Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/OQQ0hewkMk0lH6FLydR3qSU0E64.roa
File: OQQ0hewkMk0lH6FLydR3qSU0E64.roa (raw, json)
Hash identifier: rPkGvsrVrtlY7WSFAQie/SXo2NY1SuRv/qeLPiYQxT4=
Subject key identifier: 39:04:34:85:EC:24:32:4D:25:1F:A1:4B:C9:D4:77:A9:25:34:13:AE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01928A3EEA3D54CF1A276B993171EF7C5611
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/OQQ0hewkMk0lH6FLydR3qSU0E64.roa
Signing time: Mon 14 Oct 2024 08:57:11 +0000
ROA not before: Mon 14 Oct 2024 08:57:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.151.59.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
92.52.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 13:46:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:3e:ea:3d:54:cf:1a:27:6b:99:31:71:ef:7c:56:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 14 08:57:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39043485ec24324d251fa14bc9d477a9253413ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:7f:15:41:0b:4d:69:d9:59:be:02:57:db:e4:
5a:28:cc:82:06:d8:7f:7e:b4:d0:07:52:da:d8:3b:
9b:25:c9:03:64:c5:e6:3a:bd:ad:fd:ad:03:b3:a7:
f0:43:a6:2d:19:89:bf:a0:6c:ab:1f:3d:d3:3a:ca:
2d:97:51:2b:7d:a1:ca:f7:9f:53:eb:b5:5c:fe:cf:
fb:30:5e:fe:b9:98:78:be:88:b4:3d:e1:fd:20:78:
b1:f5:fe:44:30:27:28:f4:6c:41:71:0b:fe:75:b8:
30:b4:dd:f9:4d:2e:5a:70:1b:d1:6c:5e:5b:3f:d6:
67:2b:90:57:68:73:c7:3d:0a:18:93:1b:00:a2:e3:
8c:12:b1:22:cb:97:c9:af:47:29:e5:48:93:97:c0:
20:a2:e4:65:64:4d:74:64:68:7d:97:45:2c:7b:71:
e2:22:c3:8e:f5:ac:10:4f:7d:b8:7b:19:63:7f:31:
26:97:28:1d:80:b2:67:6e:9a:37:bb:3a:c5:03:67:
93:6f:96:8d:d1:c6:89:30:36:27:03:44:4a:54:d9:
ec:78:88:40:42:4b:33:a6:4a:da:36:1f:a6:ab:71:
9c:be:b9:58:08:b5:b6:8c:92:7c:a6:cd:9b:2b:ea:
06:65:d0:cd:cc:43:f4:d6:63:5f:b4:39:4e:06:d8:
fc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:04:34:85:EC:24:32:4D:25:1F:A1:4B:C9:D4:77:A9:25:34:13:AE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/OQQ0hewkMk0lH6FLydR3qSU0E64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.151.59.0/24
88.209.232.0/22
92.52.219.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:90:da:57:9c:b7:c8:b4:c9:17:08:6a:f9:a1:60:0f:0b:a1:
e1:07:86:39:7d:0a:e1:86:91:97:c7:66:7c:08:86:1e:3b:8d:
62:0b:9c:93:06:b9:72:0e:e3:23:28:51:4c:2f:58:cb:d2:f4:
26:f4:06:b7:ba:cd:d9:7a:ca:e4:a0:a5:b8:2b:d2:46:2a:76:
7c:58:c2:51:b7:b6:80:e9:6d:0a:40:4c:27:eb:17:44:36:a7:
bc:d5:1e:15:52:58:04:46:68:d6:75:00:88:19:38:89:4d:be:
2e:7d:f6:09:d0:d8:e7:88:0e:5c:dd:df:a2:f6:d6:39:f3:9e:
cc:79:85:7d:12:df:af:7b:ea:7c:12:aa:c2:e5:31:f1:0c:ce:
17:73:76:4a:7a:6d:f2:d8:df:05:9f:02:49:19:cf:17:ce:d1:
23:11:96:76:60:5c:75:78:6b:ac:68:9c:08:d5:35:c7:f9:50:
c4:7f:9d:53:68:43:0f:d3:d1:a8:86:39:de:99:a4:cd:f3:12:
8b:12:83:2b:38:e0:90:38:dd:d3:f3:8f:00:b3:93:7c:eb:0e:
1b:e7:4d:e3:3b:42:3f:06:75:e8:70:2c:55:4e:e4:48:b0:40:
91:e2:42:e9:fb:ce:31:97:56:56:88:5a:0c:41:77:60:d2:f9:
75:39:a2:57
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKKPuo9VM8aJ2uZMXHvfFYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQxMDE0MDg1NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTA0MzQ4NWVjMjQzMjRkMjUxZmExNGJjOWQ0NzdhOTI1MzQxM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1H8VQQtNadlZvgJX2+RaKMyCBth/
frTQB1La2DubJckDZMXmOr2t/a0Ds6fwQ6YtGYm/oGyrHz3TOsotl1ErfaHK959T
67Vc/s/7MF7+uZh4voi0PeH9IHix9f5EMCco9GxBcQv+dbgwtN35TS5acBvRbF5b
P9ZnK5BXaHPHPQoYkxsAouOMErEiy5fJr0cp5UiTl8AgouRlZE10ZGh9l0Use3Hi
IsOO9awQT324exljfzEmlygdgLJnbpo3uzrFA2eTb5aN0caJMDYnA0RKVNnseIhA
QkszpkraNh+mq3GcvrlYCLW2jJJ8ps2bK+oGZdDNzEP01mNftDlOBtj82QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDkENIXsJDJNJR+hS8nUd6klNBOuMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvT1FRMGhld2tNazBsSDZGTHlkUjNxU1UwRTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWJc4AwQA
WJc7AwQCWNHoAwQAXDTbMA0GCSqGSIb3DQEBCwUAA4IBAQAskNpXnLfItMkXCGr5
oWAPC6HhB4Y5fQrhhpGXx2Z8CIYeO41iC5yTBrlyDuMjKFFML1jL0vQm9Aa3us3Z
esrkoKW4K9JGKnZ8WMJRt7aA6W0KQEwn6xdENqe81R4VUlgERmjWdQCIGTiJTb4u
ffYJ0NjniA5c3d+i9tY5857MeYV9Et+ve+p8EqrC5THxDM4Xc3ZKem3y2N8FnwJJ
Gc8XztEjEZZ2YFx1eGusaJwI1TXH+VDEf51TaEMP09GohjnemaTN8xKLEoMrOOCQ
ON3T848As5N86w4b503jO0I/BnXocCxVTuRIsECR4kLp+84xl1ZWiFoMQXdg0vl1
OaJX
-----END CERTIFICATE-----
Generated at Mon Oct 14 17:39:51 2024 by rpki-client on console-fra.rpki-client.org