Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/aOY9V-MINqomZvGV14uUcJiqAHg.roa
File: aOY9V-MINqomZvGV14uUcJiqAHg.roa (raw, json)
Hash identifier: h0m0vHGSHoMt6d67zMQLMfrtZLXl3rwWbJfYN/PMF2c=
Subject key identifier: 68:E6:3D:57:E3:08:36:AA:26:66:F1:95:D7:8B:94:70:98:AA:00:78
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CB9A047A5F48FE701B27B51333E5349A8
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/aOY9V-MINqomZvGV14uUcJiqAHg.roa
Signing time: Sat 30 Dec 2023 07:28:58 +0000
ROA not before: Sat 30 Dec 2023 07:28:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 88.209.240.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b9:a0:47:a5:f4:8f:e7:01:b2:7b:51:33:3e:53:49:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 30 07:28:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68e63d57e30836aa2666f195d78b947098aa0078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5d:2d:cc:f0:74:ec:aa:e7:3e:2d:fc:7e:1b:
20:65:0b:bc:48:e4:37:dc:be:e0:af:8d:7e:9a:ef:
97:94:69:eb:c5:43:c0:bd:43:4b:21:92:d3:07:46:
05:04:f4:37:7b:4d:de:a6:9f:25:e4:d7:70:32:66:
c2:f8:31:a6:c1:33:0c:be:ae:50:06:f0:b6:16:64:
5e:05:ee:fa:07:ee:3c:86:41:c8:95:0f:71:f0:00:
b7:fa:d2:33:a1:51:a1:e8:f0:03:e4:ca:21:ab:be:
98:b1:7b:46:fa:6e:02:3d:5a:7e:a7:b9:b5:f5:d7:
77:97:ab:53:18:69:6c:9e:c9:b2:ca:0e:c0:88:dc:
c3:f7:7e:4d:14:65:79:c1:1b:6e:35:3c:52:6b:10:
19:8d:7f:cd:8f:dc:ff:27:c2:f6:1f:cf:a6:50:9c:
be:e8:d9:12:8a:f2:f6:92:70:b1:39:e5:8e:94:c2:
af:82:90:aa:ad:7c:01:08:31:f7:fd:f9:2e:c6:55:
5b:ca:ec:04:c5:59:9a:69:15:57:4f:b8:1d:a6:ba:
40:ca:3f:26:f0:30:86:fd:cc:f7:cc:8c:f7:81:67:
71:46:3d:c4:5f:3b:8f:e6:0b:3d:f8:50:74:29:7e:
a6:75:7a:38:93:85:5a:ed:89:d5:64:87:38:b9:51:
d9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E6:3D:57:E3:08:36:AA:26:66:F1:95:D7:8B:94:70:98:AA:00:78
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/aOY9V-MINqomZvGV14uUcJiqAHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.240.0/22
Signature Algorithm: sha256WithRSAEncryption
44:22:8e:1d:4b:12:0d:b7:98:ee:a2:6c:47:3e:00:db:61:05:
69:37:aa:fb:53:0e:87:53:90:59:d6:39:a1:28:84:3f:dc:c5:
f8:68:22:80:b3:53:ea:0b:9b:39:3d:86:7e:5c:0a:b3:8e:20:
de:86:55:8d:50:d1:31:74:69:db:d6:d8:ba:bf:af:3c:66:d1:
08:12:e3:cb:ab:7c:f6:c9:9b:69:24:a5:82:fd:50:95:fc:03:
d8:8f:44:8d:67:18:6f:82:e0:f4:1e:07:bf:cd:a4:bc:5e:b8:
ed:45:86:8e:dc:3f:69:46:c7:70:5e:e6:53:e2:0c:a2:41:1b:
5a:7e:f3:10:6c:37:37:cc:84:30:5f:ef:5c:56:e9:fd:cc:dc:
9c:fa:b2:99:26:b3:5e:bc:42:cb:fc:8c:66:35:bf:22:e3:ce:
d4:fc:70:26:84:72:4a:5f:0f:a3:26:89:9e:b8:3b:12:72:f5:
ee:b2:e7:a2:fc:a6:8e:1b:72:6b:d0:5a:23:82:6b:a8:67:af:
ce:b1:34:e2:f5:ef:09:4a:7d:c7:b8:9d:09:72:e1:a3:ff:16:
19:6a:71:f9:e1:43:40:22:45:7e:0f:09:3b:83:b3:56:25:20:
cc:f6:48:de:f9:59:80:4c:d4:f0:6f:56:66:f4:59:20:e2:fe:
91:fc:1c:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy5oEel9I/nAbJ7UTM+U0moMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMjMwMDcyODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGU2M2Q1N2UzMDgzNmFhMjY2NmYxOTVkNzhiOTQ3MDk4YWEwMDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn10tzPB07KrnPi38fhsgZQu8SOQ3
3L7gr41+mu+XlGnrxUPAvUNLIZLTB0YFBPQ3e03epp8l5NdwMmbC+DGmwTMMvq5Q
BvC2FmReBe76B+48hkHIlQ9x8AC3+tIzoVGh6PAD5Mohq76YsXtG+m4CPVp+p7m1
9dd3l6tTGGlsnsmyyg7AiNzD935NFGV5wRtuNTxSaxAZjX/Nj9z/J8L2H8+mUJy+
6NkSivL2knCxOeWOlMKvgpCqrXwBCDH3/fkuxlVbyuwExVmaaRVXT7gdprpAyj8m
8DCG/cz3zIz3gWdxRj3EXzuP5gs9+FB0KX6mdXo4k4Va7YnVZIc4uVHZEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjmPVfjCDaqJmbxldeLlHCYqgB4MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvYU9ZOVYtTUlOcW9tWnZHVjE0dVVjSmlxQUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNHwMA0G
CSqGSIb3DQEBCwUAA4IBAQBEIo4dSxINt5juomxHPgDbYQVpN6r7Uw6HU5BZ1jmh
KIQ/3MX4aCKAs1PqC5s5PYZ+XAqzjiDehlWNUNExdGnb1ti6v688ZtEIEuPLq3z2
yZtpJKWC/VCV/APYj0SNZxhvguD0Hge/zaS8XrjtRYaO3D9pRsdwXuZT4gyiQRta
fvMQbDc3zIQwX+9cVun9zNyc+rKZJrNevELL/IxmNb8i487U/HAmhHJKXw+jJome
uDsScvXusuei/KaOG3Jr0FojgmuoZ6/OsTTi9e8JSn3HuJ0JcuGj/xYZanH54UNA
IkV+Dwk7g7NWJSDM9kje+VmATNTwb1Zm9Fkg4v6R/Byi
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:55 2024 by rpki-client on console-ams.rpki-client.org