MAA3anjBKLvRdXEy4es8X8inooJnItGFvbz
KGzJ7KgLqFchqobWBm96XtwLE+bwEuw1qIbBPSc6EruBjMuwQHK7qqYlUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNOzYWW4X3puP/rh/1xmLIGfPpRmMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMDdOaFpiaGZlbTRfLXVIX1hHWXNnWjgtbEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWJc4AwQC
WNHoMA0GCSqGSIb3DQEBCwUAA4IBAQB4FR2H3WVEsDyD+Rne697B2Zl4QA9PFVBv
OGVzY9WPpFl7jt8SxZBVYq4wq/t1ORTlIEjYmyaaKfitNr7A+ewjj7GDsiIRmL7M
RKpUYt6EnFt3PLG7MCz9LExg4g+2c7DINPwD0b/6iNswJZmpBf+FRbHRxCvsn+EN
7/vdTn+MebG+NQEj/TTFBLG1/y/npUhde27PsOg0PuAPZteyQtbb1yCdd7QBnETK
lkv4fsEnDm24uJMMVDzfTuHQRmG1eq9ax8VGPMG/MwV4/9m0VmLZgU2GMKx3QSYy
Bj4fxuvFg+FuqLkPUSnA8T0NyU0yiVeROdcGkyeTDGFfjU0azMDc
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:11:59 2025 by rpki-client