Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/IvqsAIBBj07i3JJn3tFJy5O3Qd4.roa
File: IvqsAIBBj07i3JJn3tFJy5O3Qd4.roa (raw, json)
Hash identifier: DO+tlvpL8onKJ4on747nVal969HMuenznvUEHjdSpnk=
Subject key identifier: 22:FA:AC:00:80:41:8F:4E:E2:DC:92:67:DE:D1:49:CB:93:B7:41:DE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01928B481D3FDF5367BBB53F9AC2344FA728
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/IvqsAIBBj07i3JJn3tFJy5O3Qd4.roa
Signing time: Mon 14 Oct 2024 13:46:52 +0000
ROA not before: Mon 14 Oct 2024 13:46:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.232.0/22 maxlen: 24
92.52.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 14:18:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8b:48:1d:3f:df:53:67:bb:b5:3f:9a:c2:34:4f:a7:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 14 13:46:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22faac0080418f4ee2dc9267ded149cb93b741de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fe:ec:55:9c:8a:8c:38:f6:71:50:af:6c:1b:
df:eb:63:50:7e:9e:2f:54:a9:12:f6:3b:9d:b9:6e:
cd:32:e3:7c:fb:67:5c:4c:e1:87:a6:ca:89:5e:17:
c7:ce:dd:8a:87:21:b5:46:60:28:26:a0:8d:03:1f:
87:26:b2:dc:56:b1:f7:d1:53:ec:52:bf:c2:5a:80:
d8:d5:37:70:1b:27:03:99:51:02:f6:bb:6e:fe:a1:
0e:a3:69:0a:cc:4e:f7:8e:11:3a:cb:65:79:d8:c2:
08:97:12:e7:97:f1:d0:d5:38:bf:42:5b:d7:ac:9c:
2e:a8:6c:c4:4d:2c:46:3d:0d:70:f3:a3:37:c0:6f:
47:8b:bd:7b:a3:f7:d8:37:8d:00:28:ad:64:6c:60:
5c:ca:8f:ad:b3:c6:7d:ed:fc:73:91:e9:ad:62:10:
78:bc:eb:07:c1:cd:91:c6:c8:55:8f:39:7e:f6:d9:
32:11:93:05:9a:5e:7b:da:aa:7e:3d:c2:b1:72:17:
13:8e:06:f8:5f:f7:09:67:c8:1a:b0:98:5b:1e:4d:
8d:1b:d5:fd:2b:69:6e:94:8b:de:75:2f:ad:9c:c1:
af:31:97:8f:48:ff:94:19:83:51:c5:87:5f:26:53:
5c:70:68:7b:af:c0:0e:5f:dd:61:0e:d7:be:20:90:
0e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:FA:AC:00:80:41:8F:4E:E2:DC:92:67:DE:D1:49:CB:93:B7:41:DE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/IvqsAIBBj07i3JJn3tFJy5O3Qd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.232.0/22
92.52.219.0/24
Signature Algorithm: sha256WithRSAEncryption
64:97:29:45:eb:28:f5:8e:3f:6d:40:ee:d8:ce:5d:7a:ab:3d:
96:a9:42:eb:53:60:72:33:0c:f8:48:dc:39:ad:0a:71:48:99:
a5:c4:93:a9:52:34:f8:8b:fe:cd:6a:91:6a:e9:9d:4f:2d:e3:
9d:f8:cc:0a:04:ab:22:68:b8:cc:27:50:38:e9:50:64:0d:9e:
de:29:12:f0:99:39:5b:0a:cf:d7:03:81:7a:40:39:4d:68:12:
71:a9:20:f9:94:48:96:0f:e9:25:0e:06:f0:12:82:87:33:05:
48:6c:e4:8e:42:ba:e8:f1:ec:e8:8a:4f:ec:67:7c:df:b0:40:
54:f4:95:67:df:d5:b2:cd:47:a6:99:da:a6:00:e0:86:f4:a2:
17:9e:a2:a5:dc:85:89:41:fa:39:82:34:fb:7c:cb:6c:08:df:
e7:78:c4:f4:fe:06:57:56:92:77:86:28:4f:ba:42:07:5b:81:
e8:c3:b7:b2:ea:5b:5b:4e:c6:31:ea:fa:e3:cb:34:6c:96:a8:
0c:d5:ba:52:cb:50:b2:eb:8a:f5:ee:fc:33:f6:95:f7:f8:2b:
c8:83:ed:da:a2:d2:7e:48:a5:ad:0c:39:a9:1b:a4:a7:01:bd:
52:22:46:b4:cd:a0:d1:35:79:c1:c0:35:a0:8d:77:65:4d:aa:
ea:28:48:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKLSB0/31Nnu7U/msI0T6coMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQxMDE0MTM0NjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmZhYWMwMDgwNDE4ZjRlZTJkYzkyNjdkZWQxNDljYjkzYjc0MWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv7sVZyKjDj2cVCvbBvf62NQfp4v
VKkS9juduW7NMuN8+2dcTOGHpsqJXhfHzt2KhyG1RmAoJqCNAx+HJrLcVrH30VPs
Ur/CWoDY1TdwGycDmVEC9rtu/qEOo2kKzE73jhE6y2V52MIIlxLnl/HQ1Ti/QlvX
rJwuqGzETSxGPQ1w86M3wG9Hi717o/fYN40AKK1kbGBcyo+ts8Z97fxzkemtYhB4
vOsHwc2RxshVjzl+9tkyEZMFml572qp+PcKxchcTjgb4X/cJZ8gasJhbHk2NG9X9
K2lulIvedS+tnMGvMZePSP+UGYNRxYdfJlNccGh7r8AOX91hDte+IJAOiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCL6rACAQY9O4tySZ97RScuTt0HeMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSXZxc0FJQkJqMDdpM0pKbjN0Rkp5NU8zUWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWJc4AwQC
WNHoAwQAXDTbMA0GCSqGSIb3DQEBCwUAA4IBAQBklylF6yj1jj9tQO7Yzl16qz2W
qULrU2ByMwz4SNw5rQpxSJmlxJOpUjT4i/7NapFq6Z1PLeOd+MwKBKsiaLjMJ1A4
6VBkDZ7eKRLwmTlbCs/XA4F6QDlNaBJxqSD5lEiWD+klDgbwEoKHMwVIbOSOQrro
8ezoik/sZ3zfsEBU9JVn39WyzUemmdqmAOCG9KIXnqKl3IWJQfo5gjT7fMtsCN/n
eMT0/gZXVpJ3hihPukIHW4How7ey6ltbTsYx6vrjyzRslqgM1bpSy1Cy64r17vwz
9pX3+CvIg+3aotJ+SKWtDDmpG6SnAb1SIka0zaDRNXnBwDWgjXdlTarqKEiS
-----END CERTIFICATE-----
Generated at Tue Oct 15 17:45:12 2024 by rpki-client on console-ams.rpki-client.org