Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/N_jJVq6xBQ4litGagtnEs7-f880.roa
File: N_jJVq6xBQ4litGagtnEs7-f880.roa (raw, json)
Hash identifier: 5ihP31fTIFuyF4tsw+Xeq1NRcIp/EcLbP8Q6NXbg0VY=
Subject key identifier: 37:F8:C9:56:AE:B1:05:0E:25:8A:D1:9A:82:D9:C4:B3:BF:9F:F3:CD
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188B35AAABFA97A302FFFE114CC0F450396
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/N_jJVq6xBQ4litGagtnEs7-f880.roa
Signing time: Tue 13 Jun 2023 06:04:03 +0000
ROA not before: Tue 13 Jun 2023 06:04:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 88.209.245.0/24 maxlen: 24
88.151.56.0/24 maxlen: 24
2.58.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Jun 2023 07:06:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b3:5a:aa:bf:a9:7a:30:2f:ff:e1:14:cc:0f:45:03:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 13 06:04:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37f8c956aeb1050e258ad19a82d9c4b3bf9ff3cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0a:e0:bc:c0:7b:e2:c7:a3:28:20:ec:6b:65:
23:b1:c4:cc:72:19:67:d2:c6:e3:07:1a:b3:2a:08:
c0:9c:3c:73:be:2a:7e:a2:99:ae:19:e3:ee:fa:26:
43:3f:b1:67:f5:65:a3:bc:c6:ae:4b:8c:b9:d9:b1:
d5:7d:69:05:df:2f:fd:e4:5f:69:5b:43:15:bf:fa:
56:42:56:21:36:96:8c:e8:16:04:49:aa:f1:cb:4f:
a2:08:e6:30:be:ba:c3:9e:13:1a:90:f0:89:48:91:
03:87:af:1d:f1:46:50:d5:01:ab:76:d9:10:9d:59:
f1:03:ac:eb:04:a5:f0:b1:38:e8:ad:a3:17:8b:9b:
d4:d3:7e:e2:67:0a:0b:34:bb:ae:b5:dc:f2:13:46:
e2:dc:a3:16:80:38:05:95:ba:fe:45:8e:eb:f7:ea:
84:84:38:09:0f:1d:c9:27:74:ed:0a:55:46:62:a3:
84:87:d3:05:78:d2:54:51:f3:1a:76:ad:2c:39:c4:
a8:c7:9e:51:9e:de:04:5b:d4:9b:a7:33:ba:94:a0:
9b:cd:01:f5:6b:02:13:5a:55:76:53:42:ac:3b:a9:
22:97:c5:70:91:be:99:b3:3e:5c:4c:79:9f:15:1a:
5d:aa:a1:98:b4:d1:b2:76:57:53:d7:c9:96:a7:ee:
be:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F8:C9:56:AE:B1:05:0E:25:8A:D1:9A:82:D9:C4:B3:BF:9F:F3:CD
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/N_jJVq6xBQ4litGagtnEs7-f880.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.170.0/24
88.151.56.0/24
88.209.245.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:f5:f3:f8:f5:37:49:ed:80:00:82:0c:d9:23:f4:3b:3c:01:
4d:81:09:e9:fc:09:f6:ab:f7:fc:39:ad:08:5c:d0:f6:20:bb:
6d:e1:ca:19:8b:3e:9f:6f:a3:2e:58:96:0a:c3:58:8d:80:ab:
ac:d8:7b:2d:90:e0:b5:79:0d:17:12:3b:db:54:fb:f4:6b:aa:
75:7f:d4:a8:da:99:09:d5:c4:c6:b9:1f:76:39:5b:b6:37:70:
eb:88:ee:6b:de:7e:25:cc:cc:d9:80:85:6f:d1:16:81:c8:ba:
b7:7a:17:ad:4f:78:7b:08:a5:e2:86:5b:f9:c6:96:35:31:54:
ff:56:6c:2d:61:98:13:d2:3a:4a:65:b0:57:92:48:75:5d:10:
4f:02:c8:b7:52:0c:73:fb:bb:59:3a:44:a7:50:b0:fd:4b:4a:
14:6e:89:7c:13:11:c6:60:24:d6:3d:2c:98:45:fb:90:a2:40:
2b:fc:c3:dc:78:43:6e:2c:d7:5b:0d:fc:0f:af:35:94:a2:dd:
1e:36:5b:82:61:40:45:3d:00:c3:f9:89:01:6a:5a:7e:fd:a9:
50:14:95:11:8b:4f:42:a2:08:b7:7e:c9:18:e2:22:6b:a2:15:
d7:05:b3:82:63:03:23:0d:ae:e5:b6:36:69:e2:ea:14:f3:e5:
89:f9:94:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYizWqq/qXowL//hFMwPRQOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjEzMDYwNDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Y4Yzk1NmFlYjEwNTBlMjU4YWQxOWE4MmQ5YzRiM2JmOWZmM2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmArgvMB74sejKCDsa2UjscTMchln
0sbjBxqzKgjAnDxzvip+opmuGePu+iZDP7Fn9WWjvMauS4y52bHVfWkF3y/95F9p
W0MVv/pWQlYhNpaM6BYESarxy0+iCOYwvrrDnhMakPCJSJEDh68d8UZQ1QGrdtkQ
nVnxA6zrBKXwsTjoraMXi5vU037iZwoLNLuutdzyE0bi3KMWgDgFlbr+RY7r9+qE
hDgJDx3JJ3TtClVGYqOEh9MFeNJUUfMadq0sOcSox55Rnt4EW9SbpzO6lKCbzQH1
awITWlV2U0KsO6kil8Vwkb6Zsz5cTHmfFRpdqqGYtNGydldT18mWp+6+jwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDf4yVausQUOJYrRmoLZxLO/n/PNMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvTl9qSlZxNnhCUTRsaXRHYWd0bkVzNy1mODgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjqqAwQA
WJc4AwQAWNH1MA0GCSqGSIb3DQEBCwUAA4IBAQCj9fP49TdJ7YAAggzZI/Q7PAFN
gQnp/An2q/f8Oa0IXND2ILtt4coZiz6fb6MuWJYKw1iNgKus2HstkOC1eQ0XEjvb
VPv0a6p1f9So2pkJ1cTGuR92OVu2N3DriO5r3n4lzMzZgIVv0RaByLq3ehetT3h7
CKXihlv5xpY1MVT/VmwtYZgT0jpKZbBXkkh1XRBPAsi3Ugxz+7tZOkSnULD9S0oU
bol8ExHGYCTWPSyYRfuQokAr/MPceENuLNdbDfwPrzWUot0eNluCYUBFPQDD+YkB
alp+/alQFJURi09Cogi3fskY4iJrohXXBbOCYwMjDa7ltjZp4uoU8+WJ+ZQo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org