Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/W0nbVWJpKc8Iwtqj_jnaJotpo5w.roa
File: W0nbVWJpKc8Iwtqj_jnaJotpo5w.roa (raw, json)
Hash identifier: RR+wTg4FKtRzDrAlzytyieR35XwG2QkNRAbMtCVps24=
Subject key identifier: 5B:49:DB:55:62:69:29:CF:08:C2:DA:A3:FE:39:DA:26:8B:69:A3:9C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018FF18F3E9778F1E640AF735DFA5ED48C92
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/W0nbVWJpKc8Iwtqj_jnaJotpo5w.roa
Signing time: Fri 07 Jun 2024 07:17:27 +0000
ROA not before: Fri 07 Jun 2024 07:17:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jul 2024 11:30:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f1:8f:3e:97:78:f1:e6:40:af:73:5d:fa:5e:d4:8c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 7 07:17:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b49db55626929cf08c2daa3fe39da268b69a39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9d:ee:1a:ab:95:86:53:dd:5a:45:2c:2f:8d:
c4:82:ba:c6:8a:20:02:ce:cb:a2:df:06:05:46:02:
e4:67:a1:15:19:82:24:85:d1:f2:4e:21:6a:20:d4:
76:e9:d5:5c:1e:b6:58:2a:dd:52:f9:74:f2:3c:f6:
92:b9:ec:f7:ea:53:b5:ec:76:d9:9f:a9:b2:72:63:
24:11:a7:70:90:d5:1f:8f:b9:e7:18:00:f7:ac:83:
06:91:db:51:e6:80:53:dc:e1:ab:77:b7:f8:36:61:
44:ff:20:d9:2a:96:d8:66:51:f5:b5:9d:97:07:ec:
e4:27:77:55:7a:0b:ca:46:3d:ec:61:67:59:77:80:
16:ff:53:85:97:51:fe:c4:02:bc:45:0a:e5:b8:54:
0d:fb:0b:7f:9b:d6:65:4f:4d:e8:31:1c:a7:f1:25:
ce:da:4d:df:06:ba:d5:c1:b9:00:62:24:2a:b5:8c:
41:7e:e9:c9:83:eb:1f:6d:f0:4c:39:82:d1:96:d9:
20:26:33:20:be:58:6c:d3:da:0d:bc:13:74:00:d5:
e4:e7:51:b8:88:84:ce:ec:92:d9:22:c3:29:11:94:
22:7e:be:62:84:d2:b6:48:ea:fd:0e:54:28:ca:1b:
d1:9d:d1:da:8b:c9:3c:99:84:cc:bb:c5:3f:81:0b:
12:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:49:DB:55:62:69:29:CF:08:C2:DA:A3:FE:39:DA:26:8B:69:A3:9C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/W0nbVWJpKc8Iwtqj_jnaJotpo5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.211.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:42:18:44:ae:c1:19:f1:04:7b:2b:be:75:d3:39:27:4e:84:
76:d7:c4:05:bc:7e:d6:14:ac:6e:f9:82:6f:76:d7:22:3e:56:
dc:0f:b3:c6:67:c9:a8:0e:c1:80:a9:ee:99:c1:c2:da:29:68:
5f:1e:f6:07:fd:db:79:fa:ba:f9:d3:cb:42:47:a4:fc:28:34:
f0:2f:7f:1e:11:18:33:b7:8f:07:55:01:8a:d6:ea:b7:e4:64:
11:8a:27:a6:b7:c0:eb:96:0f:f6:85:88:eb:e8:4a:26:b1:fc:
7c:fe:e5:20:2d:31:02:91:a8:7a:b8:9e:f8:44:35:7e:fe:74:
ec:fe:f8:bf:2e:fb:a3:dc:05:b4:48:04:ad:00:20:d3:9c:a7:
ce:a8:ac:6f:68:2b:81:cf:fd:44:c7:f2:97:cf:33:23:9f:ca:
16:60:c4:2a:6e:1c:30:ba:9c:1e:b3:2f:a7:32:3c:42:f6:83:
75:98:e5:05:af:0c:99:92:b9:9d:4d:38:84:cc:9b:fd:b5:18:
49:90:0c:7b:1e:da:18:53:34:3b:b7:73:05:49:44:9a:77:4c:
a3:4c:23:8d:e1:b7:fd:36:98:98:16:b8:14:0f:40:b2:ad:d0:
e5:70:e0:85:76:30:d6:97:b7:3b:54:16:74:30:fa:02:b3:c8:
5d:4e:96:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/xjz6XePHmQK9zXfpe1IySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwNjA3MDcxNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjQ5ZGI1NTYyNjkyOWNmMDhjMmRhYTNmZTM5ZGEyNjhiNjlhMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJ3uGquVhlPdWkUsL43EgrrGiiAC
zsui3wYFRgLkZ6EVGYIkhdHyTiFqINR26dVcHrZYKt1S+XTyPPaSuez36lO17HbZ
n6mycmMkEadwkNUfj7nnGAD3rIMGkdtR5oBT3OGrd7f4NmFE/yDZKpbYZlH1tZ2X
B+zkJ3dVegvKRj3sYWdZd4AW/1OFl1H+xAK8RQrluFQN+wt/m9ZlT03oMRyn8SXO
2k3fBrrVwbkAYiQqtYxBfunJg+sfbfBMOYLRltkgJjMgvlhs09oNvBN0ANXk51G4
iITO7JLZIsMpEZQifr5ihNK2SOr9DlQoyhvRndHai8k8mYTMu8U/gQsSiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFtJ21ViaSnPCMLao/452iaLaaOcMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVzBuYlZXSnBLYzhJd3Rxal9qbmFKb3RwbzV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWJc4AwQA
WNHTAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQC/QhhErsEZ8QR7K7510zknToR2
18QFvH7WFKxu+YJvdtciPlbcD7PGZ8moDsGAqe6ZwcLaKWhfHvYH/dt5+rr508tC
R6T8KDTwL38eERgzt48HVQGK1uq35GQRiiemt8Drlg/2hYjr6Eomsfx8/uUgLTEC
kah6uJ74RDV+/nTs/vi/Lvuj3AW0SAStACDTnKfOqKxvaCuBz/1Ex/KXzzMjn8oW
YMQqbhwwupwesy+nMjxC9oN1mOUFrwyZkrmdTTiEzJv9tRhJkAx7HtoYUzQ7t3MF
SUSad0yjTCON4bf9NpiYFrgUD0CyrdDlcOCFdjDWl7c7VBZ0MPoCs8hdTpby
-----END CERTIFICATE-----
Generated at Mon Jul 22 14:12:10 2024 by rpki-client on console-ams.rpki-client.org