Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/h1ezRmRvppsvwQKzQ3p-JGU4ffQ.roa
File: h1ezRmRvppsvwQKzQ3p-JGU4ffQ.roa (raw, json)
Hash identifier: 46EoP79+bYMkrDFJA4psW92pJsHk2ut6OzFruVM4/4Y=
Subject key identifier: 87:57:B3:46:64:6F:A6:9B:2F:C1:02:B3:43:7A:7E:24:65:38:7D:F4
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018A842D37891D1A411502AED9F281E7F404
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/h1ezRmRvppsvwQKzQ3p-JGU4ffQ.roa
Signing time: Mon 11 Sep 2023 12:17:50 +0000
ROA not before: Mon 11 Sep 2023 12:17:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 88.209.230.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
88.209.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:2d:37:89:1d:1a:41:15:02:ae:d9:f2:81:e7:f4:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 11 12:17:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8757b346646fa69b2fc102b3437a7e2465387df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0e:9b:a9:81:98:23:3b:9e:15:4d:1c:d2:2c:
10:6c:76:0f:49:75:4b:fc:91:6c:b2:ec:64:aa:d6:
18:a4:77:41:8c:7f:1c:3c:26:19:48:cf:6f:3c:e7:
d9:eb:b7:44:57:fc:d0:ca:97:0f:6b:ab:7c:3a:d9:
0d:6f:dc:bd:f2:4e:26:25:4a:e8:6a:aa:fa:7b:1f:
8f:36:e7:29:1a:72:9c:46:66:9b:a8:2d:a2:cf:0d:
49:b0:42:39:ae:7a:32:72:57:4b:c0:e7:db:d9:1e:
b8:01:0b:4c:ed:23:ef:13:01:cd:bc:0d:08:2b:1b:
60:5b:62:c2:ae:b7:61:b0:06:ec:13:de:22:44:cd:
e2:2f:da:fd:51:0e:42:82:a1:7a:90:4b:a9:a6:bc:
22:87:e4:8e:34:2a:f6:e1:c4:0c:65:d6:f4:4b:4d:
22:3b:83:2c:b7:84:1f:c5:d3:4e:4b:fd:6c:73:7c:
7f:70:29:52:b9:56:ab:0b:73:48:54:23:88:9e:97:
c0:52:81:fc:cf:e9:8e:95:16:83:0b:3b:c7:16:20:
48:06:d6:43:8f:fd:91:5d:c4:f8:30:6f:f6:0c:8d:
d5:ad:bb:79:91:98:1e:60:b7:b3:78:25:96:7a:da:
49:78:4f:90:21:8a:91:88:4d:a8:c1:bd:e3:c7:b4:
70:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:57:B3:46:64:6F:A6:9B:2F:C1:02:B3:43:7A:7E:24:65:38:7D:F4
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/h1ezRmRvppsvwQKzQ3p-JGU4ffQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.159.0/24
88.209.203.0/24
88.209.230.0/24
88.209.255.0/24
Signature Algorithm: sha256WithRSAEncryption
65:71:7f:b3:b6:71:0b:5f:9a:7e:04:39:0b:5e:fb:ab:ca:59:
07:6b:d0:71:d1:5c:b9:67:79:cd:56:7a:d6:2f:3b:8c:e9:32:
40:34:90:b4:9e:77:3c:fb:b7:bd:22:b7:88:a8:14:72:a3:f6:
8c:95:06:58:fe:51:ee:ed:24:1b:dc:f4:20:75:38:2c:bd:89:
d8:a1:d7:d2:67:04:ec:c7:f5:24:6f:23:16:d7:e2:17:31:c9:
6f:52:3b:75:d3:eb:54:8d:a8:23:1f:55:af:e2:47:6f:68:08:
db:a4:f3:7c:76:4d:f0:a9:30:74:aa:67:56:6a:81:1a:78:9a:
44:81:05:46:12:c5:02:cb:41:b1:f9:7f:cf:7d:84:88:bb:3f:
05:98:a7:36:3a:27:55:a7:a3:4b:a6:83:b6:ef:8f:df:93:15:
c0:c0:61:18:00:79:45:fb:c5:e4:af:b1:e9:49:2b:06:00:6b:
f7:9a:b3:9d:d3:fa:93:89:fd:a4:6a:e4:14:50:9c:0d:13:d3:
45:0d:8a:ed:72:d2:d1:4b:20:37:08:3c:cd:30:f6:85:c7:4b:
17:f8:01:9e:56:b6:41:fe:8e:bd:bd:44:de:f8:90:6e:63:1b:
b4:c3:be:41:7c:0b:6b:6e:14:83:76:84:71:ca:d1:91:0d:85:
c1:92:9f:a7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqELTeJHRpBFQKu2fKB5/QEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwOTExMTIxNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzU3YjM0NjY0NmZhNjliMmZjMTAyYjM0MzdhN2UyNDY1Mzg3ZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkg6bqYGYIzueFU0c0iwQbHYPSXVL
/JFssuxkqtYYpHdBjH8cPCYZSM9vPOfZ67dEV/zQypcPa6t8OtkNb9y98k4mJUro
aqr6ex+PNucpGnKcRmabqC2izw1JsEI5rnoycldLwOfb2R64AQtM7SPvEwHNvA0I
KxtgW2LCrrdhsAbsE94iRM3iL9r9UQ5CgqF6kEupprwih+SONCr24cQMZdb0S00i
O4Mst4QfxdNOS/1sc3x/cClSuVarC3NIVCOInpfAUoH8z+mOlRaDCzvHFiBIBtZD
j/2RXcT4MG/2DI3Vrbt5kZgeYLezeCWWetpJeE+QIYqRiE2owb3jx7Rw8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIdXs0Zkb6abL8ECs0N6fiRlOH30MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaDFlelJtUnZwcHN2d1FLelEzcC1KR1U0ZmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATfKfAwQA
WNHLAwQAWNHmAwQAWNH/MA0GCSqGSIb3DQEBCwUAA4IBAQBlcX+ztnELX5p+BDkL
XvurylkHa9Bx0Vy5Z3nNVnrWLzuM6TJANJC0nnc8+7e9IreIqBRyo/aMlQZY/lHu
7SQb3PQgdTgsvYnYodfSZwTsx/UkbyMW1+IXMclvUjt10+tUjagjH1Wv4kdvaAjb
pPN8dk3wqTB0qmdWaoEaeJpEgQVGEsUCy0Gx+X/PfYSIuz8FmKc2OidVp6NLpoO2
74/fkxXAwGEYAHlF+8Xkr7HpSSsGAGv3mrOd0/qTif2kauQUUJwNE9NFDYrtctLR
SyA3CDzNMPaFx0sX+AGeVrZB/o69vUTe+JBuYxu0w75BfAtrbhSDdoRxytGRDYXB
kp+n
-----END CERTIFICATE-----
Generated at Tue Sep 26 15:10:15 2023 by rpki-client on console-fra.rpki-client.org