Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/gxuijTmL0AsuMzjhXb_yb6ER-rk.roa
File: gxuijTmL0AsuMzjhXb_yb6ER-rk.roa (raw, json)
Hash identifier: j5J9/TrJHiRmSH1anMn6ob7mxULZKy7Ml+2lEopxPE8=
Subject key identifier: 83:1B:A2:8D:39:8B:D0:0B:2E:33:38:E1:5D:BF:F2:6F:A1:11:FA:B9
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0191A708E1A916034BF4155E6CD47DBB09D0
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/gxuijTmL0AsuMzjhXb_yb6ER-rk.roa
Signing time: Sat 31 Aug 2024 06:04:22 +0000
ROA not before: Sat 31 Aug 2024 06:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 2.58.171.0/24 maxlen: 24
88.151.56.0/24 maxlen: 24
88.151.59.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
88.209.192.0/24 maxlen: 24
88.209.194.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
88.209.222.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Sep 2024 08:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a7:08:e1:a9:16:03:4b:f4:15:5e:6c:d4:7d:bb:09:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 31 06:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=831ba28d398bd00b2e3338e15dbff26fa111fab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7c:45:df:4e:8e:de:3d:b5:4b:46:ee:49:e8:
bf:86:20:5d:82:e7:2e:8d:c9:b7:58:c1:df:7d:b9:
fc:c9:77:3c:db:7f:0d:55:bb:41:26:63:f3:2f:18:
d4:fc:ce:67:5c:76:3f:93:c2:e2:7d:54:2f:f9:02:
f7:f6:84:d1:9b:ed:14:f5:a9:a1:1f:29:de:e9:15:
66:ef:b0:44:f6:d0:71:ef:a7:3c:1f:6a:a0:d0:e6:
12:10:58:73:7a:f1:00:35:7a:46:07:53:f9:35:b1:
8d:61:0e:56:92:48:18:a7:fc:86:83:05:c6:cc:68:
1d:93:e0:ac:25:f8:ae:60:70:0d:4e:b6:78:40:a5:
f5:aa:d2:57:8f:ef:86:17:df:41:0b:df:ec:2c:ec:
f7:5b:66:2e:44:c5:31:51:70:d9:87:f1:2c:f3:4c:
9f:0c:32:2d:9f:fe:00:d2:3d:62:82:d9:5f:78:80:
5f:95:a7:81:96:8c:a7:e0:e1:12:76:8e:48:2b:b9:
42:f0:ac:21:c6:a8:82:db:25:c6:ed:d3:a3:a3:46:
dd:2f:e7:63:ca:68:97:f8:31:50:d6:76:e8:af:54:
96:15:ab:bc:85:c8:3c:48:a2:c6:4e:78:8b:85:43:
f3:46:59:a1:a3:7c:86:b1:e8:36:da:96:f2:93:35:
c1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1B:A2:8D:39:8B:D0:0B:2E:33:38:E1:5D:BF:F2:6F:A1:11:FA:B9
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/gxuijTmL0AsuMzjhXb_yb6ER-rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.171.0/24
88.151.56.0/24
88.151.59.0/24
88.151.61.0/24
88.209.192.0/24
88.209.194.0/24
88.209.207.0/24
88.209.209.0/24
88.209.211.0/24
88.209.221.0-88.209.222.255
88.209.224.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:de:9a:92:d6:0c:9b:95:53:78:4c:ae:ba:c8:e1:db:fd:a7:
08:42:02:3a:a7:0b:db:90:34:7a:75:d7:a3:0c:14:5a:c4:7f:
22:5c:82:a0:01:75:93:23:87:46:14:51:8a:33:2a:86:30:4e:
00:81:46:83:90:80:90:34:1a:03:a9:c8:85:c3:80:fd:94:41:
75:2e:d5:46:48:f9:6f:e4:6a:84:5c:24:ca:e3:7c:b3:d1:fe:
b6:3d:7c:ef:44:6e:43:ea:1e:2f:78:34:26:c0:21:49:86:87:
6a:53:ed:d8:8b:13:5e:b2:56:49:b5:96:19:25:27:c4:db:5a:
47:71:49:7a:fd:03:9e:68:d1:b3:3e:27:0d:8e:12:35:8d:7b:
d0:f7:50:eb:b6:7d:5e:d7:90:eb:7f:b2:57:1a:ab:49:bf:f6:
b6:be:6a:bf:b0:f1:2e:08:90:88:5e:7c:c6:57:a6:07:8b:36:
97:bb:9e:9c:0a:fe:d2:d4:40:54:18:16:f1:7b:e2:df:1b:a4:
e6:0a:7a:33:40:e4:32:51:74:f1:b9:b7:91:15:7c:97:aa:e2:
7f:9f:36:d7:49:e9:dc:e1:46:62:00:2a:7f:5a:90:32:2f:08:
e3:d4:a4:28:09:21:de:ce:54:ee:4a:76:81:0e:ad:20:56:58:
91:08:8e:21
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZGnCOGpFgNL9BVebNR9uwnQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwODMxMDYwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzFiYTI4ZDM5OGJkMDBiMmUzMzM4ZTE1ZGJmZjI2ZmExMTFmYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3xF306O3j21S0buSei/hiBdgucu
jcm3WMHffbn8yXc8238NVbtBJmPzLxjU/M5nXHY/k8LifVQv+QL39oTRm+0U9amh
Hyne6RVm77BE9tBx76c8H2qg0OYSEFhzevEANXpGB1P5NbGNYQ5WkkgYp/yGgwXG
zGgdk+CsJfiuYHANTrZ4QKX1qtJXj++GF99BC9/sLOz3W2YuRMUxUXDZh/Es80yf
DDItn/4A0j1igtlfeIBflaeBloyn4OESdo5IK7lC8KwhxqiC2yXG7dOjo0bdL+dj
ymiX+DFQ1nbor1SWFau8hcg8SKLGTniLhUPzRlmho3yGseg22pbykzXBTwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFIMboo05i9ALLjM44V2/8m+hEfq5MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZ3h1aWpUbUwwQXN1TXpqaFhiX3liNkVSLXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAAjqrAwQA
WJc4AwQAWJc7AwQAWJc9AwQAWNHAAwQAWNHCAwQAWNHPAwQAWNHRAwQAWNHTMAwD
BABY0d0DBABY0d4DBAFY0eAwDQYJKoZIhvcNAQELBQADggEBAAzempLWDJuVU3hM
rrrI4dv9pwhCAjqnC9uQNHp116MMFFrEfyJcgqABdZMjh0YUUYozKoYwTgCBRoOQ
gJA0GgOpyIXDgP2UQXUu1UZI+W/kaoRcJMrjfLPR/rY9fO9EbkPqHi94NCbAIUmG
h2pT7diLE16yVkm1lhklJ8TbWkdxSXr9A55o0bM+Jw2OEjWNe9D3UOu2fV7XkOt/
slcaq0m/9ra+ar+w8S4IkIhefMZXpgeLNpe7npwK/tLUQFQYFvF74t8bpOYKejNA
5DJRdPG5t5EVfJeq4n+fNtdJ6dzhRmIAKn9akDIvCOPUpCgJId7OVO5KdoEOrSBW
WJEIjiE=
Generated at Sat Sep 7 09:42:24 2024 by rpki-client on console-fra.rpki-client.org