Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/8HltT7u-VCCzGa94eauPVHgPS8g.roa
File: 8HltT7u-VCCzGa94eauPVHgPS8g.roa (raw, json)
Hash identifier: 92r6zJ35dOMj1IiJ2E3OHVxs3tMU7L2MlYOIEj9/qeA=
Subject key identifier: F0:79:6D:4F:BB:BE:54:20:B3:19:AF:78:79:AB:8F:54:78:0F:4B:C8
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018AF9C1B1C975802C5180209DBF9B043FED
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/8HltT7u-VCCzGa94eauPVHgPS8g.roa
Signing time: Wed 04 Oct 2023 08:15:35 +0000
ROA not before: Wed 04 Oct 2023 08:15:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.253.0/24 maxlen: 24
178.210.228.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
77.242.157.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
88.209.200.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
88.209.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:c1:b1:c9:75:80:2c:51:80:20:9d:bf:9b:04:3f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 4 08:15:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0796d4fbbbe5420b319af7879ab8f54780f4bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:06:a6:96:67:d1:fa:8b:7c:e5:33:a1:10:64:
ad:96:23:63:5d:2c:d2:94:88:65:4e:22:c4:09:48:
3a:09:90:5d:03:eb:4f:0f:ff:34:c1:b5:46:de:95:
89:2c:35:12:e1:71:9c:7b:70:c3:94:5c:94:ae:be:
07:52:6a:fb:4e:9b:0e:cf:d0:ea:fc:52:59:d2:39:
d7:6e:35:cd:4c:9c:ae:d0:3e:7a:2a:40:59:fb:af:
b8:00:d5:b1:af:21:da:0a:90:d8:1c:2a:48:2d:18:
cb:9b:1c:bc:24:a3:6e:a6:e2:93:cf:2c:24:d9:f2:
0b:9b:4a:23:22:5a:2b:a1:eb:c2:e0:43:ae:f7:92:
a2:07:98:a0:2a:48:9f:c7:9b:89:49:b4:59:13:c7:
7c:01:34:08:55:9d:bb:e5:fb:3b:b9:2d:6c:ee:7f:
b2:57:a5:77:6f:0f:24:a5:e1:2d:4b:46:b6:dc:d1:
8c:f2:20:fa:32:b0:c5:87:69:6d:77:18:ee:da:58:
cd:d2:12:24:90:cd:5a:eb:09:aa:4a:ff:05:d5:f8:
b4:32:aa:3e:52:f1:80:7b:2c:96:12:b3:c9:24:d5:
e2:9b:ec:6f:55:b8:0c:08:dc:8e:8d:9d:da:08:b3:
91:47:54:31:3b:3b:14:f7:ba:5d:36:56:fc:05:59:
f3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:79:6D:4F:BB:BE:54:20:B3:19:AF:78:79:AB:8F:54:78:0F:4B:C8
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/8HltT7u-VCCzGa94eauPVHgPS8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.157.0/24
88.151.56.0/23
88.151.62.0/24
88.209.200.0/24
88.209.211.0/24
88.209.217.0/24
88.209.220.0/24
88.209.253.0/24
178.210.228.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:57:f0:5d:04:2a:8b:ec:52:56:cb:a8:93:ba:d8:b0:ee:26:
d4:30:33:6c:4a:c5:35:16:70:10:26:f3:06:b9:f1:a0:80:ce:
ad:d9:f6:9e:02:c3:60:fc:b4:33:69:20:85:d9:d2:20:55:24:
44:42:8d:36:c6:d0:73:23:64:2d:87:b3:e4:61:74:bc:c8:29:
54:bf:f5:6d:c8:1e:9a:eb:57:97:0d:6b:0b:15:ef:72:97:42:
0a:e9:1e:7b:07:76:59:33:7d:fe:10:ef:e3:90:6c:35:38:12:
ce:76:a2:8b:ff:81:ed:4b:f8:b9:0d:56:ab:93:6a:4a:e4:6d:
32:40:32:eb:e1:ba:80:7a:4f:d0:e1:80:80:60:35:f5:ad:0f:
17:c7:04:98:e0:e5:a5:5a:4f:2e:5b:9c:a1:c2:7c:4d:79:10:
8f:81:30:3d:d0:fa:74:9a:7e:19:ef:e5:82:16:df:5e:68:90:
9b:74:85:e7:6e:ea:72:7e:ed:64:c0:80:6f:8d:99:28:8c:74:
f9:35:fc:65:fa:1e:89:f4:c7:b9:a9:22:fd:52:5e:83:d3:e3:
3f:b5:39:be:bf:35:e5:aa:41:99:bc:85:8c:76:53:d7:fb:2c:
2d:63:e9:b3:83:f1:e6:58:0b:71:41:f1:ba:58:c6:8e:af:5c:
a3:4b:76:9d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYr5wbHJdYAsUYAgnb+bBD/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMDA0MDgxNTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDc5NmQ0ZmJiYmU1NDIwYjMxOWFmNzg3OWFiOGY1NDc4MGY0YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQamlmfR+ot85TOhEGStliNjXSzS
lIhlTiLECUg6CZBdA+tPD/80wbVG3pWJLDUS4XGce3DDlFyUrr4HUmr7TpsOz9Dq
/FJZ0jnXbjXNTJyu0D56KkBZ+6+4ANWxryHaCpDYHCpILRjLmxy8JKNupuKTzywk
2fILm0ojIloroevC4EOu95KiB5igKkifx5uJSbRZE8d8ATQIVZ275fs7uS1s7n+y
V6V3bw8kpeEtS0a23NGM8iD6MrDFh2ltdxju2ljN0hIkkM1a6wmqSv8F1fi0Mqo+
UvGAeyyWErPJJNXim+xvVbgMCNyOjZ3aCLORR1QxOzsU97pdNlb8BVnzJwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPB5bU+7vlQgsxmveHmrj1R4D0vIMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvOEhsdFQ3dS1WQ0N6R2E5NGVhdVBWSGdQUzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQATfKdAwQB
WJc4AwQAWJc+AwQAWNHIAwQAWNHTAwQAWNHZAwQAWNHcAwQAWNH9AwQAstLkMA0G
CSqGSIb3DQEBCwUAA4IBAQBMV/BdBCqL7FJWy6iTutiw7ibUMDNsSsU1FnAQJvMG
ufGggM6t2faeAsNg/LQzaSCF2dIgVSREQo02xtBzI2Qth7PkYXS8yClUv/VtyB6a
61eXDWsLFe9yl0IK6R57B3ZZM33+EO/jkGw1OBLOdqKL/4HtS/i5DVark2pK5G0y
QDLr4bqAek/Q4YCAYDX1rQ8XxwSY4OWlWk8uW5yhwnxNeRCPgTA90Pp0mn4Z7+WC
Ft9eaJCbdIXnbupyfu1kwIBvjZkojHT5Nfxl+h6J9Me5qSL9Ul6D0+M/tTm+vzXl
qkGZvIWMdlPX+ywtY+mzg/HmWAtxQfG6WMaOr1yjS3ad
Generated at Thu Oct 5 15:17:38 2023 by rpki-client on console-ams.rpki-client.org