Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/hk6wCLW3Vw9gmXScekZFwUHnyFc.roa
File: hk6wCLW3Vw9gmXScekZFwUHnyFc.roa (raw, json)
Hash identifier: TyiKIsaU8EIcnVXGDIsuSDcSNbbxynh+Iw6AWWO66ds=
Subject key identifier: 86:4E:B0:08:B5:B7:57:0F:60:99:74:9C:7A:46:45:C1:41:E7:C8:57
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CC3B6B77340A307368C83CAAA02F0FD57
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/hk6wCLW3Vw9gmXScekZFwUHnyFc.roa
Signing time: Mon 01 Jan 2024 06:29:40 +0000
ROA not before: Mon 01 Jan 2024 06:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 88.209.232.0/24 maxlen: 24
88.209.233.0/24 maxlen: 24
88.209.230.0/24 maxlen: 24
92.52.214.0/24 maxlen: 24
88.209.234.0/24 maxlen: 24
88.209.235.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
88.151.63.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
88.209.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 15:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:b7:73:40:a3:07:36:8c:83:ca:aa:02:f0:fd:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 06:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=864eb008b5b7570f6099749c7a4645c141e7c857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:66:e4:1b:22:b7:42:1d:43:71:b6:ef:57:01:
34:a5:36:8b:c5:da:c8:71:e5:92:ba:76:38:5f:d4:
bb:22:1f:c8:ff:a9:cc:a6:69:eb:93:3b:ac:f8:fd:
43:fb:00:31:55:1e:25:4b:36:32:e9:d1:6b:93:b0:
a2:d6:99:76:cb:fd:a0:6d:61:13:66:1b:93:69:75:
2c:49:e0:51:4d:28:d0:e5:39:b0:01:40:88:09:1b:
6a:34:41:c6:cb:10:1f:f8:ea:6f:77:14:6b:80:32:
83:a5:52:ee:22:cc:6c:da:cf:35:4e:df:59:86:e0:
ec:ad:d9:5c:23:81:bc:ce:bd:f1:a5:aa:48:b4:cb:
e3:5b:22:ed:c2:f7:63:cb:7a:f8:e0:61:6a:d1:bf:
15:e0:f0:a0:0c:06:d4:9e:c5:6d:30:18:99:7e:88:
be:c2:67:89:b6:f1:41:89:37:fc:1b:b2:60:53:75:
33:25:c1:bc:22:80:89:67:7f:c9:a7:91:4a:56:fa:
35:87:38:08:d2:9f:03:17:b7:36:6b:a1:7d:ac:b5:
d2:9a:fa:39:39:78:b5:f9:03:1a:d7:da:36:00:5d:
fb:86:2e:20:a2:30:52:d8:f6:cd:93:97:ad:d1:a2:
1e:26:34:37:b6:75:4e:98:09:89:c2:63:fc:b1:10:
5d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4E:B0:08:B5:B7:57:0F:60:99:74:9C:7A:46:45:C1:41:E7:C8:57
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/hk6wCLW3Vw9gmXScekZFwUHnyFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.159.0/24
88.151.63.0/24
88.209.203.0/24
88.209.230.0/24
88.209.232.0/22
88.209.255.0/24
92.52.214.0/24
Signature Algorithm: sha256WithRSAEncryption
39:67:10:f0:7a:ea:cd:9a:ed:e2:fd:6e:8f:e1:6f:87:91:b0:
06:6f:96:0f:70:c3:ff:7f:42:20:48:81:f2:99:7b:d9:9f:a9:
ef:29:8e:dd:46:a1:e1:ef:38:58:5f:8c:05:e8:d7:52:81:ff:
26:f7:8e:41:d9:59:25:7a:2b:1f:95:27:b5:f3:05:12:2c:58:
4e:1a:bd:9f:7a:19:f8:02:6c:57:8f:b4:9f:79:c9:3d:63:68:
a9:d1:44:2c:09:68:d7:cc:32:47:f4:83:59:e6:c7:fd:4d:5c:
ac:37:b5:1d:d1:20:ce:94:b9:b7:b0:f8:b6:93:b5:5e:c3:ef:
60:5d:5d:f0:fd:f9:ef:ef:d1:b8:b4:4e:bb:d9:72:15:c8:5c:
04:f4:1f:6e:0d:22:be:ab:82:6a:68:11:42:37:be:78:ca:0a:
95:4b:cf:29:11:49:16:ab:98:13:09:10:87:f8:02:a5:96:75:
52:82:bd:e1:d1:7c:82:b4:c5:64:41:ed:53:14:07:02:2f:81:
97:d1:1b:c6:11:b0:7a:70:5a:b2:6f:11:f6:e7:4f:98:a2:37:
b4:ac:9a:f2:44:1d:ee:53:db:1e:fa:b8:cf:a3:f6:7d:97:d8:
4c:10:ee:dd:81:9c:62:1d:73:5e:50:96:f0:96:66:f7:a3:5f:
8f:3b:c3:25
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzDtrdzQKMHNoyDyqoC8P1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTAxMDYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjRlYjAwOGI1Yjc1NzBmNjA5OTc0OWM3YTQ2NDVjMTQxZTdjODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2bkGyK3Qh1DcbbvVwE0pTaLxdrI
ceWSunY4X9S7Ih/I/6nMpmnrkzus+P1D+wAxVR4lSzYy6dFrk7Ci1pl2y/2gbWET
ZhuTaXUsSeBRTSjQ5TmwAUCICRtqNEHGyxAf+OpvdxRrgDKDpVLuIsxs2s81Tt9Z
huDsrdlcI4G8zr3xpapItMvjWyLtwvdjy3r44GFq0b8V4PCgDAbUnsVtMBiZfoi+
wmeJtvFBiTf8G7JgU3UzJcG8IoCJZ3/Jp5FKVvo1hzgI0p8DF7c2a6F9rLXSmvo5
OXi1+QMa19o2AF37hi4gojBS2PbNk5et0aIeJjQ3tnVOmAmJwmP8sRBdywIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIZOsAi1t1cPYJl0nHpGRcFB58hXMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaGs2d0NMVzNWdzlnbVhTY2VrWkZ3VUhueUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATfKfAwQA
WJc/AwQAWNHLAwQAWNHmAwQCWNHoAwQAWNH/AwQAXDTWMA0GCSqGSIb3DQEBCwUA
A4IBAQA5ZxDweurNmu3i/W6P4W+HkbAGb5YPcMP/f0IgSIHymXvZn6nvKY7dRqHh
7zhYX4wF6NdSgf8m945B2VkleisflSe18wUSLFhOGr2fehn4AmxXj7Sfeck9Y2ip
0UQsCWjXzDJH9INZ5sf9TVysN7Ud0SDOlLm3sPi2k7Vew+9gXV3w/fnv79G4tE67
2XIVyFwE9B9uDSK+q4JqaBFCN754ygqVS88pEUkWq5gTCRCH+AKllnVSgr3h0XyC
tMVkQe1TFAcCL4GX0RvGEbB6cFqybxH250+Yoje0rJryRB3uU9se+rjPo/Z9l9hM
EO7dgZxiHXNeUJbwlmb3o1+PO8Ml
-----END CERTIFICATE-----
Generated at Thu Jan 11 20:57:27 2024 by rpki-client on console-ams.rpki-client.org