Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kBdpHN5m0dDmbNNF6bX9shGWfdA.roa
File: kBdpHN5m0dDmbNNF6bX9shGWfdA.roa (raw, json)
Hash identifier: uWSksruMo4aPZcAo9fCTOjyXhhxfErbQvEMmPwVO3xA=
Subject key identifier: 90:17:69:1C:DE:66:D1:D0:E6:6C:D3:45:E9:B5:FD:B2:11:96:7D:D0
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0192F6385B56BBCE7B7D0032741E49B11D84
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kBdpHN5m0dDmbNNF6bX9shGWfdA.roa
Signing time: Mon 04 Nov 2024 08:09:01 +0000
ROA not before: Mon 04 Nov 2024 08:09:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 2.58.170.0/24 maxlen: 24
77.242.146.0/23 maxlen: 23
88.151.56.0/23 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 20:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:38:5b:56:bb:ce:7b:7d:00:32:74:1e:49:b1:1d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 4 08:09:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9017691cde66d1d0e66cd345e9b5fdb211967dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:82:19:be:93:d4:c2:f9:74:a0:c4:d8:3f:8d:
15:74:90:8c:ed:bb:db:58:92:2a:30:ca:e4:1e:db:
f2:d5:b9:9d:e7:dd:ce:7a:24:4f:be:0d:17:ea:32:
28:bc:31:58:27:1f:ad:2a:04:c6:c0:be:6e:e2:01:
81:7f:be:d9:5e:e0:41:30:af:ce:a3:7e:f9:d2:1f:
4f:8c:8f:8f:e3:94:a2:02:35:01:85:d3:cc:12:5a:
7e:66:28:b5:80:3b:9a:10:56:ad:a3:f3:98:e3:5f:
5b:fd:c8:1f:56:59:bf:66:7a:03:a7:ff:0b:28:d8:
35:65:e5:68:f8:ae:13:ff:a0:df:03:10:eb:26:e3:
5b:cc:9d:90:65:05:05:b1:73:cb:96:3d:e4:f1:12:
53:b8:bb:f7:62:19:ce:18:4e:91:ca:0c:08:83:bf:
a8:80:8a:dd:14:52:c2:35:44:28:8d:5e:fe:c7:45:
02:f1:ee:ae:52:6e:d4:5d:58:4a:40:5c:59:17:74:
e9:46:27:36:4a:4d:3e:24:6f:e6:d7:f7:42:06:10:
d1:8c:97:d5:4c:f5:c3:1f:bc:33:1d:a1:af:cb:fe:
18:0e:ce:5e:f7:ad:a9:6d:42:bb:32:90:30:55:8e:
30:d6:04:ce:7f:7a:cf:4d:dd:ed:27:c6:d5:ad:05:
0b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:17:69:1C:DE:66:D1:D0:E6:6C:D3:45:E9:B5:FD:B2:11:96:7D:D0
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kBdpHN5m0dDmbNNF6bX9shGWfdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.170.0/24
77.242.146.0/23
88.151.56.0/23
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
46:e5:56:39:43:79:86:ea:9e:d5:9e:e8:1f:62:3f:92:04:32:
64:93:57:04:67:ca:c3:9a:a3:0c:9b:7d:58:c3:6d:a6:71:0f:
4b:b0:a9:9d:b5:9c:9b:0e:4a:55:01:90:98:40:16:36:23:9a:
eb:59:f4:d3:04:2a:a6:05:96:26:00:c6:50:8a:8d:13:10:ee:
35:2e:67:01:87:6f:fb:c6:02:8e:85:e9:4d:b5:e6:77:19:f8:
02:01:48:23:e6:4b:21:76:fb:2e:34:8a:e9:a8:b1:a7:08:3c:
f1:e2:87:15:fe:64:90:ef:44:d3:ed:78:79:c1:16:4f:1f:ac:
45:b8:df:b8:c1:eb:8f:5c:e4:3d:43:cb:b4:8d:02:40:98:b2:
73:43:0d:04:ff:e1:7a:24:c9:d8:b9:4f:b6:5a:8f:24:23:8b:
06:04:fe:b2:4c:6e:1a:74:80:77:d8:b0:24:42:ae:f3:6d:ed:
68:bb:c2:cb:07:84:52:ec:6d:d3:f6:52:71:ed:92:e7:9e:bd:
72:f2:28:8f:9c:91:24:da:a9:32:11:ae:0c:3c:ab:dd:91:b9:
76:4a:8d:24:8f:17:a4:b1:08:a0:c6:03:c7:8f:e4:18:ed:eb:
03:04:e3:f0:a0:de:57:94:99:43:61:b0:f5:24:10:76:8a:46:
af:fd:de:23
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZL2OFtWu857fQAydB5JsR2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQxMTA0MDgwOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDE3NjkxY2RlNjZkMWQwZTY2Y2QzNDVlOWI1ZmRiMjExOTY3ZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIIZvpPUwvl0oMTYP40VdJCM7bvb
WJIqMMrkHtvy1bmd593OeiRPvg0X6jIovDFYJx+tKgTGwL5u4gGBf77ZXuBBMK/O
o3750h9PjI+P45SiAjUBhdPMElp+Zii1gDuaEFato/OY419b/cgfVlm/ZnoDp/8L
KNg1ZeVo+K4T/6DfAxDrJuNbzJ2QZQUFsXPLlj3k8RJTuLv3YhnOGE6RygwIg7+o
gIrdFFLCNUQojV7+x0UC8e6uUm7UXVhKQFxZF3TpRic2Sk0+JG/m1/dCBhDRjJfV
TPXDH7wzHaGvy/4YDs5e962pbUK7MpAwVY4w1gTOf3rPTd3tJ8bVrQULvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJAXaRzeZtHQ5mzTRem1/bIRln3QMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEva0JkcEhONW0wZERtYk5ORjZiWDlzaEdXZmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjqqAwQB
TfKSAwQBWJc4AwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQBG5VY5Q3mG6p7Vnugf
Yj+SBDJkk1cEZ8rDmqMMm31Yw22mcQ9LsKmdtZybDkpVAZCYQBY2I5rrWfTTBCqm
BZYmAMZQio0TEO41LmcBh2/7xgKOhelNteZ3GfgCAUgj5kshdvsuNIrpqLGnCDzx
4ocV/mSQ70TT7Xh5wRZPH6xFuN+4weuPXOQ9Q8u0jQJAmLJzQw0E/+F6JMnYuU+2
Wo8kI4sGBP6yTG4adIB32LAkQq7zbe1ou8LLB4RS7G3T9lJx7ZLnnr1y8iiPnJEk
2qkyEa4MPKvdkbl2So0kjxeksQigxgPHj+QY7esDBOPwoN5XlJlDYbD1JBB2ikav
/d4j
-----END CERTIFICATE-----
Generated at Thu Nov 14 21:30:04 2024 by rpki-client on console-fra.rpki-client.org