Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/k4WBOT0ZSH_yFVaEFVntZsjKifE.roa
File: k4WBOT0ZSH_yFVaEFVntZsjKifE.roa (raw, json)
Hash identifier: Y1oET52kgcDBBYUwNSwxoNDxh9rkKb4iSL25TIl0GVQ=
Subject key identifier: 93:85:81:39:3D:19:48:7F:F2:15:56:84:15:59:ED:66:C8:CA:89:F1
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188BDE0262172668B55A114D0E93CF6CB88
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/k4WBOT0ZSH_yFVaEFVntZsjKifE.roa
Signing time: Thu 15 Jun 2023 07:06:03 +0000
ROA not before: Thu 15 Jun 2023 07:06:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203511
IP address blocks: 88.209.229.0/24 maxlen: 24
88.209.248.0/24 maxlen: 24
2.58.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jul 2023 13:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bd:e0:26:21:72:66:8b:55:a1:14:d0:e9:3c:f6:cb:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 15 07:06:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=938581393d19487ff21556841559ed66c8ca89f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:89:f2:c5:cb:0e:ee:46:d7:b3:63:75:78:46:
14:d1:c1:d0:83:9d:ff:f2:00:98:b1:cc:48:ae:06:
fd:81:4e:a9:71:94:7d:33:5a:72:a5:c5:82:c9:43:
78:1f:ff:08:16:5a:fa:9c:a8:d2:f2:8a:be:c7:fd:
38:ea:c4:85:2d:40:eb:de:d0:e4:d7:45:27:87:d6:
23:43:cb:4f:8b:6b:91:22:34:a5:13:69:90:65:08:
22:35:f5:6c:ce:1e:ca:35:1b:47:af:2c:de:dc:d1:
90:bf:b0:36:26:ba:c7:cf:ab:9b:7f:15:6b:44:6e:
06:d1:8e:b4:04:dc:bc:3d:39:44:13:68:6a:bf:3e:
74:04:40:2a:8b:98:a9:bb:16:32:9e:09:95:6b:91:
95:12:ca:26:fd:29:32:95:60:20:ed:85:49:63:1f:
a3:03:13:09:74:70:3f:9b:c2:6e:c6:66:c6:06:1c:
df:3d:34:68:a8:f2:06:d0:0d:f0:9b:2d:73:32:4e:
b3:8b:f8:0f:8e:20:5c:8e:6a:ed:05:8c:75:58:1c:
bc:66:ae:63:5e:7b:7f:25:be:84:c5:d7:82:cd:e5:
ea:48:91:4b:80:c7:69:e2:d1:1d:55:27:17:3a:00:
5c:69:0a:7c:01:56:b1:ec:00:cc:e8:ed:91:d2:1a:
b4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:85:81:39:3D:19:48:7F:F2:15:56:84:15:59:ED:66:C8:CA:89:F1
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/k4WBOT0ZSH_yFVaEFVntZsjKifE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.169.0/24
88.209.229.0/24
88.209.248.0/24
Signature Algorithm: sha256WithRSAEncryption
66:bc:f1:03:14:89:f5:c3:f8:87:8e:5c:02:34:51:20:e9:28:
a1:fc:60:fd:db:a2:35:62:1c:6e:e0:a5:d4:d0:18:22:d2:e7:
72:d2:6c:8f:2f:b9:82:51:c9:e6:4b:b5:7f:43:72:80:66:af:
de:fe:08:36:3f:a1:31:c8:fa:3d:88:a2:d2:0f:8e:7b:eb:bd:
5e:6f:3b:8c:f9:aa:d8:d0:29:d5:6e:95:40:52:5e:3a:df:90:
c8:a4:08:f3:9a:80:fd:8c:67:e3:be:2a:89:38:22:c3:dd:16:
16:f7:ad:86:9c:52:f5:3d:de:d5:ba:36:ba:d8:81:ba:fb:c1:
ac:9a:ab:75:bd:0b:7d:cc:e4:66:f0:a9:62:ee:22:da:2b:33:
c2:34:8a:2d:7f:69:12:25:5e:40:ca:7f:ed:05:dd:07:a1:a0:
6e:43:71:5e:e3:54:ac:f3:dd:ea:ed:ae:3b:f9:10:3e:53:1e:
6c:23:de:37:ca:17:20:ab:d9:71:ce:fd:76:92:8b:9e:b5:11:
95:6f:57:e1:bf:5c:93:44:17:29:f7:4d:a2:30:d1:af:f1:ac:
0f:e1:47:9a:6f:bf:5a:c3:63:32:9a:42:61:d5:8c:1f:b5:45:
c2:49:f2:50:39:af:de:fb:68:a7:cf:0c:9a:57:a8:70:16:55:
8e:c5:fe:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYi94CYhcmaLVaEU0Ok89suIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjE1MDcwNjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzg1ODEzOTNkMTk0ODdmZjIxNTU2ODQxNTU5ZWQ2NmM4Y2E4OWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4nyxcsO7kbXs2N1eEYU0cHQg53/
8gCYscxIrgb9gU6pcZR9M1pypcWCyUN4H/8IFlr6nKjS8oq+x/046sSFLUDr3tDk
10Unh9YjQ8tPi2uRIjSlE2mQZQgiNfVszh7KNRtHryze3NGQv7A2JrrHz6ubfxVr
RG4G0Y60BNy8PTlEE2hqvz50BEAqi5ipuxYyngmVa5GVEsom/SkylWAg7YVJYx+j
AxMJdHA/m8JuxmbGBhzfPTRoqPIG0A3wmy1zMk6zi/gPjiBcjmrtBYx1WBy8Zq5j
Xnt/Jb6ExdeCzeXqSJFLgMdp4tEdVScXOgBcaQp8AVax7ADM6O2R0hq0MwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJOFgTk9GUh/8hVWhBVZ7WbIyonxMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvazRXQk9UMFpTSF95RlZhRUZWbnRac2pLaWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjqpAwQA
WNHlAwQAWNH4MA0GCSqGSIb3DQEBCwUAA4IBAQBmvPEDFIn1w/iHjlwCNFEg6Sih
/GD926I1Yhxu4KXU0Bgi0udy0myPL7mCUcnmS7V/Q3KAZq/e/gg2P6ExyPo9iKLS
D457671ebzuM+arY0CnVbpVAUl4635DIpAjzmoD9jGfjviqJOCLD3RYW962GnFL1
Pd7Vuja62IG6+8Gsmqt1vQt9zORm8Kli7iLaKzPCNIotf2kSJV5Ayn/tBd0HoaBu
Q3Fe41Ss893q7a47+RA+Ux5sI943yhcgq9lxzv12kouetRGVb1fhv1yTRBcp902i
MNGv8awP4Ueab79aw2MymkJh1YwftUXCSfJQOa/e+2inzwyaV6hwFlWOxf7e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org