Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/gOWSpIu2KZtXEwDIzEqrIX6_JtQ.roa
File: gOWSpIu2KZtXEwDIzEqrIX6_JtQ.roa (raw, json)
Hash identifier: ofTocKbcmPgJzhICKieDvZr2tMKGJL1REM0uH31DVoY=
Subject key identifier: 80:E5:92:A4:8B:B6:29:9B:57:13:00:C8:CC:4A:AB:21:7E:BF:26:D4
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018FEC5C114DB59BBC7BB2D07E19E8302E23
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/gOWSpIu2KZtXEwDIzEqrIX6_JtQ.roa
Signing time: Thu 06 Jun 2024 07:03:27 +0000
ROA not before: Thu 06 Jun 2024 07:03:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
88.209.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 07:17:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ec:5c:11:4d:b5:9b:bc:7b:b2:d0:7e:19:e8:30:2e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 6 07:03:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80e592a48bb6299b571300c8cc4aab217ebf26d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:05:d0:76:dc:8c:33:fd:4a:ff:0a:15:a4:7d:
7f:a5:a2:88:93:c5:e2:a2:18:83:a6:9f:37:82:b8:
56:b3:4a:25:f2:55:a0:80:95:9d:85:b3:b2:bb:5e:
66:87:2a:b4:7a:4a:07:50:47:23:f5:b5:b2:e1:36:
a0:8f:a5:09:ef:97:d6:da:ba:9b:21:43:93:31:6d:
a1:01:90:09:ab:fc:a7:63:49:6b:49:b8:e8:74:fa:
71:48:3c:e2:19:ce:07:14:da:90:5f:8c:08:29:41:
a3:73:6a:6a:54:72:0d:cf:ec:ec:cf:17:7e:43:4e:
d0:af:20:36:d3:26:6d:27:5b:39:29:7b:68:59:eb:
00:93:1a:f0:dd:60:09:ec:d0:13:07:1f:94:bc:d3:
79:0d:cb:b9:64:1c:d5:b5:88:a1:f7:24:8a:8b:0a:
e6:bb:fe:9b:19:e9:e0:6e:83:4e:e9:f8:d1:1c:11:
f4:03:9d:23:e3:f9:bc:38:ef:a7:12:75:e3:39:77:
7a:c5:b8:83:0e:50:33:bc:16:8e:92:c0:fe:29:f7:
af:fb:d8:33:85:3d:9e:7d:59:b1:d8:de:3d:ac:24:
a0:72:18:bc:67:49:2f:3a:2c:ff:cf:7a:83:79:1b:
52:ab:b9:fc:3a:8b:6c:a4:8b:67:3f:95:a9:23:54:
e9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:E5:92:A4:8B:B6:29:9B:57:13:00:C8:CC:4A:AB:21:7E:BF:26:D4
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/gOWSpIu2KZtXEwDIzEqrIX6_JtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.211.0/24
88.209.232.0/22
88.209.245.0/24
Signature Algorithm: sha256WithRSAEncryption
85:8e:8e:04:84:64:6c:f0:fa:56:ba:be:93:70:6b:a1:0d:27:
d0:81:b2:70:1c:fb:49:ea:f0:69:a6:20:26:1e:e2:f3:6e:e6:
b5:73:52:01:8c:a3:ba:5e:3b:fa:02:75:50:28:28:e6:7d:da:
48:6e:f2:c1:eb:b2:c3:ff:51:75:2c:ef:ca:13:ca:50:32:c7:
c9:fe:8b:b1:cd:1c:d7:c9:57:e7:5f:55:1f:a3:8b:f8:3f:44:
f3:f2:c5:40:84:88:f2:2b:9c:66:72:75:01:d8:43:e7:e1:f0:
d0:7c:26:5c:56:f8:bf:cc:a7:ca:f5:32:3f:21:6d:5b:98:70:
e7:aa:c3:e0:48:05:53:ca:2c:36:da:09:86:47:b6:6d:10:0e:
17:08:f3:64:1e:e5:84:6a:9d:7d:71:1d:14:79:4c:58:9b:70:
30:48:dd:63:76:6b:98:24:14:78:cc:d6:bc:a0:f6:fc:d8:16:
58:5e:e9:c4:28:1a:f4:e6:e5:17:de:f2:26:22:00:5d:ec:d4:
d0:3d:6c:ee:04:db:84:b9:ba:23:33:38:e9:97:22:26:09:a5:
69:ff:8b:1b:26:ae:0a:1c:de:33:b4:02:4b:ba:21:ec:8f:c2:
29:42:3b:b7:82:a0:11:eb:30:03:ee:d6:a0:ff:f4:55:70:1e:
79:73:59:1c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/sXBFNtZu8e7LQfhnoMC4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwNjA2MDcwMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGU1OTJhNDhiYjYyOTliNTcxMzAwYzhjYzRhYWIyMTdlYmYyNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAXQdtyMM/1K/woVpH1/paKIk8Xi
ohiDpp83grhWs0ol8lWggJWdhbOyu15mhyq0ekoHUEcj9bWy4Tagj6UJ75fW2rqb
IUOTMW2hAZAJq/ynY0lrSbjodPpxSDziGc4HFNqQX4wIKUGjc2pqVHINz+zszxd+
Q07QryA20yZtJ1s5KXtoWesAkxrw3WAJ7NATBx+UvNN5Dcu5ZBzVtYih9ySKiwrm
u/6bGengboNO6fjRHBH0A50j4/m8OO+nEnXjOXd6xbiDDlAzvBaOksD+Kfev+9gz
hT2efVmx2N49rCSgchi8Z0kvOiz/z3qDeRtSq7n8OotspItnP5WpI1TpwQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIDlkqSLtimbVxMAyMxKqyF+vybUMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZ09XU3BJdTJLWnRYRXdESXpFcXJJWDZfSnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWJc4AwQA
WNHTAwQCWNHoAwQAWNH1MA0GCSqGSIb3DQEBCwUAA4IBAQCFjo4EhGRs8PpWur6T
cGuhDSfQgbJwHPtJ6vBppiAmHuLzbua1c1IBjKO6Xjv6AnVQKCjmfdpIbvLB67LD
/1F1LO/KE8pQMsfJ/ouxzRzXyVfnX1Ufo4v4P0Tz8sVAhIjyK5xmcnUB2EPn4fDQ
fCZcVvi/zKfK9TI/IW1bmHDnqsPgSAVTyiw22gmGR7ZtEA4XCPNkHuWEap19cR0U
eUxYm3AwSN1jdmuYJBR4zNa8oPb82BZYXunEKBr05uUX3vImIgBd7NTQPWzuBNuE
ubojMzjplyImCaVp/4sbJq4KHN4ztAJLuiHsj8IpQju3gqAR6zAD7tag//RVcB55
c1kc
-----END CERTIFICATE-----
Generated at Fri Jun 7 11:40:23 2024 by rpki-client on console-ams.rpki-client.org