Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QTEei26ZBRyDYCuc5agK5eDJgdg.roa
File: QTEei26ZBRyDYCuc5agK5eDJgdg.roa (raw, json)
Hash identifier: VFJ4uXRgewXLr5nIxeC/iaTP8kd24L3bz2LJWwLEESw=
Subject key identifier: 41:31:1E:8B:6E:99:05:1C:83:60:2B:9C:E5:A8:0A:E5:E0:C9:81:D8
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018A17A37F1C4D1C96AC7002B2FC77F362B3
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QTEei26ZBRyDYCuc5agK5eDJgdg.roa
Signing time: Mon 21 Aug 2023 10:28:25 +0000
ROA not before: Mon 21 Aug 2023 10:28:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203511
IP address blocks: 88.209.229.0/24 maxlen: 24
88.209.248.0/24 maxlen: 24
88.209.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Sep 2023 07:17:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:a3:7f:1c:4d:1c:96:ac:70:02:b2:fc:77:f3:62:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 21 10:28:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41311e8b6e99051c83602b9ce5a80ae5e0c981d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:09:e0:6b:18:aa:62:a1:84:46:c3:68:84:0a:
ef:60:bf:c8:8c:be:48:cb:4e:7d:3a:b4:81:89:3f:
2f:90:fe:c7:a7:5d:e0:31:69:b1:9d:ae:17:6b:fa:
d1:fb:84:f5:5e:24:97:d9:6a:1e:33:76:af:66:a3:
12:7e:1a:bb:9f:53:e5:0f:b9:38:34:60:1e:66:19:
79:65:22:9c:d1:85:d1:1b:90:43:85:8a:ec:8e:e2:
ea:30:e4:65:c2:83:67:25:e2:00:28:f6:f4:dc:13:
f0:b5:1a:87:6f:8d:ea:78:07:e0:90:c7:7e:e6:c4:
80:9f:da:86:fb:9c:93:ba:f2:37:14:d7:65:fd:ef:
2e:80:f7:f1:e7:f5:6c:c5:8f:5e:05:b3:f1:5b:68:
f9:1a:f9:c9:76:8c:e0:42:3e:f4:e2:34:7f:d6:5c:
29:aa:80:f5:de:f0:c1:84:b3:12:64:e5:2c:92:62:
eb:cb:9b:93:ab:13:b0:65:4b:fd:40:11:92:08:da:
1d:6f:7e:f0:c9:a9:e4:a5:96:9c:c9:67:90:0c:8b:
41:dc:c2:50:2c:a3:ce:2f:c1:d5:fa:72:e5:00:f4:
50:1d:b7:64:e1:c7:39:b3:a8:3e:a5:b6:ef:81:50:
51:85:cc:b9:3c:c3:b9:7a:c8:81:1b:95:3e:c3:48:
c5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:31:1E:8B:6E:99:05:1C:83:60:2B:9C:E5:A8:0A:E5:E0:C9:81:D8
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QTEei26ZBRyDYCuc5agK5eDJgdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.216.0/24
88.209.229.0/24
88.209.248.0/24
Signature Algorithm: sha256WithRSAEncryption
46:37:53:24:be:eb:0d:04:2d:55:2d:31:59:76:58:99:36:d0:
f0:0f:9a:f3:58:8e:1e:39:5d:98:03:07:26:1e:b8:ae:af:d2:
b5:62:23:84:f7:66:ac:64:42:18:2c:0e:b9:8a:34:1d:6d:e5:
64:f0:03:53:bf:33:fd:a2:63:db:22:05:5e:69:b9:a9:a4:dc:
f6:59:78:72:49:63:5c:06:ab:d7:3e:32:fd:66:eb:cb:65:dd:
e7:f8:86:79:08:53:f1:5a:d8:aa:ca:5a:e0:cd:97:c4:01:1d:
c3:74:ef:c9:e2:49:fa:36:f1:e2:6c:b4:39:c2:e1:7e:33:5d:
e6:58:a2:fb:19:92:7e:1b:13:c2:05:a2:03:20:bd:53:ec:36:
e0:fb:ae:b0:c1:fb:db:6b:9a:30:6b:6e:d3:a4:33:43:ba:32:
99:66:7a:82:6d:37:77:25:a8:4e:03:1f:3f:24:aa:21:9e:51:
d4:fd:9a:e2:0b:75:2a:86:d9:72:fe:fc:70:67:72:5b:7b:4b:
ae:91:b9:d9:22:29:c9:d0:13:1a:e7:ce:ad:14:7d:ff:c5:d4:
7c:87:ee:9f:d5:8b:9a:1e:cf:99:40:3b:bf:90:43:b4:b2:52:
c2:92:5a:c6:71:a6:c4:f6:97:d2:d5:89:2b:44:30:0e:94:21:
3f:12:7c:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoXo38cTRyWrHACsvx382KzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwODIxMTAyODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTMxMWU4YjZlOTkwNTFjODM2MDJiOWNlNWE4MGFlNWUwYzk4MWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAngaxiqYqGERsNohArvYL/IjL5I
y059OrSBiT8vkP7Hp13gMWmxna4Xa/rR+4T1XiSX2WoeM3avZqMSfhq7n1PlD7k4
NGAeZhl5ZSKc0YXRG5BDhYrsjuLqMORlwoNnJeIAKPb03BPwtRqHb43qeAfgkMd+
5sSAn9qG+5yTuvI3FNdl/e8ugPfx5/VsxY9eBbPxW2j5GvnJdozgQj704jR/1lwp
qoD13vDBhLMSZOUskmLry5uTqxOwZUv9QBGSCNodb37wyankpZacyWeQDItB3MJQ
LKPOL8HV+nLlAPRQHbdk4cc5s6g+pbbvgVBRhcy5PMO5esiBG5U+w0jFoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEExHotumQUcg2ArnOWoCuXgyYHYMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUVRFZWkyNlpCUnlEWUN1YzVhZ0s1ZURKZ2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNHYAwQA
WNHlAwQAWNH4MA0GCSqGSIb3DQEBCwUAA4IBAQBGN1MkvusNBC1VLTFZdliZNtDw
D5rzWI4eOV2YAwcmHriur9K1YiOE92asZEIYLA65ijQdbeVk8ANTvzP9omPbIgVe
abmppNz2WXhySWNcBqvXPjL9ZuvLZd3n+IZ5CFPxWtiqylrgzZfEAR3DdO/J4kn6
NvHibLQ5wuF+M13mWKL7GZJ+GxPCBaIDIL1T7Dbg+66wwfvba5owa27TpDNDujKZ
ZnqCbTd3JahOAx8/JKohnlHU/ZriC3Uqhtly/vxwZ3Jbe0uukbnZIinJ0BMa586t
FH3/xdR8h+6f1YuaHs+ZQDu/kEO0slLCklrGcabE9pfS1YkrRDAOlCE/Enxs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org