Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/cpghKJLllGQALn73SR24w2jrh48.roa
File: cpghKJLllGQALn73SR24w2jrh48.roa (raw, json)
Hash identifier: 6cxyK3dcuSqZoN7oVFkFOCSyuqnmSfnyN6MxN2k/+ok=
Subject key identifier: 72:98:21:28:92:E5:94:64:00:2E:7E:F7:49:1D:B8:C3:68:EB:87:8F
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018571E7A6B9A06B58C1FF08888AE018FA78
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/cpghKJLllGQALn73SR24w2jrh48.roa
Signing time: Mon 02 Jan 2023 09:54:44 +0000
ROA not before: Mon 02 Jan 2023 09:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 88.209.244.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Jan 2023 11:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e7:a6:b9:a0:6b:58:c1:ff:08:88:8a:e0:18:fa:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 2 09:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7298212892e59464002e7ef7491db8c368eb878f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b1:db:46:b5:2f:da:d7:2f:31:85:7e:aa:52:
b4:7c:a9:f5:ea:31:86:a2:6c:e8:78:ac:99:89:47:
8d:c0:3f:80:a5:2a:a3:d1:c6:5c:27:3e:1a:74:0b:
dc:e3:23:c7:60:da:0d:27:62:37:55:12:b9:d5:de:
85:6f:da:66:4e:4f:97:00:d0:37:05:4f:cb:27:c1:
d4:a1:59:d7:9f:8b:53:00:42:fd:bb:78:f2:b4:87:
70:46:86:4f:79:41:76:33:d0:d9:67:34:ef:ce:ba:
93:20:4b:44:5f:46:14:2e:ca:99:0c:35:c9:80:4d:
7a:38:16:7f:57:10:df:64:88:9c:62:26:97:66:1d:
f8:20:56:2f:c5:95:48:51:b6:87:47:ed:28:b5:75:
a7:11:6d:c1:9d:09:79:56:4d:44:b6:88:46:db:52:
e2:85:03:21:a3:5e:bc:c3:49:f2:41:7c:eb:d4:30:
e1:7f:77:ce:ac:b4:0d:a9:4e:76:cb:3a:3a:43:ed:
e3:2e:a4:3c:21:0d:e6:66:ff:ee:12:89:53:bb:0a:
82:26:f9:a0:9e:58:24:78:fa:3f:87:6e:1e:94:e8:
77:3d:e9:97:3c:18:ca:c0:aa:e4:37:23:9b:51:c9:
7a:7f:95:53:7d:d1:13:7a:70:3b:b5:1d:89:91:ec:
53:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:98:21:28:92:E5:94:64:00:2E:7E:F7:49:1D:B8:C3:68:EB:87:8F
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/cpghKJLllGQALn73SR24w2jrh48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.61.0/24
88.209.244.0/24
Signature Algorithm: sha256WithRSAEncryption
94:d4:a0:f6:37:3a:20:03:ef:d8:05:d4:46:60:5a:cc:b5:d4:
81:0f:f2:08:b0:58:34:f0:38:0c:92:cc:27:bd:3e:78:35:66:
da:39:4c:e0:9a:e3:8c:82:5b:02:5a:c0:22:28:2a:22:d6:e0:
4b:85:49:c9:c5:46:19:68:94:ff:e6:b2:d0:6c:65:60:31:9f:
e8:1b:7d:08:2c:b2:1d:33:f8:26:de:53:fe:8d:dc:d0:65:6f:
dc:5a:e5:86:fe:ec:81:06:10:52:17:5e:0e:00:6f:ad:74:9e:
8c:ce:a1:be:43:51:68:f5:d3:23:e8:0f:3a:91:a4:9f:8f:1a:
84:d3:86:57:5f:d8:f9:9e:ad:d7:bd:29:2e:a8:ff:b2:9f:f1:
de:80:aa:be:9a:98:5a:55:57:64:2d:35:91:69:49:90:bc:45:
70:c2:70:9c:9b:aa:82:79:9e:25:e1:3a:02:cf:9d:74:3b:73:
68:8a:2f:84:7a:5e:ea:74:81:47:03:b7:3f:60:37:00:92:5c:
a0:0e:33:d7:9f:91:bc:2a:3f:9e:43:db:15:66:42:3e:36:11:
3e:94:f6:df:10:39:e1:17:c9:99:fd:c6:db:42:ec:51:5a:87:
c0:32:fb:cc:1b:a8:9b:0b:63:f1:c6:5b:72:06:77:f9:e6:44:
8c:cf:f1:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx56a5oGtYwf8IiIrgGPp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTAyMDk1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjk4MjEyODkyZTU5NDY0MDAyZTdlZjc0OTFkYjhjMzY4ZWI4NzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLHbRrUv2tcvMYV+qlK0fKn16jGG
omzoeKyZiUeNwD+ApSqj0cZcJz4adAvc4yPHYNoNJ2I3VRK51d6Fb9pmTk+XANA3
BU/LJ8HUoVnXn4tTAEL9u3jytIdwRoZPeUF2M9DZZzTvzrqTIEtEX0YULsqZDDXJ
gE16OBZ/VxDfZIicYiaXZh34IFYvxZVIUbaHR+0otXWnEW3BnQl5Vk1EtohG21Li
hQMho168w0nyQXzr1DDhf3fOrLQNqU52yzo6Q+3jLqQ8IQ3mZv/uEolTuwqCJvmg
nlgkePo/h24elOh3PemXPBjKwKrkNyObUcl6f5VTfdETenA7tR2JkexTkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHKYISiS5ZRkAC5+90kduMNo64ePMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvY3BnaEtKTGxsR1FBTG43M1NSMjR3MmpyaDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWJc9AwQA
WNH0MA0GCSqGSIb3DQEBCwUAA4IBAQCU1KD2NzogA+/YBdRGYFrMtdSBD/IIsFg0
8DgMkswnvT54NWbaOUzgmuOMglsCWsAiKCoi1uBLhUnJxUYZaJT/5rLQbGVgMZ/o
G30ILLIdM/gm3lP+jdzQZW/cWuWG/uyBBhBSF14OAG+tdJ6MzqG+Q1Fo9dMj6A86
kaSfjxqE04ZXX9j5nq3XvSkuqP+yn/HegKq+mphaVVdkLTWRaUmQvEVwwnCcm6qC
eZ4l4ToCz510O3Noii+Eel7qdIFHA7c/YDcAklygDjPXn5G8Kj+eQ9sVZkI+NhE+
lPbfEDnhF8mZ/cbbQuxRWofAMvvMG6ibC2PxxltyBnf55kSMz/F0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org