Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1-m6HyTCfRuqYsNDokOpb4_6b1sw.roa
File: 1-m6HyTCfRuqYsNDokOpb4_6b1sw.roa (raw, json)
Hash identifier: 29+kuFzrAOWys07iteH7lahp//l9K2qkqNfV+4VrgsA=
Subject key identifier: FA:6E:87:C9:30:9F:46:EA:98:B0:D0:E8:90:EA:5B:E3:FE:9B:D6:CC
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01955AF2DB6B2EA22C5A597ECBF751E9E6E4
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1-m6HyTCfRuqYsNDokOpb4_6b1sw.roa
Signing time: Mon 03 Mar 2025 07:40:20 +0000
ROA not before: Mon 03 Mar 2025 07:40:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.221.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Mar 2025 10:18:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5a:f2:db:6b:2e:a2:2c:5a:59:7e:cb:f7:51:e9:e6:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 3 07:40:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa6e87c9309f46ea98b0d0e890ea5be3fe9bd6cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:46:05:9f:80:a3:0f:7c:33:6f:e6:42:c9:19:
59:57:2d:d2:57:09:55:ab:e6:1d:99:c5:89:34:1f:
b8:93:db:e2:8a:66:2e:b9:eb:1f:9c:4d:e5:99:1a:
7c:02:00:57:92:1f:a5:94:dc:af:cb:f3:90:e4:7c:
a7:e3:f4:63:4a:6e:36:99:5e:02:82:2a:8a:ff:7a:
90:85:5e:c5:9b:fa:46:a3:f5:87:1b:50:d1:93:66:
2a:c3:f3:aa:96:5d:c7:6c:97:7f:f3:33:16:00:41:
01:60:9d:3e:c8:2a:48:5f:df:8f:0f:70:73:9a:da:
0e:7b:25:b4:81:e8:43:4b:31:60:48:9a:ea:ef:c5:
e5:8f:be:dd:6e:58:50:ea:1b:8d:b3:20:5f:41:37:
44:3a:39:75:c1:4c:2d:d3:3c:de:27:fd:6c:96:e0:
74:4c:d1:13:7b:c5:fc:56:1a:81:f3:11:e7:6b:2a:
e9:62:ac:54:76:e8:3c:b3:f9:8a:1c:82:2c:75:78:
cb:78:40:18:fa:0c:f5:e7:df:8d:59:13:8f:bb:ae:
21:0c:63:3f:20:31:11:7b:39:5a:6e:ef:46:6a:52:
04:f1:2b:48:30:c2:2e:33:6b:d3:2b:c5:c3:80:fe:
5a:09:2d:f5:85:fe:c7:ae:b7:d7:0b:f3:6f:3a:b7:
d6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6E:87:C9:30:9F:46:EA:98:B0:D0:E8:90:EA:5B:E3:FE:9B:D6:CC
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1-m6HyTCfRuqYsNDokOpb4_6b1sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.221.0/24
88.209.224.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
91:95:e3:5e:94:44:b1:5b:13:05:c5:ae:c0:ad:84:bb:fb:97:
67:50:85:34:47:63:3e:c7:d6:dd:76:81:9e:03:71:82:44:5b:
68:4f:bb:b8:aa:3e:69:99:5b:f0:df:72:08:30:29:7e:34:f2:
d9:16:a4:1d:07:d4:9e:4f:f0:23:b2:46:d3:89:5e:fa:09:65:
16:e6:36:e2:d4:44:db:11:7e:d6:17:1d:c7:75:83:8a:13:50:
b9:40:8d:87:91:74:49:50:f5:06:91:00:11:aa:2c:d3:9b:8f:
2b:d3:ff:ad:23:11:30:1a:1f:51:1d:9c:ca:21:7f:3f:92:25:
3d:74:fd:00:29:ac:73:1d:f5:ab:ed:1c:75:33:c1:95:f3:cd:
f5:7d:fc:8e:0a:af:f5:2a:e8:c3:f5:a0:1a:d7:1e:ef:ab:f0:
92:2d:41:af:65:bb:9c:8e:52:3b:df:95:84:45:b5:2c:36:9d:
ed:8f:5a:9b:ac:6f:b0:d1:5e:c3:ee:3e:81:60:4b:ca:7e:ff:
28:e1:a6:89:09:e6:2a:e0:4b:71:c0:a5:89:68:2f:9a:a9:1f:
34:31:40:41:cb:17:d7:33:d2:dd:f8:03:c2:63:6d:09:e2:33:
bd:c1:4d:d7:4f:67:f2:27:2e:e7:ac:0b:fe:8f:38:61:f8:7b:
0c:a9:3f:6d
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZVa8ttrLqIsWll+y/dR6ebkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMzAzMDc0MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTZlODdjOTMwOWY0NmVhOThiMGQwZTg5MGVhNWJlM2ZlOWJkNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUYFn4CjD3wzb+ZCyRlZVy3SVwlV
q+YdmcWJNB+4k9viimYuuesfnE3lmRp8AgBXkh+llNyvy/OQ5Hyn4/RjSm42mV4C
giqK/3qQhV7Fm/pGo/WHG1DRk2Yqw/Oqll3HbJd/8zMWAEEBYJ0+yCpIX9+PD3Bz
mtoOeyW0gehDSzFgSJrq78Xlj77dblhQ6huNsyBfQTdEOjl1wUwt0zzeJ/1sluB0
TNETe8X8VhqB8xHnayrpYqxUdug8s/mKHIIsdXjLeEAY+gz159+NWROPu64hDGM/
IDERezlabu9GalIE8StIMMIuM2vTK8XDgP5aCS31hf7HrrfXC/NvOrfW0wIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPpuh8kwn0bqmLDQ6JDqW+P+m9bMMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMS1tNkh5VENmUnVxWXNORG9rT3BiNF82YjFzdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGQvNTg5MTI3LTEwOTYtNGM5MS05NmNjLTdlNGQ2ZjZmNmU2
Ni8xL3phcWc0SUkyQTJDczJqUjJaT3VERk9zUjJoQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAViXOAME
AFjR3QMEAFjR4AMEAljR6DANBgkqhkiG9w0BAQsFAAOCAQEAkZXjXpREsVsTBcWu
wK2Eu/uXZ1CFNEdjPsfW3XaBngNxgkRbaE+7uKo+aZlb8N9yCDApfjTy2RakHQfU
nk/wI7JG04le+gllFuY24tRE2xF+1hcdx3WDihNQuUCNh5F0SVD1BpEAEaos05uP
K9P/rSMRMBofUR2cyiF/P5IlPXT9ACmscx31q+0cdTPBlfPN9X38jgqv9Srow/Wg
Gtce76vwki1Br2W7nI5SO9+VhEW1LDad7Y9am6xvsNFew+4+gWBLyn7/KOGmiQnm
KuBLccCliWgvmqkfNDFAQcsX1zPS3fgDwmNtCeIzvcFN109n8icu56wL/o84Yfh7
DKk/bQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:13:48 2025 by rpki-client