Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ArJ2j9j4RWmP-3ZI9LBg9Vrewfc.roa
File: ArJ2j9j4RWmP-3ZI9LBg9Vrewfc.roa (raw, json)
Hash identifier: OoKhu2lpDzG+vyGYrN6F0UMXFzgcvPpeuoYFoqPu3UA=
Subject key identifier: 02:B2:76:8F:D8:F8:45:69:8F:FB:76:48:F4:B0:60:F5:5A:DE:C1:F7
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188AE3AD947C457D25EB79E793413FE9B3D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ArJ2j9j4RWmP-3ZI9LBg9Vrewfc.roa
Signing time: Mon 12 Jun 2023 06:11:12 +0000
ROA not before: Mon 12 Jun 2023 06:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 88.209.245.0/24 maxlen: 24
88.151.56.0/24 maxlen: 24
2.58.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 08:22:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ae:3a:d9:47:c4:57:d2:5e:b7:9e:79:34:13:fe:9b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 12 06:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02b2768fd8f845698ffb7648f4b060f55adec1f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1a:e7:79:f9:35:9b:1b:5c:57:3d:b2:8d:45:
a0:e6:2e:87:c7:c7:e0:40:7f:bf:ec:ff:d2:91:87:
07:df:c1:db:84:9e:5f:00:a1:1e:94:ba:2b:99:67:
16:cc:fb:3b:3d:57:3d:03:70:8a:69:9b:50:5a:a6:
38:18:ef:16:b4:4d:d6:09:65:a3:dd:9d:a0:e1:60:
57:41:70:69:52:67:34:f9:15:1b:57:1a:ec:7f:af:
5f:f2:36:19:43:5f:eb:06:bf:6d:ec:b0:e0:4e:3c:
ee:93:33:a5:82:02:1e:0c:c0:04:a7:99:cd:b0:96:
04:3a:3f:51:dd:d3:21:48:9c:a8:01:20:a7:49:7e:
60:75:94:ff:a6:f7:37:54:c6:ea:69:54:97:c0:08:
b7:e0:8a:fb:64:c6:e7:25:e3:3e:21:ca:b8:0e:c3:
ee:1c:69:24:0d:82:a3:e4:b7:5e:e3:25:80:64:1c:
d2:a5:29:09:0f:04:29:76:ba:fb:74:b9:64:70:c0:
4d:b5:1d:19:4d:7b:a2:7d:35:29:62:dd:99:bf:46:
2e:39:87:97:42:6a:3b:46:f5:72:44:cb:b6:1f:82:
15:fe:af:c6:bc:25:c6:ea:1d:3a:1c:ee:8a:40:3d:
02:b8:5b:7d:e6:f7:77:94:7a:f1:8f:9e:ae:c9:4d:
33:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B2:76:8F:D8:F8:45:69:8F:FB:76:48:F4:B0:60:F5:5A:DE:C1:F7
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ArJ2j9j4RWmP-3ZI9LBg9Vrewfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.170.0/24
88.151.56.0/24
88.209.245.0/24
Signature Algorithm: sha256WithRSAEncryption
07:23:c9:2f:c7:f5:09:f7:d6:47:22:0f:1c:ee:14:47:68:c1:
72:97:50:2c:24:1e:0b:5c:59:fc:e7:4e:dc:85:6a:ce:1c:72:
6d:da:a1:01:56:53:d7:51:e6:07:c7:f0:77:aa:2d:5e:98:54:
04:e2:58:2f:64:c5:45:45:24:4c:04:3a:f6:93:01:51:07:4b:
77:9e:08:fd:0f:05:c3:70:9d:cd:34:53:3d:54:7b:f3:f4:42:
25:50:69:7d:45:e5:e2:94:8d:3b:ee:43:2f:41:31:2f:d5:fc:
d3:8d:59:a9:dd:3a:50:36:3d:7b:78:76:65:e6:0a:e1:9d:bf:
4a:53:0f:08:11:79:db:f1:66:91:99:8a:0b:36:ed:17:cf:b8:
5d:63:8c:64:3e:86:d7:50:bc:db:72:7d:31:e7:ec:64:ab:d1:
b3:41:fd:8d:9b:a7:79:ac:d9:75:f6:40:6b:f1:eb:e0:c6:7d:
87:c3:41:aa:e1:fd:ce:11:6d:04:f3:01:14:d2:ec:7c:d9:de:
45:6f:db:84:5d:84:15:16:2a:a8:60:49:44:d6:fb:2e:dc:f4:
fc:ab:bf:8e:db:f0:72:36:da:fd:5e:c1:3e:b8:69:48:12:ec:
7a:a2:56:c1:e5:a0:a5:0c:d3:62:a7:44:ba:8c:ca:ba:96:bc:
a2:34:ba:aa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiuOtlHxFfSXreeeTQT/ps9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjEyMDYxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmIyNzY4ZmQ4Zjg0NTY5OGZmYjc2NDhmNGIwNjBmNTVhZGVjMWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxrnefk1mxtcVz2yjUWg5i6Hx8fg
QH+/7P/SkYcH38HbhJ5fAKEelLormWcWzPs7PVc9A3CKaZtQWqY4GO8WtE3WCWWj
3Z2g4WBXQXBpUmc0+RUbVxrsf69f8jYZQ1/rBr9t7LDgTjzukzOlggIeDMAEp5nN
sJYEOj9R3dMhSJyoASCnSX5gdZT/pvc3VMbqaVSXwAi34Ir7ZMbnJeM+Icq4DsPu
HGkkDYKj5Lde4yWAZBzSpSkJDwQpdrr7dLlkcMBNtR0ZTXuifTUpYt2Zv0YuOYeX
Qmo7RvVyRMu2H4IV/q/GvCXG6h06HO6KQD0CuFt95vd3lHrxj56uyU0z/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAKydo/Y+EVpj/t2SPSwYPVa3sH3MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvQXJKMmo5ajRSV21QLTNaSTlMQmc5VnJld2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjqqAwQA
WJc4AwQAWNH1MA0GCSqGSIb3DQEBCwUAA4IBAQAHI8kvx/UJ99ZHIg8c7hRHaMFy
l1AsJB4LXFn8507chWrOHHJt2qEBVlPXUeYHx/B3qi1emFQE4lgvZMVFRSRMBDr2
kwFRB0t3ngj9DwXDcJ3NNFM9VHvz9EIlUGl9ReXilI077kMvQTEv1fzTjVmp3TpQ
Nj17eHZl5grhnb9KUw8IEXnb8WaRmYoLNu0Xz7hdY4xkPobXULzbcn0x5+xkq9Gz
Qf2Nm6d5rNl19kBr8evgxn2Hw0Gq4f3OEW0E8wEU0ux82d5Fb9uEXYQVFiqoYElE
1vsu3PT8q7+O2/ByNtr9XsE+uGlIEux6olbB5aClDNNip0S6jMq6lryiNLqq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org