Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/93JLpYFXc9RXk4lnGoQQ306wlbA.roa
File: 93JLpYFXc9RXk4lnGoQQ306wlbA.roa (raw, json)
Hash identifier: jtTjDiaidMDgFciKHQgehVcPzbATiJWwngktmZEePIg=
Subject key identifier: F7:72:4B:A5:81:57:73:D4:57:93:89:67:1A:84:10:DF:4E:B0:95:B0
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018DF933A75BE72AF8F50E68E854D119BC78
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/93JLpYFXc9RXk4lnGoQQ306wlbA.roa
Signing time: Fri 01 Mar 2024 08:48:48 +0000
ROA not before: Fri 01 Mar 2024 08:48:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
88.209.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 10:24:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:33:a7:5b:e7:2a:f8:f5:0e:68:e8:54:d1:19:bc:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 1 08:48:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7724ba5815773d4579389671a8410df4eb095b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ed:e2:92:e2:82:b8:f1:d4:01:6c:ba:23:00:
87:2c:8c:22:30:a1:ef:24:83:03:8d:99:82:18:35:
ba:1e:ea:34:86:a5:02:55:df:54:5c:f5:b3:a7:e9:
9d:4b:b8:01:83:31:5a:4f:28:c4:52:9c:d3:b3:69:
01:6d:3c:c2:09:10:9a:b1:51:bb:74:99:5d:aa:e7:
53:86:34:13:f5:20:bc:0d:2d:ce:cd:67:37:c7:25:
17:30:8f:9a:d3:de:99:e4:52:6d:9a:50:01:5e:6a:
bc:15:e7:8b:04:51:e8:d1:ab:52:f2:6b:94:e9:a9:
bb:e4:6e:2e:7f:c4:3d:2b:8a:c2:f6:46:02:9a:00:
a7:b1:ae:71:d7:0d:5b:f3:29:33:56:aa:d5:a6:36:
5c:75:12:b3:e2:61:fb:8c:ad:bf:0e:2c:73:88:d4:
e0:be:37:a8:bd:d6:f2:e2:55:bf:11:b4:e7:3a:59:
24:40:4f:c9:55:45:bb:5a:7b:5c:16:79:39:9c:0d:
d1:30:08:ed:81:cd:70:e5:02:21:46:af:4c:54:e1:
6d:8b:68:3b:86:88:da:02:66:e0:0b:60:c5:4b:c1:
b5:89:f2:25:ed:32:c7:1e:31:5c:77:8f:75:04:2a:
f1:0e:47:1a:a1:2c:0c:a0:94:d6:c8:12:13:19:04:
cc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:72:4B:A5:81:57:73:D4:57:93:89:67:1A:84:10:DF:4E:B0:95:B0
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/93JLpYFXc9RXk4lnGoQQ306wlbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.211.0/24
88.209.232.0/22
88.209.245.0/24
Signature Algorithm: sha256WithRSAEncryption
63:e9:f0:01:7b:4e:3b:fb:fd:1f:2b:31:67:a8:84:ee:d1:ff:
46:2a:3e:d9:6f:15:97:5d:32:8e:53:cd:55:8c:7c:1d:43:0c:
72:92:96:5f:aa:73:20:3d:de:61:9a:c6:a3:90:a5:41:05:c9:
28:01:be:43:18:a6:17:59:6b:a8:a6:4e:03:10:8d:34:9f:82:
80:9b:be:af:32:3c:16:1a:46:3d:f4:ea:67:06:95:1c:10:f7:
58:a9:45:e0:25:b9:d7:b0:49:da:66:f5:b5:4c:7d:e2:e9:6d:
96:5c:7e:85:12:f2:fa:b9:ee:41:28:7a:eb:99:53:72:bd:5b:
83:67:e2:b7:51:ab:23:fe:b3:75:e3:cd:85:92:bb:af:bb:1b:
9f:b6:66:c5:35:4d:d1:14:aa:45:7f:b5:1e:c5:b0:96:2a:a2:
ce:c2:b3:16:75:61:8c:c5:1b:de:33:18:d6:8b:ed:0a:3e:9b:
c2:38:d9:c3:d1:e8:fa:7e:91:7e:90:be:74:2f:48:6c:4d:80:
4b:47:91:77:76:a8:74:08:91:82:b3:03:20:6a:3d:05:bb:dc:
2f:25:09:b8:01:46:76:b9:cb:74:27:56:36:98:dd:4a:69:ec:
44:2f:f3:1c:5b:d1:3e:c2:76:46:30:37:0d:a5:1a:1d:d4:11:
dc:4d:e7:f6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY35M6db5yr49Q5o6FTRGbx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzAxMDg0ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzcyNGJhNTgxNTc3M2Q0NTc5Mzg5NjcxYTg0MTBkZjRlYjA5NWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+3ikuKCuPHUAWy6IwCHLIwiMKHv
JIMDjZmCGDW6Huo0hqUCVd9UXPWzp+mdS7gBgzFaTyjEUpzTs2kBbTzCCRCasVG7
dJldqudThjQT9SC8DS3OzWc3xyUXMI+a096Z5FJtmlABXmq8FeeLBFHo0atS8muU
6am75G4uf8Q9K4rC9kYCmgCnsa5x1w1b8ykzVqrVpjZcdRKz4mH7jK2/DixziNTg
vjeovdby4lW/EbTnOlkkQE/JVUW7WntcFnk5nA3RMAjtgc1w5QIhRq9MVOFti2g7
hojaAmbgC2DFS8G1ifIl7TLHHjFcd491BCrxDkcaoSwMoJTWyBITGQTM9wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPdyS6WBV3PUV5OJZxqEEN9OsJWwMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvOTNKTHBZRlhjOVJYazRsbkdvUVEzMDZ3bGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWJc4AwQA
WNHTAwQCWNHoAwQAWNH1MA0GCSqGSIb3DQEBCwUAA4IBAQBj6fABe047+/0fKzFn
qITu0f9GKj7ZbxWXXTKOU81VjHwdQwxykpZfqnMgPd5hmsajkKVBBckoAb5DGKYX
WWuopk4DEI00n4KAm76vMjwWGkY99OpnBpUcEPdYqUXgJbnXsEnaZvW1TH3i6W2W
XH6FEvL6ue5BKHrrmVNyvVuDZ+K3Uasj/rN1482FkruvuxuftmbFNU3RFKpFf7Ue
xbCWKqLOwrMWdWGMxRveMxjWi+0KPpvCONnD0ej6fpF+kL50L0hsTYBLR5F3dqh0
CJGCswMgaj0Fu9wvJQm4AUZ2uct0J1Y2mN1KaexEL/McW9E+wnZGMDcNpRod1BHc
Tef2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org