Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Sk5zdltGcxyUFTfCJU41kxbidgM.roa
File: Sk5zdltGcxyUFTfCJU41kxbidgM.roa (raw, json)
Hash identifier: 2vuhZ9TbqLWkaFfBfE4M4RtKo82LpvBcNpLg6VQxUXU=
Subject key identifier: 4A:4E:73:76:5B:46:73:1C:94:15:37:C2:25:4E:35:93:16:E2:76:03
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019594EC0221F2E57A002A17DC9132B5A0D0
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Sk5zdltGcxyUFTfCJU41kxbidgM.roa
Signing time: Fri 14 Mar 2025 13:50:49 +0000
ROA not before: Fri 14 Mar 2025 13:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.151.59.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Mar 2025 12:25:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:ec:02:21:f2:e5:7a:00:2a:17:dc:91:32:b5:a0:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 14 13:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a4e73765b46731c941537c2254e359316e27603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:67:77:bd:d0:62:0c:e1:65:54:b8:bd:f0:af:
02:72:ff:0c:bd:3e:60:cb:8b:0a:b5:8c:74:5d:05:
20:e8:44:ea:4f:f4:d4:4e:6d:ba:23:be:36:31:6e:
ef:63:69:b0:18:21:d3:1d:54:af:e7:d5:5c:ff:1a:
f5:70:37:b7:b2:b8:7a:69:48:85:b8:96:23:2c:c7:
2e:dc:c8:25:13:d7:37:34:31:42:c7:e5:35:0c:0b:
cd:25:25:34:de:8c:7b:dc:96:52:34:5a:e6:2b:ac:
25:61:cb:b0:50:91:35:fd:49:3c:39:e1:56:2d:4b:
3d:38:98:65:47:db:97:a4:f5:74:13:9f:88:64:87:
b4:ae:43:be:dc:fc:77:38:5f:58:9f:ce:ae:96:1c:
4b:96:a0:46:a6:0d:07:cb:cb:b9:28:c9:37:e9:41:
8d:56:1d:55:c7:7f:6e:2a:9f:48:a8:05:87:c2:c5:
7f:d1:2b:31:87:17:35:e5:91:c8:eb:03:68:ec:60:
94:a9:e8:33:18:62:67:2f:1d:1e:f2:be:fe:29:43:
be:93:68:29:fc:46:5c:13:e3:d3:42:10:c3:35:13:
9f:59:05:64:ca:f7:0d:27:88:18:05:d8:29:64:b2:
63:63:45:d9:3b:71:19:0a:bc:c1:4a:e1:dc:4f:f4:
af:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:4E:73:76:5B:46:73:1C:94:15:37:C2:25:4E:35:93:16:E2:76:03
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Sk5zdltGcxyUFTfCJU41kxbidgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.151.59.0/24
88.209.221.0/24
88.209.224.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
88:6b:70:c2:95:af:ca:3c:13:ba:74:16:71:ff:fe:e1:92:74:
53:b6:ff:06:1b:f0:22:f1:35:3b:0d:7f:1c:bb:a7:48:5e:05:
77:df:72:22:19:4e:4d:5b:46:21:b6:cc:21:11:bb:ce:9b:51:
b8:39:bd:dd:0f:a8:1f:32:c2:bd:a4:c8:64:2f:f4:53:60:dd:
a6:a6:b7:49:f6:e7:2b:fc:86:50:43:2f:4c:50:9a:9f:fd:d5:
09:8e:bc:5d:bd:67:43:19:ba:b5:a0:16:6a:a9:fc:bb:ab:38:
37:02:8c:11:83:0b:c1:ed:63:b7:1a:66:d4:ca:70:4e:dd:79:
83:b6:61:1b:66:28:2d:13:38:ea:a0:97:4d:2f:70:3b:82:74:
35:b7:72:66:1e:ca:e6:ef:2a:66:9c:1a:84:b9:fb:d0:37:8d:
de:bf:8a:c3:4c:ea:2a:ff:94:b3:09:f6:43:15:89:18:41:3e:
49:60:21:c6:5e:f0:0f:d7:06:73:e4:52:32:0c:c1:ed:6f:10:
0a:de:56:3f:04:d3:72:06:66:ae:0f:75:61:00:31:59:7d:fd:
d3:1e:81:5d:d9:4e:04:51:fc:7e:f1:f1:04:bc:e2:fd:b5:2d:
49:ff:35:57:23:86:38:63:15:3b:a8:ec:08:c6:dd:e9:fc:0e:
b7:1e:e4:2a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZWU7AIh8uV6ACoX3JEytaDQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMzE0MTM1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTRlNzM3NjViNDY3MzFjOTQxNTM3YzIyNTRlMzU5MzE2ZTI3NjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWd3vdBiDOFlVLi98K8Ccv8MvT5g
y4sKtYx0XQUg6ETqT/TUTm26I742MW7vY2mwGCHTHVSv59Vc/xr1cDe3srh6aUiF
uJYjLMcu3MglE9c3NDFCx+U1DAvNJSU03ox73JZSNFrmK6wlYcuwUJE1/Uk8OeFW
LUs9OJhlR9uXpPV0E5+IZIe0rkO+3Px3OF9Yn86ulhxLlqBGpg0Hy8u5KMk36UGN
Vh1Vx39uKp9IqAWHwsV/0Ssxhxc15ZHI6wNo7GCUqegzGGJnLx0e8r7+KUO+k2gp
/EZcE+PTQhDDNROfWQVkyvcNJ4gYBdgpZLJjY0XZO3EZCrzBSuHcT/Sv+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEpOc3ZbRnMclBU3wiVONZMW4nYDMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvU2s1emRsdEdjeHlVRlRmQ0pVNDFreGJpZGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWJc4AwQA
WJc7AwQAWNHdAwQAWNHgAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQCIa3DCla/K
PBO6dBZx//7hknRTtv8GG/Ai8TU7DX8cu6dIXgV333IiGU5NW0YhtswhEbvOm1G4
Ob3dD6gfMsK9pMhkL/RTYN2mprdJ9ucr/IZQQy9MUJqf/dUJjrxdvWdDGbq1oBZq
qfy7qzg3AowRgwvB7WO3GmbUynBO3XmDtmEbZigtEzjqoJdNL3A7gnQ1t3JmHsrm
7ypmnBqEufvQN43ev4rDTOoq/5SzCfZDFYkYQT5JYCHGXvAP1wZz5FIyDMHtbxAK
3lY/BNNyBmauD3VhADFZff3THoFd2U4EUfx+8fEEvOL9tS1J/zVXI4Y4YxU7qOwI
xt3p/A63HuQq
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:36 2025 by rpki-client