Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PLmNL0n-Vnpa77LH_6I-zsJ77PQ.roa
File: PLmNL0n-Vnpa77LH_6I-zsJ77PQ.roa (raw, json)
Hash identifier: U+EUJ+okr4VWvXSFVsEe4AWrRcG2piRq5BieEHvEpc8=
Subject key identifier: 3C:B9:8D:2F:49:FE:56:7A:5A:EF:B2:C7:FF:A2:3E:CE:C2:7B:EC:F4
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0185D41FC2B0196702D01DA2CC742A8CF432
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PLmNL0n-Vnpa77LH_6I-zsJ77PQ.roa
Signing time: Sat 21 Jan 2023 11:38:49 +0000
ROA not before: Sat 21 Jan 2023 11:38:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 88.209.249.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Feb 2023 07:11:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d4:1f:c2:b0:19:67:02:d0:1d:a2:cc:74:2a:8c:f4:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 21 11:38:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cb98d2f49fe567a5aefb2c7ffa23ecec27becf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3c:85:ea:cb:da:29:7f:fe:04:82:36:94:0c:
57:3d:33:d1:be:89:dd:d4:d0:6c:a5:bf:33:b6:b2:
c5:fd:a9:6a:d4:d9:4f:45:cd:d8:55:8c:1e:87:cd:
91:f8:1e:0c:ae:61:e7:c2:3b:60:87:82:ba:da:66:
a2:bc:75:11:9c:96:74:f6:09:cc:a4:b8:a6:f2:60:
cc:4d:48:57:70:9d:77:88:3e:c3:f9:49:f9:2f:41:
42:da:4b:f1:b1:ad:8d:37:3d:ff:9a:76:a8:9b:96:
5a:16:ab:05:11:cb:4d:34:0d:10:72:3b:28:97:32:
e9:80:10:4c:67:8a:98:51:b3:22:98:b6:e2:57:cb:
d9:b0:1d:3f:76:b3:21:61:cf:38:03:77:2e:9a:9c:
5e:b2:34:11:4e:43:29:2c:de:5e:f1:2d:59:89:cf:
63:79:0e:7b:71:a6:35:c2:9b:4c:f3:e6:78:63:97:
52:a5:e0:49:7f:3e:e5:f6:7e:ba:c2:f7:4e:90:9f:
26:dc:b0:2c:2d:d2:53:20:a3:9c:ff:6b:08:f2:b9:
27:02:40:a3:1a:bf:a2:9e:bc:42:56:41:56:22:72:
03:aa:7d:be:a4:43:ea:f3:16:26:89:ed:c8:08:ae:
a6:1d:8d:95:73:18:4a:1a:6f:89:c5:73:88:7b:c3:
10:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:B9:8D:2F:49:FE:56:7A:5A:EF:B2:C7:FF:A2:3E:CE:C2:7B:EC:F4
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PLmNL0n-Vnpa77LH_6I-zsJ77PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.207.0/24
88.209.249.0/24
Signature Algorithm: sha256WithRSAEncryption
26:3d:3f:26:90:87:1d:fe:58:4c:14:cd:bf:0c:b2:91:4a:ef:
8e:ea:24:a3:b1:e7:d2:18:a5:cc:db:68:a4:13:a8:e6:aa:a0:
a2:e6:fe:98:3c:e2:9c:12:6e:0c:a5:8d:18:5d:b0:9b:96:b4:
0f:6c:42:39:3b:76:6c:0d:bd:48:f9:ae:7d:df:4f:be:62:c6:
f6:94:e8:98:4f:0c:80:0b:c0:b6:f8:56:09:e1:b8:1b:31:a5:
92:29:a6:11:82:0a:38:5d:65:e7:2b:dc:f9:84:fb:f7:69:cc:
13:23:07:e4:b8:47:d4:fc:2f:35:0b:f4:f5:7f:a0:81:bd:26:
71:55:b8:ae:0f:d8:32:a8:02:f6:99:a4:cb:01:8f:5e:62:57:
a9:6d:ce:44:a7:3a:0b:4b:1e:44:c4:1b:47:fc:da:00:b4:7e:
c7:9f:60:f2:cd:c0:a4:86:74:4e:05:bb:48:84:a4:84:99:0e:
9b:50:70:45:19:18:39:e7:c4:8e:9b:cd:a5:f2:a9:aa:cb:70:
5b:6f:33:57:14:21:be:e4:bd:da:33:ba:fc:eb:b5:aa:51:eb:
7e:d2:da:9c:c8:19:81:40:22:31:f6:9b:d1:3d:e2:c0:52:b8:
57:ab:9e:4e:63:8d:e2:f3:5d:0b:11:12:55:a2:83:2a:71:95:
6c:5f:fd:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXUH8KwGWcC0B2izHQqjPQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTIxMTEzODQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2I5OGQyZjQ5ZmU1NjdhNWFlZmIyYzdmZmEyM2VjZWMyN2JlY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDyF6svaKX/+BII2lAxXPTPRvond
1NBspb8ztrLF/alq1NlPRc3YVYweh82R+B4MrmHnwjtgh4K62maivHURnJZ09gnM
pLim8mDMTUhXcJ13iD7D+Un5L0FC2kvxsa2NNz3/mnaom5ZaFqsFEctNNA0Qcjso
lzLpgBBMZ4qYUbMimLbiV8vZsB0/drMhYc84A3cumpxesjQRTkMpLN5e8S1Zic9j
eQ57caY1wptM8+Z4Y5dSpeBJfz7l9n66wvdOkJ8m3LAsLdJTIKOc/2sI8rknAkCj
Gr+inrxCVkFWInIDqn2+pEPq8xYmie3ICK6mHY2VcxhKGm+JxXOIe8MQSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDy5jS9J/lZ6Wu+yx/+iPs7Ce+z0MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUExtTkwwbi1WbnBhNzdMSF82SS16c0o3N1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNHPAwQA
WNH5MA0GCSqGSIb3DQEBCwUAA4IBAQAmPT8mkIcd/lhMFM2/DLKRSu+O6iSjsefS
GKXM22ikE6jmqqCi5v6YPOKcEm4MpY0YXbCblrQPbEI5O3ZsDb1I+a5930++Ysb2
lOiYTwyAC8C2+FYJ4bgbMaWSKaYRggo4XWXnK9z5hPv3acwTIwfkuEfU/C81C/T1
f6CBvSZxVbiuD9gyqAL2maTLAY9eYlepbc5EpzoLSx5ExBtH/NoAtH7Hn2DyzcCk
hnROBbtIhKSEmQ6bUHBFGRg558SOm82l8qmqy3BbbzNXFCG+5L3aM7r867WqUet+
0tqcyBmBQCIx9pvRPeLAUrhXq55OY43i810LERJVooMqcZVsX/2y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org