Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/eK0GvPDrasMWZ4UzN8chAtnfHHw.roa
File: eK0GvPDrasMWZ4UzN8chAtnfHHw.roa (raw, json)
Hash identifier: L/6KHQ0eKbt77cu5UPx4FiZtAHM7a7A88vTUEpN3rVk=
Subject key identifier: 78:AD:06:BC:F0:EB:6A:C3:16:67:85:33:37:C7:21:02:D9:DF:1C:7C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0189AC8B6965F80F907215764F44AE0592AF
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/eK0GvPDrasMWZ4UzN8chAtnfHHw.roa
Signing time: Mon 31 Jul 2023 15:22:44 +0000
ROA not before: Mon 31 Jul 2023 15:22:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 88.209.230.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
88.209.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Sep 2023 12:17:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:8b:69:65:f8:0f:90:72:15:76:4f:44:ae:05:92:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 31 15:22:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78ad06bcf0eb6ac31667853337c72102d9df1c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f6:7c:9d:0c:0a:87:c5:5b:66:57:c8:b1:fb:
84:9f:a4:57:6d:d8:df:e6:4a:e9:48:10:62:c1:93:
0a:15:24:4f:6a:39:7a:b9:7c:34:c8:b5:25:b7:dc:
05:8b:e2:ac:80:48:cb:d8:16:9e:20:d8:a8:e3:a4:
c7:1b:ef:7d:aa:ef:d7:48:5c:f7:9c:b7:b3:18:44:
54:be:33:33:d1:c8:db:3c:15:be:b4:99:97:41:62:
f6:fb:1a:c9:88:a5:1f:a9:94:a2:6e:18:15:83:3d:
41:70:c1:f6:2f:90:ab:3e:0e:2f:54:25:e3:7b:04:
36:15:9d:d9:77:44:40:83:e8:14:a4:d8:63:2b:cb:
88:9c:dc:8b:b3:ba:22:a6:51:ec:c7:27:59:b8:80:
6e:e1:a6:7b:4b:51:68:8e:c7:d1:c5:33:01:71:84:
bc:57:58:b8:96:41:e6:cd:e7:2e:43:98:2d:cc:93:
45:a2:63:8c:0b:b2:90:c5:73:fb:58:01:0f:59:f0:
b3:f2:b2:bc:a2:92:3c:3a:3e:63:59:2b:be:3b:db:
53:5a:f7:18:b9:64:aa:0e:80:c0:74:19:7c:c6:fc:
6d:8f:ef:93:3d:fb:70:13:54:68:b1:9e:2d:fb:c0:
12:71:a0:dd:8b:ac:a2:d7:ff:c7:d9:8b:2d:78:ee:
ec:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:AD:06:BC:F0:EB:6A:C3:16:67:85:33:37:C7:21:02:D9:DF:1C:7C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/eK0GvPDrasMWZ4UzN8chAtnfHHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.203.0/24
88.209.230.0/24
88.209.255.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:98:0c:5c:76:9a:f1:50:2d:1a:35:51:92:a0:10:69:43:a0:
ba:d2:77:13:ba:ea:69:9f:50:ee:fa:cf:ec:49:a3:91:3d:6d:
27:d4:33:23:18:f3:7f:fb:54:be:af:62:93:6b:4e:ec:13:19:
6a:6d:1f:c7:af:6b:6c:85:35:76:7d:a7:e2:7e:66:68:6a:ed:
64:07:66:87:d3:22:ac:f4:1e:72:14:2d:71:9c:d3:9d:6a:43:
b4:48:42:76:50:cf:94:f2:3f:d0:33:8b:6d:c4:9a:1f:62:c1:
ff:1b:c8:3f:c9:99:47:dc:85:d6:04:34:1f:5f:01:33:2b:cc:
b9:b7:84:9e:4e:0c:bd:6d:4a:9e:2a:7d:e6:ea:95:31:b3:3d:
4b:69:9b:6a:9f:46:94:54:9b:91:e1:28:62:98:a7:64:e2:8a:
28:7d:4b:85:cf:6f:72:e8:fe:25:ee:9b:8e:2e:00:a7:d4:54:
c5:05:0b:9b:3a:0d:3d:1b:a9:9e:2d:0b:57:e0:b4:98:4c:0b:
07:06:2d:a3:11:2f:5a:35:f4:bd:c6:be:0e:ec:af:bb:a5:33:
c7:b1:ab:19:34:7c:3f:ae:4d:40:79:d9:d0:96:6c:58:49:1c:
38:85:84:5e:8c:f9:0a:2a:c9:a9:8d:35:eb:d4:82:60:3f:fe:
92:53:1f:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmsi2ll+A+QchV2T0SuBZKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNzMxMTUyMjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGFkMDZiY2YwZWI2YWMzMTY2Nzg1MzMzN2M3MjEwMmQ5ZGYxYzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPZ8nQwKh8VbZlfIsfuEn6RXbdjf
5krpSBBiwZMKFSRPajl6uXw0yLUlt9wFi+KsgEjL2BaeINio46THG+99qu/XSFz3
nLezGERUvjMz0cjbPBW+tJmXQWL2+xrJiKUfqZSibhgVgz1BcMH2L5CrPg4vVCXj
ewQ2FZ3Zd0RAg+gUpNhjK8uInNyLs7oiplHsxydZuIBu4aZ7S1FojsfRxTMBcYS8
V1i4lkHmzecuQ5gtzJNFomOMC7KQxXP7WAEPWfCz8rK8opI8Oj5jWSu+O9tTWvcY
uWSqDoDAdBl8xvxtj++TPftwE1RosZ4t+8AScaDdi6yi1//H2YsteO7s/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHitBrzw62rDFmeFMzfHIQLZ3xx8MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZUswR3ZQRHJhc01XWjRVek44Y2hBdG5mSEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNHLAwQA
WNHmAwQAWNH/MA0GCSqGSIb3DQEBCwUAA4IBAQCqmAxcdprxUC0aNVGSoBBpQ6C6
0ncTuuppn1Du+s/sSaORPW0n1DMjGPN/+1S+r2KTa07sExlqbR/Hr2tshTV2fafi
fmZoau1kB2aH0yKs9B5yFC1xnNOdakO0SEJ2UM+U8j/QM4ttxJofYsH/G8g/yZlH
3IXWBDQfXwEzK8y5t4SeTgy9bUqeKn3m6pUxsz1LaZtqn0aUVJuR4ShimKdk4ooo
fUuFz29y6P4l7puOLgCn1FTFBQubOg09G6meLQtX4LSYTAsHBi2jES9aNfS9xr4O
7K+7pTPHsasZNHw/rk1AednQlmxYSRw4hYRejPkKKsmpjTXr1IJgP/6SUx/3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org