Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/YaGG5LWD68FfFYCMWjfGV-z81X0.roa
File: YaGG5LWD68FfFYCMWjfGV-z81X0.roa (raw, json)
Hash identifier: 1HOjyOQV+qJRTx/gRd3EYYASNFB5nw3D7IiZcp1nQaA=
Subject key identifier: 61:A1:86:E4:B5:83:EB:C1:5F:15:80:8C:5A:37:C6:57:EC:FC:D5:7D
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CC3B6BD5BC30CA194488A1412F02BE6D1
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/YaGG5LWD68FfFYCMWjfGV-z81X0.roa
Signing time: Mon 01 Jan 2024 06:29:42 +0000
ROA not before: Mon 01 Jan 2024 06:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 88.209.230.0/24 maxlen: 24
83.137.152.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 07:15:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:bd:5b:c3:0c:a1:94:48:8a:14:12:f0:2b:e6:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 06:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61a186e4b583ebc15f15808c5a37c657ecfcd57d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f0:cf:c3:9f:7b:bc:ba:e6:e9:b4:39:55:d5:
3e:93:1d:4e:2a:da:5a:ff:54:8a:80:73:1f:ee:7f:
4b:90:90:6c:92:c2:55:5b:e6:c3:dc:9d:d3:ab:d7:
53:eb:f0:e9:92:ec:52:58:0f:be:bc:69:da:44:d2:
a4:26:70:41:99:69:f9:70:ce:1f:6f:47:96:b9:81:
69:2e:70:44:f0:ff:a4:6b:1f:9e:05:1f:f2:fd:eb:
04:b1:3a:9f:26:88:a6:7a:ee:c1:80:2d:04:07:e8:
14:10:10:24:c2:60:a2:f9:ef:bc:46:c0:eb:25:6b:
10:6b:af:e7:07:03:33:70:f1:b7:f9:d8:20:0e:c7:
8b:92:3f:17:01:8a:d1:4f:b0:e7:74:0b:31:75:96:
ad:c8:ba:d6:10:33:00:a2:5d:c6:a9:30:ac:28:20:
24:6f:7d:ba:50:a9:e3:b5:5f:96:e6:fd:73:8d:bd:
e4:7e:63:ca:70:2e:30:aa:0f:81:78:ac:52:aa:8f:
42:8a:a6:e4:d5:71:7e:6a:90:10:f6:41:29:56:25:
30:9c:3a:fd:e0:01:05:cc:0c:f9:6b:12:fb:95:55:
9e:7e:85:4f:6a:93:eb:2c:52:dd:22:27:ba:7f:be:
99:ca:85:ef:51:3c:cb:af:15:e3:59:a4:d0:eb:be:
d0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A1:86:E4:B5:83:EB:C1:5F:15:80:8C:5A:37:C6:57:EC:FC:D5:7D
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/YaGG5LWD68FfFYCMWjfGV-z81X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.152.0/24
88.209.230.0/24
88.209.255.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:13:f9:08:3d:ce:c1:b9:1f:8f:a1:3e:52:26:20:bb:7a:64:
58:bc:62:7b:b8:43:26:99:62:98:68:3d:45:7b:21:64:04:c7:
ca:12:7d:a8:77:e0:c9:b4:c6:24:84:9b:ba:23:50:49:0b:ac:
44:c0:1c:32:1c:ec:18:9d:28:6c:8c:e5:d9:a7:20:1e:2b:d6:
bc:70:28:99:b1:32:53:63:fb:dd:0a:5c:45:81:97:c8:e4:d7:
e7:35:da:b4:3f:b1:96:51:88:dc:1c:88:d6:b7:53:16:32:38:
6f:80:1e:5e:b7:70:27:30:5b:b7:38:d3:5d:5c:04:2c:e0:c3:
2e:00:c5:41:ee:ad:e2:7c:10:5c:e3:40:be:ed:eb:19:78:75:
c6:1e:a6:c7:9b:5a:80:7d:74:be:e2:4b:9d:27:f8:65:02:a5:
6e:68:06:d1:b6:3d:43:34:f5:7e:c6:c2:50:c5:07:95:af:cc:
b2:32:a9:41:bd:1c:ca:88:61:22:a4:fe:27:a7:44:75:74:90:
94:2e:b4:d8:93:b4:e8:12:6f:11:ab:14:a7:5d:02:61:02:6c:
17:4f:cf:f1:13:fa:64:10:d5:c4:81:02:3c:1c:87:ff:5f:f9:
4c:3c:d8:3c:b6:98:cc:27:6e:0d:51:43:0b:aa:f0:e1:fb:88:
b9:65:3e:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtr1bwwyhlEiKFBLwK+bRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTAxMDYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWExODZlNGI1ODNlYmMxNWYxNTgwOGM1YTM3YzY1N2VjZmNkNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/DPw597vLrm6bQ5VdU+kx1OKtpa
/1SKgHMf7n9LkJBsksJVW+bD3J3Tq9dT6/DpkuxSWA++vGnaRNKkJnBBmWn5cM4f
b0eWuYFpLnBE8P+kax+eBR/y/esEsTqfJoimeu7BgC0EB+gUEBAkwmCi+e+8RsDr
JWsQa6/nBwMzcPG3+dggDseLkj8XAYrRT7DndAsxdZatyLrWEDMAol3GqTCsKCAk
b326UKnjtV+W5v1zjb3kfmPKcC4wqg+BeKxSqo9Ciqbk1XF+apAQ9kEpViUwnDr9
4AEFzAz5axL7lVWefoVPapPrLFLdIie6f76ZyoXvUTzLrxXjWaTQ677QmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGGhhuS1g+vBXxWAjFo3xlfs/NV9MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvWWFHRzVMV0Q2OEZmRllDTVdqZkdWLXo4MVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU4mYAwQA
WNHmAwQAWNH/MA0GCSqGSIb3DQEBCwUAA4IBAQBOE/kIPc7BuR+PoT5SJiC7emRY
vGJ7uEMmmWKYaD1FeyFkBMfKEn2od+DJtMYkhJu6I1BJC6xEwBwyHOwYnShsjOXZ
pyAeK9a8cCiZsTJTY/vdClxFgZfI5NfnNdq0P7GWUYjcHIjWt1MWMjhvgB5et3An
MFu3ONNdXAQs4MMuAMVB7q3ifBBc40C+7esZeHXGHqbHm1qAfXS+4kudJ/hlAqVu
aAbRtj1DNPV+xsJQxQeVr8yyMqlBvRzKiGEipP4np0R1dJCULrTYk7ToEm8RqxSn
XQJhAmwXT8/xE/pkENXEgQI8HIf/X/lMPNg8tpjMJ24NUUMLqvDh+4i5ZT5I
-----END CERTIFICATE-----
Generated at Wed Feb 21 08:49:09 2024 by rpki-client on console-ams.rpki-client.org