Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1ky95pRFYHqNUVzXaaPAmaMHO_A.roa
File: 1ky95pRFYHqNUVzXaaPAmaMHO_A.roa (raw, json)
Hash identifier: lv1bQM83Guac0H4OmqQ7CCfpAcsiveIxacxmWg9J+78=
Subject key identifier: D6:4C:BD:E6:94:45:60:7A:8D:51:5C:D7:69:A3:C0:99:A3:07:3B:F0
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018AD1F2D5BC7F668BDB64576FFE5DD65277
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1ky95pRFYHqNUVzXaaPAmaMHO_A.roa
Signing time: Tue 26 Sep 2023 14:44:27 +0000
ROA not before: Tue 26 Sep 2023 14:44:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.253.0/24 maxlen: 24
178.210.228.0/24 maxlen: 24
77.242.150.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.62.0/24 maxlen: 24
5.182.113.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:f2:d5:bc:7f:66:8b:db:64:57:6f:fe:5d:d6:52:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 26 14:44:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d64cbde69445607a8d515cd769a3c099a3073bf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:79:0a:3a:f4:60:18:60:11:2e:a7:49:30:0f:
80:78:20:23:6e:2a:3b:b7:51:3b:af:de:3d:ab:89:
21:a4:04:97:c5:09:c8:9d:69:91:9f:bc:8d:c4:48:
cf:d3:ab:94:9d:e5:fd:f0:87:25:c8:ca:3c:e2:63:
7a:0c:d7:d8:86:29:bf:a5:50:5d:cb:97:c3:3a:30:
54:10:cf:55:f8:65:37:5a:da:b6:f4:2d:7d:17:f0:
aa:4f:62:53:c6:54:98:5c:03:9c:ef:f1:a5:e9:b2:
b1:72:cf:eb:17:a1:24:58:e1:32:c0:fe:8c:44:02:
d0:3f:ee:84:b7:96:60:ef:2f:2e:10:39:eb:31:64:
8e:61:e8:ed:8e:94:36:0e:79:b3:99:4a:d5:ac:13:
99:b8:0a:ad:c3:35:3a:49:bf:ee:b8:27:0a:91:4c:
d3:9c:60:99:c9:f2:65:6b:6c:cf:66:94:bb:29:5e:
ed:34:ad:2a:f5:6b:0b:b7:54:a8:72:b8:30:68:dc:
4f:5b:8f:da:7a:3a:14:08:1c:e3:51:04:7b:09:49:
ea:08:5b:58:9b:f1:d1:bf:64:fc:c2:46:02:ec:b0:
cf:7e:75:c7:a6:cd:7c:5a:84:1c:95:0c:c0:60:04:
c1:aa:b4:6c:fe:48:52:cf:56:bd:f0:c5:bf:01:e4:
4d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:4C:BD:E6:94:45:60:7A:8D:51:5C:D7:69:A3:C0:99:A3:07:3B:F0
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1ky95pRFYHqNUVzXaaPAmaMHO_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.113.0/24
77.242.150.0/24
88.151.56.0/23
88.151.62.0/24
88.209.211.0/24
88.209.217.0/24
88.209.253.0/24
178.210.228.0/24
Signature Algorithm: sha256WithRSAEncryption
56:fd:ef:a9:85:eb:ec:1b:dc:6a:87:cf:51:68:ca:02:64:27:
bd:02:1b:53:ce:3f:67:f0:c3:35:a1:31:7a:f8:8a:fd:a5:35:
75:f1:8d:8b:c5:05:57:0b:1c:94:af:4a:82:7a:a8:a2:73:fd:
fe:43:b7:0a:c8:05:a2:0b:c6:38:1c:07:0a:96:68:86:6d:bc:
bb:5e:85:ec:55:22:02:ad:41:05:4e:9b:52:d8:12:92:88:38:
cf:6f:e1:a7:07:41:2a:96:92:90:d2:30:cd:bc:03:72:14:15:
8c:24:47:a9:d1:7b:ff:05:a0:4a:20:35:f8:61:ae:33:38:99:
97:e0:72:e9:33:f9:77:cd:b4:4c:37:cf:33:42:61:b0:ef:13:
f3:a2:11:d8:41:de:c1:18:ed:c2:ab:1c:ed:a6:5d:dc:bb:c7:
84:1b:d8:c6:2a:b7:26:5b:3d:8e:05:16:b5:ea:b0:85:35:4d:
9f:31:e4:cf:d5:25:de:2e:c2:0c:ee:e4:bb:77:16:58:a2:f3:
5a:b2:1b:36:4b:c6:d9:9a:08:50:fb:32:e4:59:5d:67:b2:36:
63:45:99:a2:1b:79:c0:74:8b:34:e2:11:a0:6f:dd:12:a7:3c:
09:00:ea:7b:c0:c2:99:32:56:d1:50:41:28:14:14:d7:04:39:
b4:4a:ef:47
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYrR8tW8f2aL22RXb/5d1lJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwOTI2MTQ0NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjRjYmRlNjk0NDU2MDdhOGQ1MTVjZDc2OWEzYzA5OWEzMDczYmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XkKOvRgGGARLqdJMA+AeCAjbio7
t1E7r949q4khpASXxQnInWmRn7yNxEjP06uUneX98IclyMo84mN6DNfYhim/pVBd
y5fDOjBUEM9V+GU3Wtq29C19F/CqT2JTxlSYXAOc7/Gl6bKxcs/rF6EkWOEywP6M
RALQP+6Et5Zg7y8uEDnrMWSOYejtjpQ2DnmzmUrVrBOZuAqtwzU6Sb/uuCcKkUzT
nGCZyfJla2zPZpS7KV7tNK0q9WsLt1SocrgwaNxPW4/aejoUCBzjUQR7CUnqCFtY
m/HRv2T8wkYC7LDPfnXHps18WoQclQzAYATBqrRs/khSz1a98MW/AeRN7wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNZMveaURWB6jVFc12mjwJmjBzvwMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMWt5OTVwUkZZSHFOVVZ6WGFhUEFtYU1IT19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABbZxAwQA
TfKWAwQBWJc4AwQAWJc+AwQAWNHTAwQAWNHZAwQAWNH9AwQAstLkMA0GCSqGSIb3
DQEBCwUAA4IBAQBW/e+phevsG9xqh89RaMoCZCe9AhtTzj9n8MM1oTF6+Ir9pTV1
8Y2LxQVXCxyUr0qCeqiic/3+Q7cKyAWiC8Y4HAcKlmiGbby7XoXsVSICrUEFTptS
2BKSiDjPb+GnB0EqlpKQ0jDNvANyFBWMJEep0Xv/BaBKIDX4Ya4zOJmX4HLpM/l3
zbRMN88zQmGw7xPzohHYQd7BGO3Cqxztpl3cu8eEG9jGKrcmWz2OBRa16rCFNU2f
MeTP1SXeLsIM7uS7dxZYovNashs2S8bZmghQ+zLkWV1nsjZjRZmiG3nAdIs04hGg
b90SpzwJAOp7wMKZMlbRUEEoFBTXBDm0Su9H
-----END CERTIFICATE-----
Generated at Fri Sep 29 06:49:59 2023 by rpki-client on console-ams.rpki-client.org