Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/bfTyaQWkWWZpwx9USXVtK79_fuY.roa
File: bfTyaQWkWWZpwx9USXVtK79_fuY.roa (raw, json)
Hash identifier: mDy/Ymib+oM80GZ4KNAC9MvXf9uUxoAWgSnYc4JsONI=
Subject key identifier: 6D:F4:F2:69:05:A4:59:66:69:C3:1F:54:49:75:6D:2B:BF:7F:7E:E6
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01883422F13933E102AEA110D4DE14629A55
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/bfTyaQWkWWZpwx9USXVtK79_fuY.roa
Signing time: Fri 19 May 2023 13:11:25 +0000
ROA not before: Fri 19 May 2023 13:11:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 88.209.244.0/24 maxlen: 24
88.209.192.0/24 maxlen: 24
88.209.194.0/24 maxlen: 24
88.151.59.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 May 2023 06:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:34:22:f1:39:33:e1:02:ae:a1:10:d4:de:14:62:9a:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 19 13:11:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6df4f26905a4596669c31f5449756d2bbf7f7ee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ab:f4:57:34:b9:be:f0:d9:3f:a9:11:b2:48:
ff:95:2e:fd:55:89:e5:5d:31:53:6a:c1:db:2c:4c:
55:a6:4c:c2:a4:37:c6:1d:c5:a3:f2:03:9c:69:50:
29:f6:9a:86:9f:5b:23:a4:87:97:18:b4:7f:86:e9:
42:94:20:99:80:a3:73:d6:82:48:2d:dd:4b:01:c2:
89:2b:29:55:ea:e1:7b:38:21:b0:ee:9d:91:40:dd:
89:f9:59:e3:51:8c:ce:65:c7:5e:8d:6a:c2:60:4e:
ae:14:70:e5:e4:41:11:63:82:9b:6c:b6:97:4b:66:
cb:84:70:d3:63:9b:a7:85:e9:50:63:a1:eb:70:6d:
90:11:58:d1:ed:52:f4:b3:ff:df:49:65:2b:35:57:
c4:1d:6f:c9:dc:74:bb:1d:06:8a:fc:7b:b6:09:f2:
23:bb:20:03:a9:c3:22:97:a5:46:67:1a:38:24:40:
04:d7:00:8d:c8:4f:58:88:59:b0:07:a3:0c:39:d3:
30:58:06:ea:06:d0:c6:ed:ab:55:92:3d:31:ea:7d:
de:ec:aa:6e:95:66:f7:7c:50:f2:5c:59:2f:9e:44:
3c:a9:d0:4b:d7:1a:61:99:f9:a6:7c:86:e9:95:95:
0a:e7:1a:1b:5f:dc:df:2e:a2:aa:eb:20:25:5c:d4:
00:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F4:F2:69:05:A4:59:66:69:C3:1F:54:49:75:6D:2B:BF:7F:7E:E6
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/bfTyaQWkWWZpwx9USXVtK79_fuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.59.0/24
88.209.192.0/24
88.209.194.0/24
88.209.207.0/24
88.209.244.0/24
Signature Algorithm: sha256WithRSAEncryption
80:e9:e8:7c:e7:0a:45:ac:d1:06:9f:6a:3a:ab:79:0b:1b:41:
73:73:1a:87:26:71:44:4c:3d:7c:51:39:00:75:40:26:b3:51:
5c:e6:73:4a:3c:db:6c:69:0b:a4:30:78:25:78:19:51:f4:71:
24:a3:43:84:c5:21:46:ed:04:a6:cc:65:b4:6e:9d:63:73:7d:
12:69:d1:0f:b3:0b:44:38:d6:b7:63:15:08:a5:94:b6:88:7f:
07:e7:4e:65:a6:56:ed:f5:08:32:46:8f:1e:d5:4d:43:be:72:
03:a6:4c:3e:cb:a8:76:bf:6f:c6:81:9d:4e:0a:78:21:48:33:
58:02:0c:78:e0:5d:71:ef:b2:1a:fb:60:99:7a:b0:1a:4b:06:
b8:04:ec:92:04:32:42:9a:87:71:39:66:4f:19:2c:41:87:81:
87:c5:9f:55:3f:23:79:3c:dc:86:46:37:e8:a8:47:0a:52:ed:
94:a4:11:a1:3b:86:bc:1e:23:9f:5d:1e:c4:b3:ac:99:e5:eb:
55:10:e5:5c:4a:c8:70:37:76:5b:a8:fb:49:b6:b0:3c:7d:0e:
d0:f1:b9:09:ab:ec:ca:31:ee:c5:fc:a6:42:af:fa:8d:da:d0:
a4:9b:c3:7b:d2:c0:f7:d3:4d:86:45:42:d9:f1:c8:7a:8a:95:
a7:38:6b:6e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYg0IvE5M+ECrqEQ1N4UYppVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTE5MTMxMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGY0ZjI2OTA1YTQ1OTY2NjljMzFmNTQ0OTc1NmQyYmJmN2Y3ZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6v0VzS5vvDZP6kRskj/lS79VYnl
XTFTasHbLExVpkzCpDfGHcWj8gOcaVAp9pqGn1sjpIeXGLR/hulClCCZgKNz1oJI
Ld1LAcKJKylV6uF7OCGw7p2RQN2J+VnjUYzOZcdejWrCYE6uFHDl5EERY4KbbLaX
S2bLhHDTY5unhelQY6HrcG2QEVjR7VL0s//fSWUrNVfEHW/J3HS7HQaK/Hu2CfIj
uyADqcMil6VGZxo4JEAE1wCNyE9YiFmwB6MMOdMwWAbqBtDG7atVkj0x6n3e7Kpu
lWb3fFDyXFkvnkQ8qdBL1xphmfmmfIbplZUK5xobX9zfLqKq6yAlXNQAvQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG308mkFpFlmacMfVEl1bSu/f37mMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvYmZUeWFRV2tXV1pwd3g5VVNYVnRLNzlfZnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWJc7AwQA
WNHAAwQAWNHCAwQAWNHPAwQAWNH0MA0GCSqGSIb3DQEBCwUAA4IBAQCA6eh85wpF
rNEGn2o6q3kLG0FzcxqHJnFETD18UTkAdUAms1Fc5nNKPNtsaQukMHgleBlR9HEk
o0OExSFG7QSmzGW0bp1jc30SadEPswtEONa3YxUIpZS2iH8H505lplbt9QgyRo8e
1U1DvnIDpkw+y6h2v2/GgZ1OCnghSDNYAgx44F1x77Ia+2CZerAaSwa4BOySBDJC
modxOWZPGSxBh4GHxZ9VPyN5PNyGRjfoqEcKUu2UpBGhO4a8HiOfXR7Es6yZ5etV
EOVcSshwN3ZbqPtJtrA8fQ7Q8bkJq+zKMe7F/KZCr/qN2tCkm8N70sD3002GRULZ
8ch6ipWnOGtu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org