Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/EhBcrY2fxCCsLk9z1EaQ2lfwTbw.roa
File: EhBcrY2fxCCsLk9z1EaQ2lfwTbw.roa (raw, json)
Hash identifier: qgOdEwFOcYXoQdBNr//1VExQPen+ldtxM0bgDQr2P04=
Subject key identifier: 12:10:5C:AD:8D:9F:C4:20:AC:2E:4F:73:D4:46:90:DA:57:F0:4D:BC
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188A0C3E3245CF10725F87BEE1DA53BA64F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/EhBcrY2fxCCsLk9z1EaQ2lfwTbw.roa
Signing time: Fri 09 Jun 2023 15:26:12 +0000
ROA not before: Fri 09 Jun 2023 15:26:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
77.242.159.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 06:11:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:c3:e3:24:5c:f1:07:25:f8:7b:ee:1d:a5:3b:a6:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 9 15:26:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12105cad8d9fc420ac2e4f73d44690da57f04dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b5:17:0e:78:95:3a:a4:5d:93:50:a7:d3:fe:
fb:27:43:6e:0d:cd:ac:b8:86:3b:af:44:ac:df:1f:
5a:3f:fa:02:1b:e6:6f:a7:fa:e5:01:af:6b:04:b9:
61:b2:39:81:a3:f2:6c:36:9f:12:fe:92:82:a0:88:
a6:43:ca:93:7f:eb:35:6c:d7:83:78:b4:84:05:58:
a3:77:c2:26:09:e9:0d:a2:32:49:cf:f2:5c:14:10:
0a:73:fd:77:54:1e:49:dc:d2:05:f2:12:57:70:cb:
25:20:d0:f0:52:7d:fe:9e:ed:3c:a1:45:06:81:da:
eb:2f:57:1a:1c:23:d9:bb:9a:58:46:68:4f:f8:2d:
0b:da:09:6a:b2:a9:94:e0:c9:d0:d5:c4:ff:76:fb:
fa:b8:56:3c:fa:9f:96:bc:0e:8c:d8:20:3f:20:cd:
8c:60:a9:95:57:d0:04:d1:a8:32:7f:91:4b:3c:b3:
b3:b6:c9:a2:39:1a:e2:ea:e6:65:0b:36:c7:05:cd:
f2:27:ff:de:4d:dd:33:ad:94:7c:0e:f3:42:0f:b4:
c0:9b:2c:6e:c4:12:4c:e6:7f:3f:51:e7:cf:fe:7a:
bc:54:f7:fa:1a:b7:6a:40:df:f8:a5:ad:4f:a0:6a:
bd:1f:ff:b9:b7:5c:a7:60:37:f9:a8:d5:0d:ee:2a:
d3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:10:5C:AD:8D:9F:C4:20:AC:2E:4F:73:D4:46:90:DA:57:F0:4D:BC
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/EhBcrY2fxCCsLk9z1EaQ2lfwTbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.159.0/24
88.151.56.0/23
88.209.211.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:4d:8d:a3:41:62:d8:ee:be:7d:42:2f:15:d1:09:d9:3f:38:
2d:0c:f7:c9:e9:68:5d:54:2c:66:55:40:c5:2c:ad:fa:c3:19:
c2:68:3b:72:0e:32:06:ad:41:b3:d0:e3:8f:cf:d1:2b:3c:7d:
fd:d9:34:c4:5e:3a:60:1e:ff:99:94:8f:f7:50:4e:5b:6f:8e:
d1:ae:b5:5f:3e:7e:51:11:9d:2c:44:56:45:bb:db:d3:5d:f7:
ae:17:16:99:83:e1:2e:ab:97:d4:c6:a2:e8:30:de:f2:c4:0c:
d5:8f:b4:e7:2b:21:10:3d:08:61:9e:99:bc:9b:54:f9:7e:1d:
20:0e:8a:b4:a4:17:f8:e7:0d:c3:4e:bf:f1:37:ee:81:cf:b0:
9e:8d:d7:12:30:36:6e:09:a4:aa:a7:ae:bb:2c:2c:e3:24:cb:
d8:23:af:5e:82:70:d9:10:64:4d:35:5f:c5:0b:13:b9:c5:8e:
92:2c:9b:c3:78:07:14:77:e5:d4:80:14:30:ae:9e:1d:b6:ab:
e0:fc:aa:87:0e:95:ba:af:94:e3:20:a8:1d:fe:58:4b:87:14:
c4:c2:00:21:c5:2d:1d:63:55:72:2b:e6:4c:a5:41:e8:5d:3b:
08:75:35:0a:2e:53:d0:03:fe:66:a3:24:95:91:b9:6d:06:4f:
68:f6:b1:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYigw+MkXPEHJfh77h2lO6ZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjA5MTUyNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjEwNWNhZDhkOWZjNDIwYWMyZTRmNzNkNDQ2OTBkYTU3ZjA0ZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7UXDniVOqRdk1Cn0/77J0NuDc2s
uIY7r0Ss3x9aP/oCG+Zvp/rlAa9rBLlhsjmBo/JsNp8S/pKCoIimQ8qTf+s1bNeD
eLSEBVijd8ImCekNojJJz/JcFBAKc/13VB5J3NIF8hJXcMslINDwUn3+nu08oUUG
gdrrL1caHCPZu5pYRmhP+C0L2glqsqmU4MnQ1cT/dvv6uFY8+p+WvA6M2CA/IM2M
YKmVV9AE0agyf5FLPLOztsmiORri6uZlCzbHBc3yJ//eTd0zrZR8DvNCD7TAmyxu
xBJM5n8/UefP/nq8VPf6GrdqQN/4pa1PoGq9H/+5t1ynYDf5qNUN7irTOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBIQXK2Nn8QgrC5Pc9RGkNpX8E28MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvRWhCY3JZMmZ4Q0NzTGs5ejFFYVEybGZ3VGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATfKfAwQB
WJc4AwQAWNHTMA0GCSqGSIb3DQEBCwUAA4IBAQCkTY2jQWLY7r59Qi8V0QnZPzgt
DPfJ6WhdVCxmVUDFLK36wxnCaDtyDjIGrUGz0OOPz9ErPH392TTEXjpgHv+ZlI/3
UE5bb47RrrVfPn5REZ0sRFZFu9vTXfeuFxaZg+Euq5fUxqLoMN7yxAzVj7TnKyEQ
PQhhnpm8m1T5fh0gDoq0pBf45w3DTr/xN+6Bz7CejdcSMDZuCaSqp667LCzjJMvY
I69egnDZEGRNNV/FCxO5xY6SLJvDeAcUd+XUgBQwrp4dtqvg/KqHDpW6r5TjIKgd
/lhLhxTEwgAhxS0dY1VyK+ZMpUHoXTsIdTUKLlPQA/5moySVkbltBk9o9rHh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org