Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/VqiG51bCGB6cuagi7EEyoXDItPc.roa
File: VqiG51bCGB6cuagi7EEyoXDItPc.roa (raw, json)
Hash identifier: LlRnNToIlmGb5qXnFLhqLqufO0CsWuqWc7PSQWvDOE0=
Subject key identifier: 56:A8:86:E7:56:C2:18:1E:9C:B9:A8:22:EC:41:32:A1:70:C8:B4:F7
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0186C078632196D7622ED34A096567181557
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/VqiG51bCGB6cuagi7EEyoXDItPc.roa
Signing time: Wed 08 Mar 2023 09:06:00 +0000
ROA not before: Wed 08 Mar 2023 09:06:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 88.209.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:78:63:21:96:d7:62:2e:d3:4a:09:65:67:18:15:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 8 09:06:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56a886e756c2181e9cb9a822ec4132a170c8b4f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e2:b5:02:ec:e3:50:cf:68:14:f5:2c:85:dd:
99:bd:9f:58:68:00:16:09:99:cb:52:d1:cd:ed:59:
07:94:93:de:4d:48:01:d6:53:13:97:c8:7a:dd:3c:
d5:f8:c0:dd:af:d9:2f:b3:6e:0b:6c:fb:43:18:56:
1b:f6:41:6e:fa:54:1e:63:bf:b9:71:e3:59:4b:3a:
f8:c7:11:cb:e2:58:a0:37:a0:27:77:cc:fa:e7:31:
3f:5b:56:8c:4c:8b:db:67:23:b1:d2:a5:1d:5b:a7:
9b:f2:03:36:6b:8e:dc:a0:80:5b:06:61:12:8b:43:
ea:2e:49:bb:e6:50:c6:7f:01:3e:cf:f3:88:b3:5e:
33:51:f7:71:e8:82:7a:d8:66:12:81:13:a0:f9:d9:
e8:28:da:98:b1:1d:d4:d8:37:fe:83:29:65:eb:bd:
f9:7f:40:e6:7c:39:61:ca:88:b5:ab:01:99:62:2b:
89:ea:b7:39:a5:04:fc:2a:2b:da:8d:93:97:21:d5:
02:08:ac:e7:0a:c2:b6:46:16:47:7d:3b:1d:29:46:
a7:66:61:33:2b:03:64:5a:51:2d:c5:e7:7e:61:f1:
a4:1f:40:58:a4:3a:78:31:27:b7:78:93:09:be:4c:
1c:4d:19:f3:0b:77:7f:bc:d7:b3:2f:50:61:5a:5f:
cc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:A8:86:E7:56:C2:18:1E:9C:B9:A8:22:EC:41:32:A1:70:C8:B4:F7
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/VqiG51bCGB6cuagi7EEyoXDItPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.211.0/24
Signature Algorithm: sha256WithRSAEncryption
89:07:e4:03:89:5b:7e:dc:1e:b5:78:8d:dd:72:cc:11:a5:ef:
0b:36:4f:b5:6b:65:ad:4a:66:f9:58:4b:bd:71:bb:ef:0d:6c:
4d:4c:5e:0f:39:09:61:8b:f6:02:4f:a9:c7:3f:cf:69:9e:f3:
96:a2:0a:78:70:25:6b:76:39:7e:08:fb:e3:ef:0b:12:66:6c:
af:a6:52:94:e9:67:f4:99:b7:9e:88:a1:2e:c8:20:8d:f2:f0:
1a:6b:dc:4c:e6:8d:5a:0b:ae:87:c5:7b:ec:23:8f:e0:74:c6:
ce:8e:9d:7e:8b:1a:fa:59:b4:2c:73:ac:5c:78:09:d8:2f:ec:
70:2b:19:26:c7:a8:49:33:27:5f:2e:99:6b:cb:0f:8e:63:cc:
2d:98:5a:39:4f:dd:33:b6:e3:97:17:c3:cc:d2:b6:46:d5:35:
2e:33:9f:81:8f:44:2c:59:48:30:07:48:26:9e:f3:4c:4f:25:
47:c1:22:e1:f5:9c:d9:a7:05:03:e0:9a:f7:c7:ce:49:70:2f:
be:a7:67:e3:41:c4:f8:37:b6:87:c2:4f:c0:70:1f:3e:39:45:
4b:91:32:b8:1c:0b:6c:af:6b:3b:a6:c2:63:2a:37:97:01:9a:
91:65:a1:01:f9:80:a0:1f:7b:80:f3:1b:4a:9e:86:81:7e:67:
e8:a9:4a:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbAeGMhltdiLtNKCWVnGBVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMzA4MDkwNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmE4ODZlNzU2YzIxODFlOWNiOWE4MjJlYzQxMzJhMTcwYzhiNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuK1AuzjUM9oFPUshd2ZvZ9YaAAW
CZnLUtHN7VkHlJPeTUgB1lMTl8h63TzV+MDdr9kvs24LbPtDGFYb9kFu+lQeY7+5
ceNZSzr4xxHL4ligN6And8z65zE/W1aMTIvbZyOx0qUdW6eb8gM2a47coIBbBmES
i0PqLkm75lDGfwE+z/OIs14zUfdx6IJ62GYSgROg+dnoKNqYsR3U2Df+gyll6735
f0DmfDlhyoi1qwGZYiuJ6rc5pQT8KivajZOXIdUCCKznCsK2RhZHfTsdKUanZmEz
KwNkWlEtxed+YfGkH0BYpDp4MSe3eJMJvkwcTRnzC3d/vNezL1BhWl/MfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFaohudWwhgenLmoIuxBMqFwyLT3MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVnFpRzUxYkNHQjZjdWFnaTdFRXlvWERJdFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHTMA0G
CSqGSIb3DQEBCwUAA4IBAQCJB+QDiVt+3B61eI3dcswRpe8LNk+1a2WtSmb5WEu9
cbvvDWxNTF4POQlhi/YCT6nHP89pnvOWogp4cCVrdjl+CPvj7wsSZmyvplKU6Wf0
mbeeiKEuyCCN8vAaa9xM5o1aC66HxXvsI4/gdMbOjp1+ixr6WbQsc6xceAnYL+xw
Kxkmx6hJMydfLplryw+OY8wtmFo5T90ztuOXF8PM0rZG1TUuM5+Bj0QsWUgwB0gm
nvNMTyVHwSLh9ZzZpwUD4Jr3x85JcC++p2fjQcT4N7aHwk/AcB8+OUVLkTK4HAts
r2s7psJjKjeXAZqRZaEB+YCgH3uA8xtKnoaBfmfoqUpi
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:01 2023 by rpki-client on console-fra.rpki-client.org