Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/FwxIemxP7TuKEWiy926OwxkMVbQ.roa
File: FwxIemxP7TuKEWiy926OwxkMVbQ.roa (raw, json)
Hash identifier: wEtib4A4rofBXapgkqXaVyQ42AXa6EkhiAyw1aLZtHc=
Subject key identifier: 17:0C:48:7A:6C:4F:ED:3B:8A:11:68:B2:F7:6E:8E:C3:19:0C:55:B4
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0191C0CD427E5374B5EF502EE1D9C9097745
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/FwxIemxP7TuKEWiy926OwxkMVbQ.roa
Signing time: Thu 05 Sep 2024 06:09:22 +0000
ROA not before: Thu 05 Sep 2024 06:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.195.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 08:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c0:cd:42:7e:53:74:b5:ef:50:2e:e1:d9:c9:09:77:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 5 06:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=170c487a6c4fed3b8a1168b2f76e8ec3190c55b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:38:cc:f3:54:53:29:a8:cd:ba:56:3d:31:17:
cd:62:af:24:20:dc:57:9e:3b:cc:b2:75:02:e7:0e:
b5:a1:d2:90:fc:fd:1d:49:83:6c:28:60:98:e9:b0:
36:c5:c1:83:ec:cf:2f:79:e5:20:32:c8:98:7d:6d:
7d:1e:f8:7e:a5:96:b4:61:a6:d8:7b:73:c4:56:ab:
12:44:b2:20:10:96:86:3d:4c:63:b1:c0:be:34:a9:
96:1c:27:bd:2d:d2:a9:95:93:3f:02:51:eb:89:06:
bb:ca:69:51:04:d4:b7:9c:0d:92:dd:c3:c8:74:43:
23:1a:05:ca:87:2c:da:84:83:a9:b9:1c:7d:76:82:
33:50:39:92:f9:c0:2e:70:d3:4e:90:85:79:c6:a2:
04:3c:12:8e:ea:a4:d6:f5:da:d6:bb:47:79:58:1b:
df:c0:fe:32:ff:d2:d0:81:4c:18:bd:e0:9b:30:a1:
90:51:b9:ab:fb:72:08:85:be:14:b5:3a:2d:dd:7a:
66:3c:95:3e:25:93:72:6c:c4:f7:e7:a0:9c:23:df:
0a:f3:28:43:01:8f:e2:ae:17:ef:c6:98:f0:de:22:
15:ad:d8:3a:a8:d7:51:1e:0a:42:ef:fb:c9:72:0e:
11:03:11:b1:88:00:ba:c2:e5:17:fe:7f:e3:87:34:
2b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:0C:48:7A:6C:4F:ED:3B:8A:11:68:B2:F7:6E:8E:C3:19:0C:55:B4
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/FwxIemxP7TuKEWiy926OwxkMVbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.195.0/24
88.209.211.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:eb:04:81:69:bd:39:cc:f0:e1:f3:d6:e9:e5:fc:93:55:6c:
51:ad:f5:9f:9c:f7:e0:cc:d8:55:00:f2:5a:27:8f:32:eb:1d:
5f:48:ab:8c:c8:49:5d:03:8a:8f:51:18:6d:0c:93:ab:8f:3c:
8f:6b:8d:e8:11:19:5e:59:f7:29:b6:e6:f1:84:51:98:39:00:
c9:a1:ca:32:32:a4:74:95:da:63:66:c7:98:c2:f8:b7:92:91:
d8:53:1c:45:ac:10:a6:25:65:e9:c8:dd:c5:8d:74:fc:ff:76:
3e:32:2d:d4:0f:9f:6e:05:af:74:93:83:54:c6:fe:86:d0:e3:
a4:9e:80:86:30:02:d9:fd:de:4b:2c:cd:d7:b5:14:cc:12:46:
b4:07:7b:f1:54:a2:b1:dc:c8:b3:19:0c:3b:04:b4:60:3e:63:
d3:3d:b2:76:96:a8:26:dc:35:ab:15:d0:55:f1:5a:24:69:d1:
03:20:ce:90:d2:f4:d7:9b:27:49:45:96:f9:c1:ea:85:56:44:
59:82:8d:a3:7a:d4:4c:17:2d:49:2d:3d:1e:1d:4e:32:42:ae:
c6:dd:41:4e:dc:69:13:b3:30:76:df:e9:01:9f:4a:6e:0e:4b:
24:d1:52:ad:04:2e:1b:c3:0f:1e:77:26:e3:1c:2c:9a:d2:5e:
1e:2a:e7:40
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHAzUJ+U3S171Au4dnJCXdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwOTA1MDYwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzBjNDg3YTZjNGZlZDNiOGExMTY4YjJmNzZlOGVjMzE5MGM1NWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDjM81RTKajNulY9MRfNYq8kINxX
njvMsnUC5w61odKQ/P0dSYNsKGCY6bA2xcGD7M8veeUgMsiYfW19Hvh+pZa0YabY
e3PEVqsSRLIgEJaGPUxjscC+NKmWHCe9LdKplZM/AlHriQa7ymlRBNS3nA2S3cPI
dEMjGgXKhyzahIOpuRx9doIzUDmS+cAucNNOkIV5xqIEPBKO6qTW9drWu0d5WBvf
wP4y/9LQgUwYveCbMKGQUbmr+3IIhb4UtTot3XpmPJU+JZNybMT356CcI98K8yhD
AY/irhfvxpjw3iIVrdg6qNdRHgpC7/vJcg4RAxGxiAC6wuUX/n/jhzQr9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBcMSHpsT+07ihFosvdujsMZDFW0MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvRnd4SWVteFA3VHVLRVdpeTkyNk93eGtNVmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWJc4AwQA
WNHDAwQAWNHTAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQC86wSBab05zPDh89bp
5fyTVWxRrfWfnPfgzNhVAPJaJ48y6x1fSKuMyEldA4qPURhtDJOrjzyPa43oERle
WfcptubxhFGYOQDJocoyMqR0ldpjZseYwvi3kpHYUxxFrBCmJWXpyN3FjXT8/3Y+
Mi3UD59uBa90k4NUxv6G0OOknoCGMALZ/d5LLM3XtRTMEka0B3vxVKKx3MizGQw7
BLRgPmPTPbJ2lqgm3DWrFdBV8VokadEDIM6Q0vTXmydJRZb5weqFVkRZgo2jetRM
Fy1JLT0eHU4yQq7G3UFO3GkTszB23+kBn0puDksk0VKtBC4bww8edybjHCya0l4e
KudA
-----END CERTIFICATE-----
Generated at Tue Sep 17 10:55:44 2024 by rpki-client on console-ams.rpki-client.org