Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/U9vCpTRwmxbH47c3I6z3sxzMq1w.roa
File: U9vCpTRwmxbH47c3I6z3sxzMq1w.roa (raw, json)
Hash identifier: 9MMGEFajTHYcL0WjUoMOknGhk5VSMwhg+sJApTkhp88=
Subject key identifier: 53:DB:C2:A5:34:70:9B:16:C7:E3:B7:37:23:AC:F7:B3:1C:CC:AB:5C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018E134A9F5B88662FF19964B02CF967B1C6
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/U9vCpTRwmxbH47c3I6z3sxzMq1w.roa
Signing time: Wed 06 Mar 2024 10:24:01 +0000
ROA not before: Wed 06 Mar 2024 10:24:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Mar 2024 08:07:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:4a:9f:5b:88:66:2f:f1:99:64:b0:2c:f9:67:b1:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 6 10:24:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53dbc2a534709b16c7e3b73723acf7b31cccab5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d2:2f:f1:d3:37:84:34:d2:48:ca:e2:4e:be:
f0:ba:91:35:ad:b8:55:69:d9:a3:c4:2c:41:46:38:
41:28:76:73:cc:c8:6a:26:f9:2d:82:45:69:dd:0f:
fc:57:9c:18:29:ce:c7:70:14:a4:dc:72:86:cd:3b:
2c:d9:6c:59:df:88:8d:4a:48:32:12:4f:28:cf:b8:
20:ef:e1:c6:83:af:f3:0d:cf:5e:2e:ee:b2:3e:48:
5f:5f:3c:e3:1e:6a:ad:72:23:ac:04:10:3d:70:39:
da:65:57:db:49:ea:5e:9f:cc:a0:b0:47:71:1b:fb:
a7:f7:6a:6a:91:36:d6:4b:94:9b:e6:70:2f:e0:02:
a0:7a:01:90:ce:35:f5:90:af:b2:0e:95:a2:25:4b:
2e:75:16:d8:d7:10:64:64:70:80:ec:c1:6e:2b:08:
07:97:19:87:e6:ac:52:2d:e2:0f:87:90:38:48:11:
69:ce:2b:a8:1e:57:61:27:be:69:39:21:81:7f:2b:
ef:ec:86:04:09:e8:88:73:0d:d0:4b:09:20:c4:90:
e2:97:ad:6a:59:82:6d:09:f5:e1:9c:16:e9:fb:51:
d9:69:92:10:68:3c:b3:d3:32:97:9e:3c:36:c2:a0:
4f:67:82:d6:84:76:70:e7:0c:32:8c:f1:33:6d:c1:
39:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:DB:C2:A5:34:70:9B:16:C7:E3:B7:37:23:AC:F7:B3:1C:CC:AB:5C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/U9vCpTRwmxbH47c3I6z3sxzMq1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.211.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
00:1d:5c:98:5b:06:8c:88:f2:a7:1b:90:6b:6f:98:19:ce:bf:
32:8a:6d:0d:99:2f:20:0d:f0:87:eb:42:de:7d:f9:4f:2e:3a:
d4:f9:21:3c:fa:0e:68:31:da:2d:99:a5:3e:08:be:0e:91:a0:
db:07:db:be:1f:14:79:03:80:ff:be:9a:e5:d3:3b:4b:c8:e4:
12:82:3f:47:a1:1a:3c:26:58:7f:37:a4:01:f7:5c:8d:90:99:
e4:89:b2:ed:8f:ba:63:8c:19:85:85:f3:86:57:72:bd:55:c2:
77:68:e6:bf:d7:cd:e1:2a:f7:df:b8:27:0b:fe:b0:e6:6a:54:
67:3c:89:ef:e6:12:6d:51:a5:98:45:0f:53:46:8e:ff:6a:73:
5f:46:7a:be:9e:ca:14:1a:de:80:15:69:39:c1:1f:09:d1:19:
7b:66:1d:4e:7f:89:c9:6b:de:8a:34:c4:66:3f:91:a0:f3:2e:
4a:88:03:37:65:9f:62:03:c3:84:ec:71:81:a6:26:1a:65:b6:
a0:2e:60:0e:40:a5:5f:d0:b8:5d:98:78:31:d9:15:27:21:fe:
44:72:99:01:af:ff:09:fc:93:3f:df:95:5c:3a:ec:46:aa:34:
b7:a0:a6:03:c4:77:27:60:13:05:1c:63:2b:d1:ee:89:99:a9:
89:8f:65:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4TSp9biGYv8ZlksCz5Z7HGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzA2MTAyNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2RiYzJhNTM0NzA5YjE2YzdlM2I3MzcyM2FjZjdiMzFjY2NhYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldIv8dM3hDTSSMriTr7wupE1rbhV
admjxCxBRjhBKHZzzMhqJvktgkVp3Q/8V5wYKc7HcBSk3HKGzTss2WxZ34iNSkgy
Ek8oz7gg7+HGg6/zDc9eLu6yPkhfXzzjHmqtciOsBBA9cDnaZVfbSepen8ygsEdx
G/un92pqkTbWS5Sb5nAv4AKgegGQzjX1kK+yDpWiJUsudRbY1xBkZHCA7MFuKwgH
lxmH5qxSLeIPh5A4SBFpziuoHldhJ75pOSGBfyvv7IYECeiIcw3QSwkgxJDil61q
WYJtCfXhnBbp+1HZaZIQaDyz0zKXnjw2wqBPZ4LWhHZw5wwyjPEzbcE5OQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFPbwqU0cJsWx+O3NyOs97MczKtcMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVTl2Q3BUUndteGJINDdjM0k2ejNzeHpNcTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWJc4AwQA
WNHTAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQAAHVyYWwaMiPKnG5Brb5gZzr8y
im0NmS8gDfCH60LefflPLjrU+SE8+g5oMdotmaU+CL4OkaDbB9u+HxR5A4D/vprl
0ztLyOQSgj9HoRo8Jlh/N6QB91yNkJnkibLtj7pjjBmFhfOGV3K9VcJ3aOa/183h
KvffuCcL/rDmalRnPInv5hJtUaWYRQ9TRo7/anNfRnq+nsoUGt6AFWk5wR8J0Rl7
Zh1Of4nJa96KNMRmP5Gg8y5KiAM3ZZ9iA8OE7HGBpiYaZbagLmAOQKVf0LhdmHgx
2RUnIf5EcpkBr/8J/JM/35VcOuxGqjS3oKYDxHcnYBMFHGMr0e6JmamJj2VZ
-----END CERTIFICATE-----
Generated at Fri Mar 8 11:11:57 2024 by rpki-client on console-fra.rpki-client.org