Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/H8ikgBay20MwgB3hHj1TC1iKk98.roa
File: H8ikgBay20MwgB3hHj1TC1iKk98.roa (raw, json)
Hash identifier: g2hhJ0+h0amXH3nuCFDfpDaRM5mhcZ+MQD5IoQ7ecdY=
Subject key identifier: 1F:C8:A4:80:16:B2:DB:43:30:80:1D:E1:1E:3D:53:0B:58:8A:93:DF
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01910DCDEC03513B3663A79ED645C8304B09
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/H8ikgBay20MwgB3hHj1TC1iKk98.roa
Signing time: Thu 01 Aug 2024 11:58:04 +0000
ROA not before: Thu 01 Aug 2024 11:58:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Aug 2024 06:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0d:cd:ec:03:51:3b:36:63:a7:9e:d6:45:c8:30:4b:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 1 11:58:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fc8a48016b2db4330801de11e3d530b588a93df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e2:c6:1b:f1:25:f0:5c:8c:e6:ef:fe:68:9d:
9c:d0:bd:c0:f6:27:dd:d4:36:ad:21:ac:80:ad:5a:
06:9c:67:09:85:35:c8:ed:b5:dd:de:d2:73:12:45:
e9:79:98:c2:b1:53:07:c7:92:ce:10:0d:8a:b3:99:
81:17:24:e1:73:f0:d9:73:9f:c4:f6:c2:4f:8f:5e:
65:3b:d0:17:4a:c6:a1:e8:b1:25:51:c0:26:cc:ee:
5c:79:f3:b3:15:63:1b:54:42:10:1a:bc:a3:43:23:
b1:8c:ac:28:c2:ec:50:9d:be:6b:76:6d:25:ed:a1:
1a:e4:d6:07:d3:ae:70:d3:d2:4a:da:57:ee:2c:70:
d2:f3:f3:4f:6b:5b:aa:57:5e:23:74:25:18:1f:c1:
0a:66:a0:d6:5a:9f:72:84:17:08:de:f9:e9:93:4a:
72:a7:33:23:7e:4d:b6:1e:a0:4d:dc:f4:ca:d0:8b:
03:72:c5:29:58:f3:d2:bb:e8:c2:00:e3:89:1c:16:
c4:68:f1:e0:7b:af:33:49:73:f0:dc:a3:7b:39:10:
79:ff:55:1c:b2:d1:6c:b5:1e:25:dc:07:a4:83:89:
ee:09:e5:79:35:5d:0a:af:a1:8e:a3:eb:b6:fc:46:
f9:72:8e:d2:42:b6:0f:b3:18:e3:42:88:d0:b7:d1:
f9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C8:A4:80:16:B2:DB:43:30:80:1D:E1:1E:3D:53:0B:58:8A:93:DF
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/H8ikgBay20MwgB3hHj1TC1iKk98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.211.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:0f:d2:a5:6d:1f:70:f8:89:f5:88:20:18:09:89:3d:3c:12:
28:5b:42:6e:ad:87:de:bb:4a:6d:ba:0b:0f:1e:f0:93:6f:43:
42:95:0d:fb:83:b3:ce:52:d9:79:d5:97:14:3b:7f:c0:1d:e4:
22:af:6c:1e:3b:90:b6:43:13:32:17:01:c1:76:bb:7a:9f:f6:
1b:eb:11:21:20:cc:0a:d4:db:6a:09:2e:a4:24:85:c7:79:b0:
49:3d:e6:ff:2c:3f:0d:8b:66:7b:14:17:dd:c1:25:f5:96:c8:
38:70:84:1c:1c:7f:a4:e5:6a:a6:3c:51:80:ce:64:af:47:ac:
35:da:86:0b:98:8a:9b:41:9b:66:d7:3b:56:d9:ec:ce:7b:4b:
72:cc:a8:7e:d0:fc:7d:8e:4a:ac:62:dd:9d:47:ab:43:6f:37:
6a:c3:1e:35:3d:5a:b6:82:fd:5d:b0:ba:fc:23:7c:95:a3:46:
34:27:d0:bf:22:95:7f:9d:7d:23:69:be:96:b0:36:86:51:d4:
5e:e0:41:45:8e:f2:fb:67:a8:7b:6e:be:aa:d3:e5:d9:22:f3:
7a:46:9d:1e:71:eb:aa:02:4a:da:26:59:9d:db:87:09:23:ee:
7b:1b:d1:05:1b:bf:9a:ab:f6:ef:ee:3e:37:c3:a7:ed:f5:5b:
62:b1:0b:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZENzewDUTs2Y6ee1kXIMEsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwODAxMTE1ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmM4YTQ4MDE2YjJkYjQzMzA4MDFkZTExZTNkNTMwYjU4OGE5M2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+LGG/El8FyM5u/+aJ2c0L3A9ifd
1DatIayArVoGnGcJhTXI7bXd3tJzEkXpeZjCsVMHx5LOEA2Ks5mBFyThc/DZc5/E
9sJPj15lO9AXSsah6LElUcAmzO5cefOzFWMbVEIQGryjQyOxjKwowuxQnb5rdm0l
7aEa5NYH065w09JK2lfuLHDS8/NPa1uqV14jdCUYH8EKZqDWWp9yhBcI3vnpk0py
pzMjfk22HqBN3PTK0IsDcsUpWPPSu+jCAOOJHBbEaPHge68zSXPw3KN7ORB5/1Uc
stFstR4l3Aekg4nuCeV5NV0Kr6GOo+u2/Eb5co7SQrYPsxjjQojQt9H5mQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB/IpIAWsttDMIAd4R49UwtYipPfMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSDhpa2dCYXkyME13Z0IzaEhqMVRDMWlLazk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWJc4AwQA
WNHTAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQBMD9KlbR9w+In1iCAYCYk9PBIo
W0JurYfeu0ptugsPHvCTb0NClQ37g7POUtl51ZcUO3/AHeQir2weO5C2QxMyFwHB
drt6n/Yb6xEhIMwK1NtqCS6kJIXHebBJPeb/LD8Ni2Z7FBfdwSX1lsg4cIQcHH+k
5WqmPFGAzmSvR6w12oYLmIqbQZtm1ztW2ezOe0tyzKh+0Px9jkqsYt2dR6tDbzdq
wx41PVq2gv1dsLr8I3yVo0Y0J9C/IpV/nX0jab6WsDaGUdRe4EFFjvL7Z6h7br6q
0+XZIvN6Rp0eceuqAkraJlmd24cJI+57G9EFG7+aq/bv7j43w6ft9VtisQvr
-----END CERTIFICATE-----
Generated at Fri Aug 2 08:13:31 2024 by rpki-client on console-fra.rpki-client.org