Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/5FgNXZTEO7tat-8EfarHHghM3ZA.roa
File: 5FgNXZTEO7tat-8EfarHHghM3ZA.roa (raw, json)
Hash identifier: cbsma59tmQ7PBgiZmpA7hqKavJ1LVN+vDhWfTMw21Gs=
Subject key identifier: E4:58:0D:5D:94:C4:3B:BB:5A:B7:EF:04:7D:AA:C7:1E:08:4C:DD:90
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0190FEE16CE49B6EA9E882EDFAD1AEC81C0C
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/5FgNXZTEO7tat-8EfarHHghM3ZA.roa
Signing time: Mon 29 Jul 2024 14:25:04 +0000
ROA not before: Mon 29 Jul 2024 14:25:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
92.52.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 13:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:e1:6c:e4:9b:6e:a9:e8:82:ed:fa:d1:ae:c8:1c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 29 14:25:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4580d5d94c43bbb5ab7ef047daac71e084cdd90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8d:90:44:46:59:17:89:e8:c9:f6:bf:e3:6b:
1f:4b:57:44:a3:cc:c1:ef:c1:c0:d0:90:e7:4a:07:
fd:e7:6b:d4:c1:02:a4:62:06:92:5f:9f:0c:ef:86:
c2:ee:95:77:bc:76:de:33:e4:81:28:fc:5d:14:5f:
e5:77:97:7d:1b:c5:11:fb:d7:f0:16:56:5f:ca:ed:
e9:1b:f4:5f:4e:86:8e:47:32:87:a1:d0:72:74:98:
6a:30:6c:39:19:f7:38:21:a3:e0:1c:22:8a:19:9b:
c2:5b:49:c8:1d:95:72:77:eb:c4:a7:c6:b3:ad:c6:
46:d2:f4:9b:fb:7d:9a:05:a3:6e:51:25:07:d9:e8:
32:16:ee:ad:78:97:20:52:96:f9:6a:c6:2d:2b:ec:
79:13:c0:e3:22:a7:93:2f:89:55:e6:a3:1a:15:1a:
d9:03:a2:0c:81:18:14:d5:c9:89:8e:db:15:02:b9:
1a:1f:58:ab:48:4d:fe:c5:d5:f4:74:ca:80:c5:35:
87:28:f5:86:8a:15:52:69:20:12:6e:28:ed:95:c4:
9f:c8:2c:2d:f3:29:a6:23:80:12:fb:2a:6c:78:e0:
ec:09:ee:db:df:2e:ab:bc:6c:5a:1e:cc:87:a0:01:
2e:49:31:e5:c9:92:44:e0:8b:00:d8:fe:02:0b:e5:
3f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:58:0D:5D:94:C4:3B:BB:5A:B7:EF:04:7D:AA:C7:1E:08:4C:DD:90
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/5FgNXZTEO7tat-8EfarHHghM3ZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.211.0/24
88.209.232.0/22
92.52.219.0/24
Signature Algorithm: sha256WithRSAEncryption
71:bf:92:47:a6:14:e3:1a:03:07:c6:d1:34:e5:7d:04:66:c5:
b6:8f:56:31:bb:72:a0:00:ec:04:21:27:35:c6:a3:2b:ed:7e:
f0:68:ed:f9:a5:33:44:a2:6b:a1:70:1c:50:2f:36:6f:87:32:
c1:d7:9e:70:4e:5e:4b:e2:03:4d:87:0c:c5:f9:dd:cd:68:f2:
9d:3e:34:a9:b5:d0:0f:73:24:28:8c:a3:cb:67:4e:da:62:28:
a7:d1:7f:d6:6e:47:a4:68:9e:e7:53:16:9b:a8:0a:00:c5:1c:
7b:32:6e:0a:6b:44:71:20:23:9d:da:53:f0:de:6a:89:cc:79:
a7:27:c3:ed:2d:c2:fd:a5:c3:9b:c3:99:ee:17:be:14:7c:4e:
cd:ca:f3:78:ad:51:3c:75:01:82:f5:56:7c:07:23:68:d7:56:
88:eb:7d:6b:c3:d9:ec:b0:a2:ad:f1:9a:09:99:57:15:67:6b:
37:e3:ad:96:ca:4b:c9:bb:5f:f7:84:ea:62:82:9c:bf:76:80:
b6:fe:40:89:a4:a9:1d:7c:be:8a:ef:ae:3f:cf:91:83:36:f0:
71:72:e8:98:69:48:2c:b7:c9:d0:dd:76:9a:ec:86:75:6e:66:
c2:5b:41:39:7a:46:f0:01:d4:01:f3:28:d1:63:52:4b:46:f9:
16:26:6b:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZD+4Wzkm26p6ILt+tGuyBwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwNzI5MTQyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDU4MGQ1ZDk0YzQzYmJiNWFiN2VmMDQ3ZGFhYzcxZTA4NGNkZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo2QREZZF4noyfa/42sfS1dEo8zB
78HA0JDnSgf952vUwQKkYgaSX58M74bC7pV3vHbeM+SBKPxdFF/ld5d9G8UR+9fw
FlZfyu3pG/RfToaORzKHodBydJhqMGw5Gfc4IaPgHCKKGZvCW0nIHZVyd+vEp8az
rcZG0vSb+32aBaNuUSUH2egyFu6teJcgUpb5asYtK+x5E8DjIqeTL4lV5qMaFRrZ
A6IMgRgU1cmJjtsVArkaH1irSE3+xdX0dMqAxTWHKPWGihVSaSASbijtlcSfyCwt
8ymmI4AS+ypseODsCe7b3y6rvGxaHsyHoAEuSTHlyZJE4IsA2P4CC+U/BwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFORYDV2UxDu7WrfvBH2qxx4ITN2QMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvNUZnTlhaVEVPN3RhdC04RWZhckhIZ2hNM1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWJc4AwQA
WNHTAwQCWNHoAwQAXDTbMA0GCSqGSIb3DQEBCwUAA4IBAQBxv5JHphTjGgMHxtE0
5X0EZsW2j1Yxu3KgAOwEISc1xqMr7X7waO35pTNEomuhcBxQLzZvhzLB155wTl5L
4gNNhwzF+d3NaPKdPjSptdAPcyQojKPLZ07aYiin0X/WbkekaJ7nUxabqAoAxRx7
Mm4Ka0RxICOd2lPw3mqJzHmnJ8PtLcL9pcObw5nuF74UfE7NyvN4rVE8dQGC9VZ8
ByNo11aI631rw9nssKKt8ZoJmVcVZ2s3462WykvJu1/3hOpigpy/doC2/kCJpKkd
fL6K764/z5GDNvBxcuiYaUgst8nQ3Xaa7IZ1bmbCW0E5ekbwAdQB8yjRY1JLRvkW
Jmvw
-----END CERTIFICATE-----
Generated at Tue Jul 30 16:02:24 2024 by rpki-client on console-fra.rpki-client.org