Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/44D6l2lKTWHcOy8C2yeS3pSexNk.roa
File: 44D6l2lKTWHcOy8C2yeS3pSexNk.roa (raw, json)
Hash identifier: f8nXHoTnSXyQoxGyQ/KMcuG77uA1LJgyIaVnLMeumRk=
Subject key identifier: E3:80:FA:97:69:4A:4D:61:DC:3B:2F:02:DB:27:92:DE:94:9E:C4:D9
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018BCDE4E3548EC6DFB4C284E166F214DA4F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/44D6l2lKTWHcOy8C2yeS3pSexNk.roa
Signing time: Tue 14 Nov 2023 12:53:31 +0000
ROA not before: Tue 14 Nov 2023 12:53:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 88.209.229.0/24 maxlen: 24
88.209.244.0/24 maxlen: 24
88.209.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:e4:e3:54:8e:c6:df:b4:c2:84:e1:66:f2:14:da:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 14 12:53:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e380fa97694a4d61dc3b2f02db2792de949ec4d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1c:d8:e3:f8:5a:b0:c6:e5:b2:8a:8e:b5:02:
d3:e3:fe:64:1d:65:82:c3:eb:75:75:69:0f:93:bb:
61:0a:86:a0:eb:69:b7:80:43:28:31:4b:6c:25:5d:
44:43:47:b0:1d:7e:43:a8:60:84:84:67:74:e0:52:
ec:57:12:2b:3f:8c:ea:ca:9a:13:3b:d1:79:79:85:
55:03:3e:62:fe:05:33:91:4c:20:37:4b:c6:54:d8:
f2:0c:73:55:34:2b:e7:09:0c:94:1a:cd:52:5c:44:
8f:93:4c:29:c2:98:93:ea:f9:1c:22:71:61:d7:0f:
31:00:aa:72:d7:e3:a2:7f:73:d1:83:a1:48:c1:26:
fa:ce:ce:24:15:05:d1:5d:7a:8e:ed:ca:bf:80:a2:
e9:ee:53:74:99:bd:05:59:23:fb:a0:51:ed:e5:3a:
99:4c:37:e7:15:a4:6e:4f:4e:93:13:11:42:f5:da:
ad:01:c9:55:34:6c:09:42:ed:86:c8:1b:98:fe:db:
03:99:d2:23:e4:1d:95:46:c3:00:eb:19:45:6f:ca:
cc:c4:3c:9d:b1:6c:a5:30:35:d9:99:31:a2:a6:0c:
c2:d7:8a:44:85:ad:a0:95:02:a8:07:f0:4b:33:5b:
d1:8f:b4:b5:81:d9:01:24:93:bc:7b:dd:17:55:d4:
a5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:80:FA:97:69:4A:4D:61:DC:3B:2F:02:DB:27:92:DE:94:9E:C4:D9
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/44D6l2lKTWHcOy8C2yeS3pSexNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.229.0/24
88.209.244.0/24
88.209.248.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:f5:83:60:e9:1f:0a:50:30:62:4b:ad:e7:a8:07:7b:4e:ba:
68:11:83:b1:63:14:9c:e1:6f:75:b3:db:49:92:99:b9:55:5d:
ba:81:98:4e:ff:17:e5:d9:70:82:0e:2d:2f:52:d1:65:5e:bf:
b8:7f:a4:6d:b0:9b:eb:9c:c7:e3:56:e5:34:d0:60:5c:e9:e5:
41:ce:3d:04:19:68:05:9a:96:72:b3:fb:6d:34:23:ac:e1:0d:
1a:37:fa:ee:1d:16:f1:5e:ff:ba:d6:ce:31:da:66:44:17:3f:
3a:94:2d:71:56:0e:6d:ff:71:fb:0e:a4:dd:d1:52:11:91:79:
f1:0f:e8:a4:92:05:7e:13:4b:ff:dc:4e:a6:66:93:f7:63:80:
1e:e1:7a:0d:f0:61:8f:a2:64:87:54:e6:3d:bd:bc:81:69:64:
bd:a6:e8:9f:65:c9:75:97:6b:72:4b:e2:84:76:06:ed:b6:43:
c3:43:69:95:e0:8d:0d:e9:1d:8d:d4:6f:4f:81:cd:c3:12:12:
75:63:51:64:b3:c8:05:90:e8:e3:8d:fc:9a:39:21:47:ad:69:
f4:90:8f:db:1d:0f:e9:23:33:08:94:e1:49:de:c0:56:b5:80:
88:1c:ab:4a:db:22:7d:c6:3d:e0:58:d1:24:21:b6:40:01:ec:
f9:49:12:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvN5ONUjsbftMKE4WbyFNpPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMTE0MTI1MzMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzgwZmE5NzY5NGE0ZDYxZGMzYjJmMDJkYjI3OTJkZTk0OWVjNGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRzY4/hasMblsoqOtQLT4/5kHWWC
w+t1dWkPk7thCoag62m3gEMoMUtsJV1EQ0ewHX5DqGCEhGd04FLsVxIrP4zqypoT
O9F5eYVVAz5i/gUzkUwgN0vGVNjyDHNVNCvnCQyUGs1SXESPk0wpwpiT6vkcInFh
1w8xAKpy1+Oif3PRg6FIwSb6zs4kFQXRXXqO7cq/gKLp7lN0mb0FWSP7oFHt5TqZ
TDfnFaRuT06TExFC9dqtAclVNGwJQu2GyBuY/tsDmdIj5B2VRsMA6xlFb8rMxDyd
sWylMDXZmTGipgzC14pEha2glQKoB/BLM1vRj7S1gdkBJJO8e90XVdSlFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOOA+pdpSk1h3DsvAtsnkt6UnsTZMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvNDRENmwybEtUV0hjT3k4QzJ5ZVMzcFNleE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNHlAwQA
WNH0AwQAWNH4MA0GCSqGSIb3DQEBCwUAA4IBAQBN9YNg6R8KUDBiS63nqAd7Trpo
EYOxYxSc4W91s9tJkpm5VV26gZhO/xfl2XCCDi0vUtFlXr+4f6RtsJvrnMfjVuU0
0GBc6eVBzj0EGWgFmpZys/ttNCOs4Q0aN/ruHRbxXv+61s4x2mZEFz86lC1xVg5t
/3H7DqTd0VIRkXnxD+ikkgV+E0v/3E6mZpP3Y4Ae4XoN8GGPomSHVOY9vbyBaWS9
puifZcl1l2tyS+KEdgbttkPDQ2mV4I0N6R2N1G9Pgc3DEhJ1Y1Fks8gFkOjjjfya
OSFHrWn0kI/bHQ/pIzMIlOFJ3sBWtYCIHKtK2yJ9xj3gWNEkIbZAAez5SRJ+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:54 2024 by rpki-client on console-ams.rpki-client.org