Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Dniruppbut0DMROY8Upw7yWdob8.roa
File: Dniruppbut0DMROY8Upw7yWdob8.roa (raw, json)
Hash identifier: zX85wMrCQ9fMAQPFOPpJpvSeCe/AxIF3JGPimD1oIKs=
Subject key identifier: 0E:78:AB:BA:9A:5B:BA:DD:03:31:13:98:F1:4A:70:EF:25:9D:A1:BF
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019421B94C0219A0286FFD5C17F449A4164E
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Dniruppbut0DMROY8Upw7yWdob8.roa
Signing time: Wed 01 Jan 2025 11:56:19 +0000
ROA not before: Wed 01 Jan 2025 11:56:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213730
IP address blocks: 88.209.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b9:4c:02:19:a0:28:6f:fd:5c:17:f4:49:a4:16:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 11:56:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e78abba9a5bbadd03311398f14a70ef259da1bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:de:3c:10:6e:37:68:43:81:46:d6:27:fd:c2:
c6:67:eb:ef:f2:2a:d3:3c:88:99:a9:ba:7f:5f:86:
6c:4b:72:3c:ed:03:e9:a8:5a:1b:ec:d9:d0:0b:a0:
85:84:0c:a4:6b:a9:77:a8:69:94:fa:82:23:0f:39:
48:33:db:1f:26:62:8d:9c:ca:6c:0b:3f:aa:1e:a8:
86:31:a0:04:b0:8b:b2:62:14:8f:93:34:ce:c2:a6:
89:f2:87:d5:80:4a:6e:b6:76:6b:47:84:13:fe:87:
3e:60:68:ae:6a:b8:03:aa:0f:0d:2c:5c:73:37:58:
d1:ef:ee:b5:c8:1a:fb:fc:15:0f:7e:35:ef:7d:38:
f4:29:70:6f:9b:5a:7d:0d:38:e6:9a:cf:58:f4:c6:
21:fb:e5:f8:53:a2:99:dd:4c:61:c0:70:2c:ce:3f:
55:7c:83:98:a4:c4:ff:f0:6c:ef:78:76:f0:9f:40:
6f:26:ab:26:16:8a:c0:91:63:53:4d:ce:20:5e:4c:
9f:2a:a6:27:c4:1a:2a:09:a5:57:a1:8c:d8:aa:b5:
5f:fc:97:4d:ed:f2:b2:3e:34:bf:d7:0d:34:03:c2:
69:95:42:90:9c:b0:23:b4:20:7e:cb:d0:75:e6:d6:
c0:99:72:5f:fa:fa:b8:26:e3:12:89:73:54:00:3f:
8d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:78:AB:BA:9A:5B:BA:DD:03:31:13:98:F1:4A:70:EF:25:9D:A1:BF
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Dniruppbut0DMROY8Upw7yWdob8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.244.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:a0:aa:37:ad:37:28:52:43:0b:30:d1:30:39:ca:03:ee:d0:
a5:8a:97:bd:1d:5a:11:b0:2b:1b:20:b8:19:6c:0d:61:f7:3e:
8e:6f:26:8e:c4:f6:70:71:10:09:be:18:32:46:3a:33:36:57:
54:a8:71:97:3f:36:3f:c5:3b:be:51:3a:33:a0:9e:1f:84:7d:
9b:7d:83:8c:dd:7f:5d:07:01:02:47:15:d5:b1:9e:36:6a:52:
2f:96:7d:7d:75:48:41:a3:15:37:a4:cb:7c:b4:2f:15:53:11:
3a:63:bb:44:0b:88:15:9e:e8:4a:88:99:c8:06:d0:a5:c2:c0:
bc:1c:f3:f7:d7:47:02:5e:9a:bb:d4:d4:bc:1f:db:af:e1:d2:
39:94:03:6c:e1:e7:0c:6f:06:2c:f3:a4:c7:47:97:4f:b4:f7:
a4:c5:76:f1:d8:f8:cc:cc:90:b0:5b:7a:b0:6a:ea:d6:15:a0:
43:24:05:9c:cd:32:fa:08:91:55:ce:b3:ed:46:68:5e:65:ad:
a3:f6:a4:60:75:5c:55:1e:38:d5:19:b6:97:d8:37:b8:c7:1b:
09:f8:50:5e:1d:d7:0e:c1:fe:c9:cc:68:72:94:d8:b1:6f:6f:
6d:cc:f3:fe:0e:c5:15:68:dc:50:74:cd:eb:3c:bf:f1:3a:a1:
e2:24:fc:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhuUwCGaAob/1cF/RJpBZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMTAxMTE1NjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTc4YWJiYTlhNWJiYWRkMDMzMTEzOThmMTRhNzBlZjI1OWRhMWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiN48EG43aEOBRtYn/cLGZ+vv8irT
PIiZqbp/X4ZsS3I87QPpqFob7NnQC6CFhAyka6l3qGmU+oIjDzlIM9sfJmKNnMps
Cz+qHqiGMaAEsIuyYhSPkzTOwqaJ8ofVgEputnZrR4QT/oc+YGiuargDqg8NLFxz
N1jR7+61yBr7/BUPfjXvfTj0KXBvm1p9DTjmms9Y9MYh++X4U6KZ3UxhwHAszj9V
fIOYpMT/8GzveHbwn0BvJqsmForAkWNTTc4gXkyfKqYnxBoqCaVXoYzYqrVf/JdN
7fKyPjS/1w00A8JplUKQnLAjtCB+y9B15tbAmXJf+vq4JuMSiXNUAD+NHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA54q7qaW7rdAzETmPFKcO8lnaG/MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvRG5pcnVwcGJ1dDBETVJPWThVcHc3eVdkb2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNH0MA0G
CSqGSIb3DQEBCwUAA4IBAQC3oKo3rTcoUkMLMNEwOcoD7tClipe9HVoRsCsbILgZ
bA1h9z6ObyaOxPZwcRAJvhgyRjozNldUqHGXPzY/xTu+UTozoJ4fhH2bfYOM3X9d
BwECRxXVsZ42alIvln19dUhBoxU3pMt8tC8VUxE6Y7tEC4gVnuhKiJnIBtClwsC8
HPP310cCXpq71NS8H9uv4dI5lANs4ecMbwYs86THR5dPtPekxXbx2PjMzJCwW3qw
aurWFaBDJAWczTL6CJFVzrPtRmheZa2j9qRgdVxVHjjVGbaX2De4xxsJ+FBeHdcO
wf7JzGhylNixb29tzPP+DsUVaNxQdM3rPL/xOqHiJPyo
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:10:00 2025 by rpki-client