Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CdNdohjLC2UhgLEXoITr3tBYNAo.roa
File: CdNdohjLC2UhgLEXoITr3tBYNAo.roa (raw, json)
Hash identifier: 1RTkmImoW8J+B++4josMEByR6Vx7/barnlWm4bw9XzM=
Subject key identifier: 09:D3:5D:A2:18:CB:0B:65:21:80:B1:17:A0:84:EB:DE:D0:58:34:0A
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01889F2093734D3C724D788F3E17328913AB
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CdNdohjLC2UhgLEXoITr3tBYNAo.roa
Signing time: Fri 09 Jun 2023 07:48:11 +0000
ROA not before: Fri 09 Jun 2023 07:48:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
77.242.159.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9f:20:93:73:4d:3c:72:4d:78:8f:3e:17:32:89:13:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 9 07:48:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09d35da218cb0b652180b117a084ebded058340a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f7:f2:76:aa:61:c6:d6:dd:84:5b:64:d2:98:
13:6f:a3:b2:2e:f0:9f:7d:ba:0a:a8:a3:57:a4:07:
73:9f:23:3a:41:09:93:82:2d:1d:91:e5:f7:09:2b:
12:ae:82:94:4d:01:68:42:17:98:6f:cb:59:28:cc:
d1:f2:b3:ed:6d:99:c0:f4:e9:dc:19:88:67:43:18:
b1:ad:dc:4a:64:db:a1:f9:43:6f:c5:85:9b:a6:c4:
11:35:02:f4:d7:8f:ca:c5:32:b8:65:77:95:13:0e:
90:13:8d:86:05:1f:d8:4e:b7:2b:24:a4:43:a2:25:
61:e0:bc:ce:ed:ce:c3:9e:90:ed:bc:4c:0d:93:70:
04:48:7f:2e:76:86:c0:5f:83:7d:70:61:13:82:53:
fd:86:be:7e:8f:b8:05:82:ab:e2:88:d6:9c:0d:bb:
be:91:c6:ae:62:c1:1d:6a:f4:f2:05:50:7d:a3:92:
a1:bf:2d:9c:5c:3c:ef:18:44:e1:3c:09:f8:90:86:
00:89:59:22:23:2d:bb:45:41:9c:26:2f:e4:db:be:
5e:fa:90:2d:3c:7f:9d:5a:47:38:9a:ab:52:b2:65:
49:b8:13:6f:df:df:5d:f7:68:e8:b3:30:d1:34:c4:
98:48:59:ab:1d:bc:b7:0e:7c:fd:6b:64:bf:50:ee:
18:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D3:5D:A2:18:CB:0B:65:21:80:B1:17:A0:84:EB:DE:D0:58:34:0A
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CdNdohjLC2UhgLEXoITr3tBYNAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.159.0/24
88.151.56.0/23
88.209.211.0/24
Signature Algorithm: sha256WithRSAEncryption
77:35:72:b2:15:14:80:52:5c:03:d5:80:05:53:97:f8:b4:ef:
7d:65:51:1b:5e:15:58:42:f2:05:51:d8:a9:bf:61:86:46:15:
eb:33:14:be:ff:88:71:09:5e:d9:e8:5b:da:ed:9c:a5:ac:03:
e7:21:79:35:f3:70:90:fa:82:61:b1:1a:8e:b9:2f:54:44:b4:
35:a6:aa:95:70:5c:e0:d5:ff:d7:f5:c5:54:c5:50:d9:5c:29:
e9:92:74:2c:c5:6b:5d:18:7b:f9:e1:8f:c8:71:ca:94:12:8d:
85:93:82:13:0c:43:0e:ac:6e:8e:51:f4:78:a8:ef:e4:ae:b3:
6a:db:42:13:6e:4a:e2:b2:b6:08:32:b4:d3:64:40:d4:e7:ae:
41:ec:9b:58:e4:91:fe:86:ae:b0:1f:f3:56:09:ec:f7:bc:72:
ec:6e:cd:4c:89:35:10:86:72:c5:7d:82:c2:4b:4e:e6:e0:5b:
b1:e5:c5:97:3c:94:41:c8:3a:d6:1b:b4:a1:60:76:4e:11:d3:
ad:1f:6d:c6:88:90:ab:75:24:6f:3c:23:75:09:c1:4a:db:74:
37:e1:c2:7c:60:3d:14:82:80:07:e1:df:43:4b:82:cf:87:b8:
3e:81:67:4b:aa:24:c3:1f:53:cd:74:8e:22:22:f7:64:dc:da:
6d:51:9f:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYifIJNzTTxyTXiPPhcyiROrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjA5MDc0ODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQzNWRhMjE4Y2IwYjY1MjE4MGIxMTdhMDg0ZWJkZWQwNTgzNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/fydqphxtbdhFtk0pgTb6OyLvCf
fboKqKNXpAdznyM6QQmTgi0dkeX3CSsSroKUTQFoQheYb8tZKMzR8rPtbZnA9Onc
GYhnQxixrdxKZNuh+UNvxYWbpsQRNQL014/KxTK4ZXeVEw6QE42GBR/YTrcrJKRD
oiVh4LzO7c7DnpDtvEwNk3AESH8udobAX4N9cGETglP9hr5+j7gFgqviiNacDbu+
kcauYsEdavTyBVB9o5Khvy2cXDzvGEThPAn4kIYAiVkiIy27RUGcJi/k275e+pAt
PH+dWkc4mqtSsmVJuBNv399d92joszDRNMSYSFmrHby3Dnz9a2S/UO4Y/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAnTXaIYywtlIYCxF6CE697QWDQKMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvQ2ROZG9oakxDMlVoZ0xFWG9JVHIzdEJZTkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATfKfAwQB
WJc4AwQAWNHTMA0GCSqGSIb3DQEBCwUAA4IBAQB3NXKyFRSAUlwD1YAFU5f4tO99
ZVEbXhVYQvIFUdipv2GGRhXrMxS+/4hxCV7Z6Fva7ZylrAPnIXk183CQ+oJhsRqO
uS9URLQ1pqqVcFzg1f/X9cVUxVDZXCnpknQsxWtdGHv54Y/IccqUEo2Fk4ITDEMO
rG6OUfR4qO/krrNq20ITbkrisrYIMrTTZEDU565B7JtY5JH+hq6wH/NWCez3vHLs
bs1MiTUQhnLFfYLCS07m4Fux5cWXPJRByDrWG7ShYHZOEdOtH23GiJCrdSRvPCN1
CcFK23Q34cJ8YD0UgoAH4d9DS4LPh7g+gWdLqiTDH1PNdI4iIvdk3NptUZ+w
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:51 2023 by rpki-client on console-ams.rpki-client.org