Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1aP4sJeE51FBMXv00tITiSid6lc.roa
File: 1aP4sJeE51FBMXv00tITiSid6lc.roa (raw, json)
Hash identifier: 8NdryfrXFHoiSUffqQ8Pq7ysV1nmVFgB4B6R6YV1AuY=
Subject key identifier: D5:A3:F8:B0:97:84:E7:51:41:31:7B:F4:D2:D2:13:89:28:9D:EA:57
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019724F17B3A652595D71E5690AC3B8AEF93
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1aP4sJeE51FBMXv00tITiSid6lc.roa
Signing time: Sat 31 May 2025 06:04:54 +0000
ROA not before: Sat 31 May 2025 06:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.198.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Jun 2025 16:39:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:24:f1:7b:3a:65:25:95:d7:1e:56:90:ac:3b:8a:ef:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 31 06:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5a3f8b09784e75141317bf4d2d21389289dea57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6c:9e:a4:ba:36:ee:6f:8d:0f:ac:01:f2:ff:
49:c1:cb:c8:e9:7c:d8:3e:43:73:58:84:cd:41:5a:
fe:4c:54:00:26:4f:a8:83:80:33:42:95:b5:3a:e9:
ee:6b:8d:09:da:3b:cc:53:2b:d1:9d:3d:21:aa:97:
57:f9:b7:07:db:a2:f9:8c:6c:11:e6:a2:c7:0c:fc:
3b:ed:27:4e:7c:50:05:71:e5:07:66:91:bf:c3:e3:
64:e2:6a:cd:76:f3:91:ad:60:57:6a:99:af:0f:e2:
42:bc:2e:4a:67:86:f1:d1:b2:a8:61:cf:00:fe:41:
76:21:09:eb:4a:01:ed:1b:b8:8c:28:63:b9:9e:86:
c2:b2:3c:09:e4:b8:5e:eb:e9:aa:3d:89:6f:6c:d9:
98:2d:68:fb:77:8d:02:70:a1:39:44:be:3f:5f:02:
a3:bc:72:31:03:d8:23:34:b9:34:ba:ae:87:7d:fe:
ee:80:6c:06:cb:5a:b1:5b:38:63:fb:98:76:82:5b:
ae:30:51:51:64:24:da:e7:fa:33:71:cf:f4:53:14:
49:09:87:04:00:fe:49:04:9b:1a:d8:85:f5:93:34:
6a:8f:06:ed:8d:eb:bb:e1:d9:a9:df:4c:28:fa:16:
3b:72:1a:42:d4:f7:b2:4c:03:d8:af:b0:cf:19:cb:
b7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A3:F8:B0:97:84:E7:51:41:31:7B:F4:D2:D2:13:89:28:9D:EA:57
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1aP4sJeE51FBMXv00tITiSid6lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.198.0/24
88.209.201.0/24
88.209.209.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:29:e0:d9:2f:9b:63:76:10:6e:a4:26:05:a7:8f:12:c3:e1:
8d:0d:0c:80:6d:bf:30:c3:20:fc:1d:1e:88:a4:59:f0:50:6a:
fe:c7:24:48:90:27:98:30:d7:46:10:5e:c2:63:c4:13:83:f6:
e5:32:24:e4:bd:65:7c:89:10:59:d5:0e:8d:28:ed:f3:f6:42:
79:4c:81:c0:3d:a4:b4:0d:9b:c0:c9:99:57:d2:d9:0b:1f:3c:
06:e8:79:89:3c:fb:91:dc:11:e9:29:ba:2a:9d:fd:e7:21:32:
8e:25:90:6d:d0:8d:0b:3f:a4:38:5f:8a:fa:e6:47:ce:6d:b6:
90:ae:14:27:18:4e:0a:21:38:a3:a3:18:71:a5:88:ff:74:8e:
bb:90:63:d6:a2:56:10:e9:48:9b:d9:c4:79:e5:8b:a5:b9:36:
4b:ea:3d:a0:d8:01:73:24:5d:28:b9:ad:eb:c3:71:33:cf:0f:
7c:28:16:9e:65:96:38:3e:e9:18:1e:4e:c6:06:01:30:44:d1:
b3:38:41:96:af:85:8e:6d:85:07:5f:18:56:18:0a:f0:dc:e3:
d1:19:eb:8d:1c:bc:39:ec:98:f3:39:17:11:80:0f:2b:fa:d3:
45:54:38:3a:60:59:f8:62:32:66:4a:2e:c0:ac:fe:8f:73:3d:
0f:94:ef:90
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZck8Xs6ZSWV1x5WkKw7iu+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwNTMxMDYwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWEzZjhiMDk3ODRlNzUxNDEzMTdiZjRkMmQyMTM4OTI4OWRlYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGyepLo27m+ND6wB8v9JwcvI6XzY
PkNzWITNQVr+TFQAJk+og4AzQpW1Ounua40J2jvMUyvRnT0hqpdX+bcH26L5jGwR
5qLHDPw77SdOfFAFceUHZpG/w+Nk4mrNdvORrWBXapmvD+JCvC5KZ4bx0bKoYc8A
/kF2IQnrSgHtG7iMKGO5nobCsjwJ5Lhe6+mqPYlvbNmYLWj7d40CcKE5RL4/XwKj
vHIxA9gjNLk0uq6Hff7ugGwGy1qxWzhj+5h2gluuMFFRZCTa5/ozcc/0UxRJCYcE
AP5JBJsa2IX1kzRqjwbtjeu74dmp30wo+hY7chpC1PeyTAPYr7DPGcu3ZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNWj+LCXhOdRQTF79NLSE4konepXMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMWFQNHNKZUU1MUZCTVh2MDB0SVRpU2lkNmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWJc4AwQA
WNHGAwQAWNHJAwQAWNHRAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQA6KeDZL5tj
dhBupCYFp48Sw+GNDQyAbb8wwyD8HR6IpFnwUGr+xyRIkCeYMNdGEF7CY8QTg/bl
MiTkvWV8iRBZ1Q6NKO3z9kJ5TIHAPaS0DZvAyZlX0tkLHzwG6HmJPPuR3BHpKboq
nf3nITKOJZBt0I0LP6Q4X4r65kfObbaQrhQnGE4KITijoxhxpYj/dI67kGPWolYQ
6Uib2cR55YuluTZL6j2g2AFzJF0oua3rw3Ezzw98KBaeZZY4PukYHk7GBgEwRNGz
OEGWr4WObYUHXxhWGArw3OPRGeuNHLw57JjzORcRgA8r+tNFVDg6YFn4YjJmSi7A
rP6Pcz0PlO+Q
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:08:45 2025 by rpki-client