Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kVNlXut02KNLdkbixovgXgatixk.roa
File: kVNlXut02KNLdkbixovgXgatixk.roa (raw, json)
Hash identifier: g5QbY6DBhVVkqEs9mwZYHVf6OaWG1YKD8ZT2BrE4rmU=
Subject key identifier: 91:53:65:5E:EB:74:D8:A3:4B:76:46:E2:C6:8B:E0:5E:06:AD:8B:19
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0187F008CEF6F249340B3142524DE94FC830
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kVNlXut02KNLdkbixovgXgatixk.roa
Signing time: Sat 06 May 2023 07:48:41 +0000
ROA not before: Sat 06 May 2023 07:48:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 88.209.244.0/24 maxlen: 24
88.209.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 May 2023 06:10:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f0:08:ce:f6:f2:49:34:0b:31:42:52:4d:e9:4f:c8:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 6 07:48:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9153655eeb74d8a34b7646e2c68be05e06ad8b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9d:c4:4c:95:2c:42:95:dc:19:50:24:75:13:
ae:86:b1:44:1d:bf:27:15:d4:60:de:b1:f8:4d:36:
db:74:47:e9:cb:3e:a1:2a:aa:c6:6e:ed:fa:16:a7:
2c:22:63:f0:ba:94:4f:b6:c9:e3:50:24:00:2c:7d:
44:b2:0a:60:cf:71:1a:63:f5:62:3b:c6:f4:e2:19:
64:3e:62:6e:97:da:18:cb:05:3a:a0:fc:14:12:5b:
fa:a7:88:25:79:81:e0:52:10:87:ae:83:57:22:9b:
3d:8a:5b:ef:c8:f8:c5:ea:9d:0f:6a:7c:0f:42:5a:
b2:7c:aa:49:55:30:45:be:43:66:d6:c9:fe:39:9a:
51:3e:20:30:bd:d7:41:7d:f8:a8:dd:3b:ac:85:e4:
06:fd:42:08:12:34:0c:04:c7:a6:5c:ff:81:0f:c5:
e0:80:ba:80:7a:6a:2b:2b:32:1f:3e:72:2e:63:95:
69:34:a1:c9:22:10:5d:2b:01:ad:b8:ed:7f:65:8f:
ca:00:10:0a:84:ab:69:7b:1f:ca:5e:6e:48:50:12:
a4:37:73:09:5d:76:ea:12:31:38:33:75:2f:43:7a:
48:dd:ce:4c:23:47:5b:d6:8f:48:8f:38:54:4e:83:
8b:8e:4e:1e:69:3e:ec:a8:98:c3:e6:c0:a5:80:3e:
8d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:53:65:5E:EB:74:D8:A3:4B:76:46:E2:C6:8B:E0:5E:06:AD:8B:19
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kVNlXut02KNLdkbixovgXgatixk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.192.0/24
88.209.244.0/24
Signature Algorithm: sha256WithRSAEncryption
41:dc:32:96:21:09:00:17:3c:84:9b:6d:9f:f3:9d:77:e3:9e:
a7:5f:78:e7:1a:98:cf:9b:59:61:c9:f8:15:86:45:67:42:8e:
b0:83:36:40:05:83:e4:b0:f4:94:18:6d:1f:26:4b:e4:7d:aa:
74:58:1b:1a:ae:b6:39:83:82:03:d5:f5:01:1d:39:10:aa:8f:
37:50:57:1d:80:d1:54:4e:4f:26:a7:82:d6:2e:49:e9:44:f5:
5d:85:6d:79:a2:3d:88:22:9d:ac:2a:61:53:91:f9:f1:78:be:
fc:bf:b4:35:01:0e:bb:92:4d:a8:1d:fd:29:33:57:9f:47:c7:
f6:8e:a3:74:91:f7:63:bf:07:e0:64:68:1a:d6:5c:a6:9c:0c:
d5:b0:69:68:9d:a3:52:ef:25:69:2e:c4:a8:1e:8e:e6:aa:5e:
11:fc:f0:0a:87:d3:31:6f:90:d9:53:c5:fc:0c:db:74:22:42:
b7:21:7e:a0:51:ab:70:f9:83:64:17:9f:84:73:98:d3:1d:19:
33:40:5e:6d:bf:d0:31:ec:9b:e0:65:5b:fd:c3:77:47:9b:77:
02:13:67:bd:f0:63:1f:13:1c:27:2d:97:7d:65:24:b3:ee:18:
b7:e1:c4:52:73:94:17:f3:d7:05:ba:ad:c0:c7:ab:e5:6d:04:
8c:5d:47:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfwCM728kk0CzFCUk3pT8gwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTA2MDc0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTUzNjU1ZWViNzRkOGEzNGI3NjQ2ZTJjNjhiZTA1ZTA2YWQ4YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJ3ETJUsQpXcGVAkdROuhrFEHb8n
FdRg3rH4TTbbdEfpyz6hKqrGbu36FqcsImPwupRPtsnjUCQALH1Esgpgz3EaY/Vi
O8b04hlkPmJul9oYywU6oPwUElv6p4gleYHgUhCHroNXIps9ilvvyPjF6p0PanwP
QlqyfKpJVTBFvkNm1sn+OZpRPiAwvddBffio3TusheQG/UIIEjQMBMemXP+BD8Xg
gLqAemorKzIfPnIuY5VpNKHJIhBdKwGtuO1/ZY/KABAKhKtpex/KXm5IUBKkN3MJ
XXbqEjE4M3UvQ3pI3c5MI0db1o9IjzhUToOLjk4eaT7sqJjD5sClgD6NpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJFTZV7rdNijS3ZG4saL4F4GrYsZMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEva1ZObFh1dDAyS05MZGtiaXhvdmdYZ2F0aXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNHAAwQA
WNH0MA0GCSqGSIb3DQEBCwUAA4IBAQBB3DKWIQkAFzyEm22f8513456nX3jnGpjP
m1lhyfgVhkVnQo6wgzZABYPksPSUGG0fJkvkfap0WBsarrY5g4ID1fUBHTkQqo83
UFcdgNFUTk8mp4LWLknpRPVdhW15oj2IIp2sKmFTkfnxeL78v7Q1AQ67kk2oHf0p
M1efR8f2jqN0kfdjvwfgZGga1lymnAzVsGlonaNS7yVpLsSoHo7mql4R/PAKh9Mx
b5DZU8X8DNt0IkK3IX6gUatw+YNkF5+Ec5jTHRkzQF5tv9Ax7JvgZVv9w3dHm3cC
E2e98GMfExwnLZd9ZSSz7hi34cRSc5QX89cFuq3Ax6vlbQSMXUfE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org