Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/2GCnN8y6qcWanvAz3xAmswBJAmk.roa
File: 2GCnN8y6qcWanvAz3xAmswBJAmk.roa (raw, json)
Hash identifier: 2JlpFCkRfiAXio/F8W9aDVxSkkMh95HjcPxs2ljn+5s=
Subject key identifier: D8:60:A7:37:CC:BA:A9:C5:9A:9E:F0:33:DF:10:26:B3:00:49:02:69
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018708F41670D1300AB2293FC384F3114486
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/2GCnN8y6qcWanvAz3xAmswBJAmk.roa
Signing time: Wed 22 Mar 2023 10:53:46 +0000
ROA not before: Wed 22 Mar 2023 10:53:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200010
IP address blocks: 88.209.245.0/24 maxlen: 24
88.209.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 11:08:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:f4:16:70:d1:30:0a:b2:29:3f:c3:84:f3:11:44:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 22 10:53:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d860a737ccbaa9c59a9ef033df1026b300490269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9e:7a:39:a5:fb:1e:06:7d:cb:c7:af:70:84:
01:01:a8:b3:0a:65:d8:82:13:24:a6:37:15:01:ca:
69:c0:e7:c9:79:66:76:bd:ed:1f:22:40:a2:64:73:
87:dd:6e:12:3c:9a:08:fe:3b:41:7d:84:45:32:1b:
fa:85:62:d9:4f:9b:01:c9:dc:d5:9c:dc:54:38:2d:
32:8f:d2:e7:ae:92:bb:55:67:6b:ef:44:cd:7c:a0:
41:fe:9c:0b:36:6d:21:25:d7:ed:47:d8:27:51:39:
57:86:7a:e0:e4:9a:f1:ee:25:50:9f:e9:7c:e3:b5:
87:2f:f7:45:75:45:f8:42:e2:f7:1d:54:b5:43:e9:
02:85:c5:4b:30:2d:a6:d4:a0:6d:ea:90:0d:fe:70:
ee:18:d9:61:17:37:00:f8:56:07:88:70:d9:5c:03:
a0:38:64:1d:87:c2:56:41:d4:76:97:e1:1f:06:17:
5e:40:5f:8a:41:8e:79:77:70:a5:b2:36:9b:0f:30:
09:f5:ee:c2:1d:99:0f:49:c6:dd:92:8a:06:b3:eb:
69:d3:42:2e:a3:58:ec:45:39:b9:66:1c:34:d3:68:
4f:46:e2:89:26:5d:af:64:bc:16:f0:d1:fb:15:8d:
c8:f4:91:5a:47:94:cf:d8:ba:07:58:2b:0c:bc:2c:
20:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:60:A7:37:CC:BA:A9:C5:9A:9E:F0:33:DF:10:26:B3:00:49:02:69
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/2GCnN8y6qcWanvAz3xAmswBJAmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.199.0/24
88.209.245.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:02:78:a6:43:5d:cc:5a:cc:f7:23:e5:d1:83:7f:63:bb:bb:
15:54:9e:8b:d8:f1:9c:82:95:89:6b:4a:e7:2d:27:d0:27:7a:
22:f0:50:a7:8c:53:ca:28:d2:7b:20:c3:fc:f5:62:55:09:a5:
82:ce:e0:51:fb:d0:5f:3f:97:4d:78:f0:90:92:17:d6:8c:4c:
b4:b0:bd:e0:a5:38:32:50:5d:b1:5d:7b:ac:1e:29:f1:01:c7:
55:e6:10:b4:27:93:f8:c9:2a:58:5f:b0:02:c5:40:f2:cd:6d:
34:61:b2:f6:6a:91:26:de:54:eb:4d:ca:67:94:01:7b:e6:70:
8c:3e:47:e9:0e:a2:17:e6:5e:7d:1a:59:73:b4:52:e3:61:32:
d4:63:cf:57:56:61:e9:92:34:fe:c3:27:86:61:ea:34:5f:c7:
a6:a3:b2:b3:92:3d:88:93:40:80:09:af:42:84:ec:b2:c7:5f:
7c:d3:d5:60:cf:60:a1:75:1f:eb:6d:17:f7:ce:b7:a0:2b:c1:
55:50:22:ff:7b:17:87:38:f2:db:31:08:60:7f:d9:66:29:14:
b4:1d:52:5e:d0:d1:c2:97:10:73:ab:f8:ec:2c:15:7d:88:64:
45:42:c0:c0:e4:24:11:c0:17:dc:18:26:87:97:63:53:1f:76:
b5:48:0b:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcI9BZw0TAKsik/w4TzEUSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMzIyMTA1MzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODYwYTczN2NjYmFhOWM1OWE5ZWYwMzNkZjEwMjZiMzAwNDkwMjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJ56OaX7HgZ9y8evcIQBAaizCmXY
ghMkpjcVAcppwOfJeWZ2ve0fIkCiZHOH3W4SPJoI/jtBfYRFMhv6hWLZT5sBydzV
nNxUOC0yj9LnrpK7VWdr70TNfKBB/pwLNm0hJdftR9gnUTlXhnrg5Jrx7iVQn+l8
47WHL/dFdUX4QuL3HVS1Q+kChcVLMC2m1KBt6pAN/nDuGNlhFzcA+FYHiHDZXAOg
OGQdh8JWQdR2l+EfBhdeQF+KQY55d3ClsjabDzAJ9e7CHZkPScbdkooGs+tp00Iu
o1jsRTm5Zhw002hPRuKJJl2vZLwW8NH7FY3I9JFaR5TP2LoHWCsMvCwguwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNhgpzfMuqnFmp7wM98QJrMASQJpMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMkdDbk44eTZxY1dhbnZBejN4QW1zd0JKQW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNHHAwQA
WNH1MA0GCSqGSIb3DQEBCwUAA4IBAQCsAnimQ13MWsz3I+XRg39ju7sVVJ6L2PGc
gpWJa0rnLSfQJ3oi8FCnjFPKKNJ7IMP89WJVCaWCzuBR+9BfP5dNePCQkhfWjEy0
sL3gpTgyUF2xXXusHinxAcdV5hC0J5P4ySpYX7ACxUDyzW00YbL2apEm3lTrTcpn
lAF75nCMPkfpDqIX5l59GllztFLjYTLUY89XVmHpkjT+wyeGYeo0X8emo7Kzkj2I
k0CACa9ChOyyx19809Vgz2ChdR/rbRf3zregK8FVUCL/exeHOPLbMQhgf9lmKRS0
HVJe0NHClxBzq/jsLBV9iGRFQsDA5CQRwBfcGCaHl2NTH3a1SAuV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:54 2024 by rpki-client on console-ams.rpki-client.org