Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kiWftOQm8emdydmq3fXwwZTp3b4.roa
File: kiWftOQm8emdydmq3fXwwZTp3b4.roa (raw, json)
Hash identifier: pTbO88bYSdp44+jUCrn+Sz1JzU/0XXSA9GRcqShppiM=
Subject key identifier: 92:25:9F:B4:E4:26:F1:E9:9D:C9:D9:AA:DD:F5:F0:C1:94:E9:DD:BE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0187126F25D203B0464A15358B4A3DC24CE5
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kiWftOQm8emdydmq3fXwwZTp3b4.roa
Signing time: Fri 24 Mar 2023 07:04:46 +0000
ROA not before: Fri 24 Mar 2023 07:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 88.209.194.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 May 2023 14:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:12:6f:25:d2:03:b0:46:4a:15:35:8b:4a:3d:c2:4c:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 24 07:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92259fb4e426f1e99dc9d9aaddf5f0c194e9ddbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f2:de:a3:a1:e7:79:03:ca:50:9a:92:7d:40:
e6:2c:2a:60:16:53:fc:ac:00:9c:ac:e5:cc:f8:fb:
84:af:f1:d7:40:d9:2f:91:a2:02:6d:d7:20:bd:44:
42:50:2d:23:99:3e:34:49:8d:19:d0:ed:56:bd:9b:
9f:9b:27:82:8e:8f:71:1d:e1:4e:60:56:06:f8:b4:
87:43:05:7c:28:96:ab:5b:ac:81:96:b0:88:b1:ff:
d9:be:02:74:7d:b4:d3:91:80:d4:42:fd:a3:84:d7:
56:2d:99:3b:9a:02:17:9a:d9:4f:20:56:fc:97:6f:
0d:21:09:d1:89:3f:e0:d2:35:89:32:55:f0:b4:8c:
86:d5:4e:ff:2c:16:13:8e:63:f1:b5:cb:41:89:55:
6c:70:cb:5a:20:fc:d6:87:0d:68:cc:20:d6:c3:4a:
3f:d5:54:c5:89:f3:37:dd:88:60:f5:d4:aa:3f:36:
d7:11:e4:c2:8a:42:58:46:44:5a:4e:9e:f8:b0:ce:
1e:57:fc:8a:88:c8:d4:29:d8:d4:ad:ad:53:e2:42:
b2:a0:6b:b5:05:e9:c6:2b:ea:a1:92:1e:b6:55:89:
db:b1:09:42:4c:63:70:3b:9d:9c:d1:6e:18:53:cd:
51:c0:d0:78:82:46:f1:22:70:35:de:83:5b:60:81:
66:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:25:9F:B4:E4:26:F1:E9:9D:C9:D9:AA:DD:F5:F0:C1:94:E9:DD:BE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kiWftOQm8emdydmq3fXwwZTp3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.194.0/24
88.209.224.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:f8:c2:96:4c:84:e9:5e:57:50:df:29:43:85:c8:77:08:8f:
0c:e3:1c:2e:a8:a2:ff:b4:28:49:07:65:6c:2f:93:a4:3e:fd:
82:80:d0:99:e9:66:1c:bc:62:c2:c0:f4:d9:96:00:b1:e0:59:
57:6c:21:94:70:16:58:ab:d0:e9:f0:1e:b0:85:e1:f2:94:25:
14:7c:77:af:5b:00:68:5f:e5:b6:30:83:c4:87:03:ac:c5:33:
99:ff:57:0a:a6:20:5e:a7:98:ef:55:8f:d1:a5:ea:d5:87:3d:
fc:12:dc:60:3f:ec:9a:53:0b:c8:b2:f3:a4:5f:5c:ae:45:46:
23:90:8e:42:36:be:0f:18:7f:11:ea:d4:c3:c0:bf:0b:32:b5:
39:b6:a3:58:fd:41:d1:86:7b:02:a2:9e:87:0f:ed:21:92:7d:
59:1d:41:97:e4:8e:2b:11:ce:77:e0:86:1e:87:06:39:82:52:
1c:f3:5d:b1:d6:43:8c:fc:5e:4f:e3:4e:91:86:58:8b:e5:f3:
b7:5c:23:cd:d6:fb:53:ca:33:ee:25:33:ef:b4:f3:45:d4:ee:
c7:94:87:68:31:b4:94:37:7a:99:b1:c0:6a:cc:db:15:9f:e6:
82:eb:36:9b:76:3e:b5:ef:50:f0:2c:b8:f2:a6:60:2c:65:37:
f6:33:c2:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcSbyXSA7BGShU1i0o9wkzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMzI0MDcwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjI1OWZiNGU0MjZmMWU5OWRjOWQ5YWFkZGY1ZjBjMTk0ZTlkZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/Leo6HneQPKUJqSfUDmLCpgFlP8
rACcrOXM+PuEr/HXQNkvkaICbdcgvURCUC0jmT40SY0Z0O1WvZufmyeCjo9xHeFO
YFYG+LSHQwV8KJarW6yBlrCIsf/ZvgJ0fbTTkYDUQv2jhNdWLZk7mgIXmtlPIFb8
l28NIQnRiT/g0jWJMlXwtIyG1U7/LBYTjmPxtctBiVVscMtaIPzWhw1ozCDWw0o/
1VTFifM33Yhg9dSqPzbXEeTCikJYRkRaTp74sM4eV/yKiMjUKdjUra1T4kKyoGu1
BenGK+qhkh62VYnbsQlCTGNwO52c0W4YU81RwNB4gkbxInA13oNbYIFmwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJIln7TkJvHpncnZqt318MGU6d2+MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEva2lXZnRPUW04ZW1keWRtcTNmWHd3WlRwM2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNHCAwQA
WNHgMA0GCSqGSIb3DQEBCwUAA4IBAQBf+MKWTITpXldQ3ylDhch3CI8M4xwuqKL/
tChJB2VsL5OkPv2CgNCZ6WYcvGLCwPTZlgCx4FlXbCGUcBZYq9Dp8B6wheHylCUU
fHevWwBoX+W2MIPEhwOsxTOZ/1cKpiBep5jvVY/RperVhz38EtxgP+yaUwvIsvOk
X1yuRUYjkI5CNr4PGH8R6tTDwL8LMrU5tqNY/UHRhnsCop6HD+0hkn1ZHUGX5I4r
Ec534IYehwY5glIc812x1kOM/F5P406RhliL5fO3XCPN1vtTyjPuJTPvtPNF1O7H
lIdoMbSUN3qZscBqzNsVn+aC6zabdj6171DwLLjypmAsZTf2M8LT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org