Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/gAAsUpzypXEQO1QP7HXvHY-GknY.roa
File: gAAsUpzypXEQO1QP7HXvHY-GknY.roa (raw, json)
Hash identifier: 0QTW5dclPJMJfGm+zuyuEgto8mEh+1ZAwUT//SVcXSY=
Subject key identifier: 80:00:2C:52:9C:F2:A5:71:10:3B:54:0F:EC:75:EF:1D:8F:86:92:76
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018B90B2269FF2296DF9703DDFC35DE04171
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/gAAsUpzypXEQO1QP7HXvHY-GknY.roa
Signing time: Thu 02 Nov 2023 15:41:16 +0000
ROA not before: Thu 02 Nov 2023 15:41:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.237.0/24 maxlen: 24
88.209.238.0/24 maxlen: 24
88.209.246.0/23 maxlen: 23
88.209.254.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.229.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
88.209.219.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:b2:26:9f:f2:29:6d:f9:70:3d:df:c3:5d:e0:41:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 2 15:41:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80002c529cf2a571103b540fec75ef1d8f869276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:73:c0:db:66:d0:90:7c:39:a2:1c:9f:b6:7d:
5a:cf:38:c9:bc:81:21:0d:9b:a9:b3:49:ed:5c:4b:
dd:07:ed:df:38:53:f4:12:52:bd:16:19:3e:85:a7:
91:01:10:d6:10:e9:69:7f:6c:c8:d5:ff:89:31:21:
39:f5:3c:60:94:fa:f6:fb:7e:11:1a:21:0d:3e:54:
80:54:34:13:65:4a:21:2c:c0:b8:95:6b:8b:4f:f7:
19:a0:ee:6d:16:7d:1a:f7:b9:92:1f:53:08:6c:90:
39:6b:9e:2f:4a:8f:70:ec:4e:52:ab:52:2f:d9:a1:
7c:c7:c3:f0:13:e0:2b:62:fd:42:ce:af:c2:93:f9:
30:de:c0:ab:31:55:b5:f9:88:a2:7a:6c:be:ae:68:
65:97:c6:b9:03:69:a2:d2:ef:a6:11:cb:c0:b6:2d:
8e:ce:1a:80:dd:19:00:df:bb:e2:a2:32:75:e8:9c:
90:ec:60:9a:11:9c:03:a3:0b:5c:48:cf:84:23:dd:
b6:55:9b:a8:e4:3a:b3:6e:f8:5d:61:88:dd:f5:3f:
94:c0:44:e7:46:5d:a6:cd:52:22:f9:e8:3e:7e:da:
86:95:59:9d:e4:2d:5b:b0:ed:a0:b1:24:b6:55:a6:
95:00:7e:3c:9f:2f:2f:63:cc:f8:c5:e5:59:c6:ce:
69:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:00:2C:52:9C:F2:A5:71:10:3B:54:0F:EC:75:EF:1D:8F:86:92:76
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/gAAsUpzypXEQO1QP7HXvHY-GknY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
83.137.153.0/24
83.137.157.0/24
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0-92.52.218.255
178.210.229.0/24
178.210.232.0/24
178.210.234.0/23
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:f5:75:20:45:6a:ee:8b:77:35:fe:7f:1b:cf:45:9c:dc:71:
cc:1f:e5:3b:ea:eb:db:ed:7b:90:c8:04:89:d0:96:90:a2:fe:
b6:9b:10:83:06:76:15:02:ed:13:b2:da:b3:9d:0f:22:2c:2d:
9f:6b:d8:17:6b:55:16:2d:61:64:6f:53:86:08:b6:65:53:ce:
1d:8f:51:98:72:a2:2e:dd:be:25:6c:fb:65:6e:be:5e:d7:54:
00:7a:ae:5e:dd:75:3e:4f:0a:11:ec:08:11:a0:1e:fe:17:73:
2a:2e:e7:b8:fd:29:f6:0e:00:84:68:8e:02:1b:13:f3:a5:91:
41:71:4d:81:cd:e6:de:05:9d:7c:28:1e:d0:0e:de:f9:26:22:
01:6e:c1:72:db:41:3b:07:ad:90:94:59:c7:bb:c5:fb:de:52:
0a:00:d0:3a:52:8e:ec:46:8f:a6:1f:8a:67:e7:f3:8d:ca:0c:
ba:c7:3d:bf:b7:d8:8a:df:d8:8a:4e:1f:c3:d3:2a:b0:cb:44:
de:63:b5:3f:ae:53:31:5e:12:fe:2b:1a:08:10:e0:0b:8f:f8:
dc:60:c4:0e:c2:20:d6:ac:f5:cc:38:a2:d0:42:8e:74:5d:0e:
01:b5:26:67:bc:52:0d:45:6c:58:8e:75:b2:0f:e7:f3:e5:96:
4d:12:6f:5f
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYuQsiaf8ilt+XA938Nd4EFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMTAyMTU0MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDAwMmM1MjljZjJhNTcxMTAzYjU0MGZlYzc1ZWYxZDhmODY5Mjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3PA22bQkHw5ohyftn1azzjJvIEh
DZups0ntXEvdB+3fOFP0ElK9Fhk+haeRARDWEOlpf2zI1f+JMSE59TxglPr2+34R
GiENPlSAVDQTZUohLMC4lWuLT/cZoO5tFn0a97mSH1MIbJA5a54vSo9w7E5Sq1Iv
2aF8x8PwE+ArYv1Czq/Ck/kw3sCrMVW1+Yiiemy+rmhll8a5A2mi0u+mEcvAti2O
zhqA3RkA37viojJ16JyQ7GCaEZwDowtcSM+EI922VZuo5DqzbvhdYYjd9T+UwETn
Rl2mzVIi+eg+ftqGlVmd5C1bsO2gsSS2VaaVAH48ny8vY8z4xeVZxs5pcQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFIAALFKc8qVxEDtUD+x17x2PhpJ2MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZ0FBc1VwenlwWEVRTzFRUDdIWHZIWS1Ha25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAAW2cAME
AAW2cwMEAC0JqAMEAk3ymAMEAFOJmQMEAFOJnQMEAFjR2wMEAFjR5AMEAljR7AME
AVjR9gMEAFjR/jAMAwQAXDTZAwQAXDTaAwQAstLlAwQAstLoAwQBstLqAwQAstLt
AwQAwikvMA0GCSqGSIb3DQEBCwUAA4IBAQBe9XUgRWrui3c1/n8bz0Wc3HHMH+U7
6uvb7XuQyASJ0JaQov62mxCDBnYVAu0TstqznQ8iLC2fa9gXa1UWLWFkb1OGCLZl
U84dj1GYcqIu3b4lbPtlbr5e11QAeq5e3XU+TwoR7AgRoB7+F3MqLue4/Sn2DgCE
aI4CGxPzpZFBcU2BzebeBZ18KB7QDt75JiIBbsFy20E7B62QlFnHu8X73lIKANA6
Uo7sRo+mH4pn5/ONygy6xz2/t9iK39iKTh/D0yqwy0TeY7U/rlMxXhL+KxoIEOAL
j/jcYMQOwiDWrPXMOKLQQo50XQ4BtSZnvFINRWxYjnWyD+fz5ZZNEm9f
-----END CERTIFICATE-----
Generated at Mon Nov 6 12:40:47 2023 by rpki-client on console-fra.rpki-client.org