Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/l9JhZEOMZWojxR75zKtNHAui4X0.roa
File: l9JhZEOMZWojxR75zKtNHAui4X0.roa (raw, json)
Hash identifier: Jat9P5ygp1yDsQeeDE2Fs4fG9bUDmp8JR/TWEv39FiY=
Subject key identifier: 97:D2:61:64:43:8C:65:6A:23:C5:1E:F9:CC:AB:4D:1C:0B:A2:E1:7D
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018E1D19E9993CE9C7E7BB5282CF030C1E47
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/l9JhZEOMZWojxR75zKtNHAui4X0.roa
Signing time: Fri 08 Mar 2024 08:07:01 +0000
ROA not before: Fri 08 Mar 2024 08:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.182.114.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 13:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1d:19:e9:99:3c:e9:c7:e7:bb:52:82:cf:03:0c:1e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 8 08:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97d26164438c656a23c51ef9ccab4d1c0ba2e17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:10:53:c5:30:4a:dd:54:0b:1d:cd:0a:24:14:
bf:0b:ce:04:ec:ec:f6:96:e6:4c:f4:5c:e8:17:a6:
54:0d:52:ad:fa:67:93:72:c1:60:32:b9:85:7f:f3:
39:62:8d:fc:8c:76:10:15:62:e8:7d:1a:3b:91:21:
24:80:1c:7b:ac:a7:31:5a:71:d9:48:ca:f7:c5:a0:
33:84:fc:49:da:3d:43:45:1f:25:e4:09:67:84:e4:
0b:20:ed:22:b9:45:e5:49:bb:b6:ec:06:1d:03:9c:
b2:da:3e:27:44:28:c4:22:15:ab:84:2c:c6:b6:c8:
20:45:0a:d8:52:67:22:e9:10:d0:74:4a:ba:12:8f:
aa:21:33:59:d3:d3:50:ce:e7:46:83:bc:9b:9e:a7:
e8:68:bb:3c:40:13:34:1b:23:62:fd:f2:33:6d:ca:
03:95:10:5c:ea:7f:40:36:9c:41:cf:47:96:13:f7:
27:50:e7:1b:24:02:89:9b:80:cd:84:fc:3c:f9:5f:
0a:a6:2f:9c:cc:a6:20:6e:e2:14:f1:20:10:53:af:
a7:5a:18:7d:cd:ce:44:42:44:a6:86:a6:4c:65:6b:
fd:4e:70:ae:67:08:ea:a8:41:b6:8f:0b:d6:ee:f5:
f4:69:d8:c4:52:be:74:5d:b3:a6:bf:04:67:33:b4:
da:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D2:61:64:43:8C:65:6A:23:C5:1E:F9:CC:AB:4D:1C:0B:A2:E1:7D
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/l9JhZEOMZWojxR75zKtNHAui4X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.114.0/24
88.151.56.0/23
88.209.211.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:fd:eb:d2:3d:2a:0f:57:c2:8d:a4:cd:c1:7a:73:a8:30:db:
a0:54:67:a1:95:4e:e3:7d:1b:19:d3:de:03:8c:f2:f7:d4:5f:
70:b8:06:69:f6:cb:63:cd:3b:25:d9:ac:f7:13:9d:8f:2e:fc:
45:47:22:34:a7:c8:74:e9:31:83:a1:3c:a6:62:4e:58:75:0e:
f0:c9:35:b6:07:99:5a:cf:c9:62:3a:03:90:64:2a:ba:f7:11:
25:cf:29:01:88:0d:19:02:66:6e:11:28:8b:0e:bc:7d:a2:da:
c9:3a:be:e4:1f:98:33:f8:58:a7:2f:0f:39:1b:ce:7a:d4:e4:
17:7e:f0:fc:51:e8:9a:5d:42:74:39:12:59:81:20:48:66:ba:
45:95:ab:94:36:82:d8:8a:7b:c5:c2:01:69:a3:6a:a8:e1:57:
58:d2:cf:f7:7f:14:c5:9c:6f:07:94:a1:3c:75:b9:b1:17:80:
86:d9:5f:3d:7f:29:e0:e6:2c:9c:e7:94:91:f1:62:0f:28:b2:
9f:8e:02:d4:59:a2:a8:f7:56:c4:77:37:1a:95:44:5d:76:a9:
ea:a2:f6:ea:b8:98:01:5a:8b:86:55:e4:1a:40:b3:23:09:8e:
93:8f:19:f8:22:6b:4e:29:bf:81:5f:36:14:8d:79:7c:18:5c:
2e:a2:16:3d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4dGemZPOnH57tSgs8DDB5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzA4MDgwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2QyNjE2NDQzOGM2NTZhMjNjNTFlZjljY2FiNGQxYzBiYTJlMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxBTxTBK3VQLHc0KJBS/C84E7Oz2
luZM9FzoF6ZUDVKt+meTcsFgMrmFf/M5Yo38jHYQFWLofRo7kSEkgBx7rKcxWnHZ
SMr3xaAzhPxJ2j1DRR8l5AlnhOQLIO0iuUXlSbu27AYdA5yy2j4nRCjEIhWrhCzG
tsggRQrYUmci6RDQdEq6Eo+qITNZ09NQzudGg7ybnqfoaLs8QBM0GyNi/fIzbcoD
lRBc6n9ANpxBz0eWE/cnUOcbJAKJm4DNhPw8+V8Kpi+czKYgbuIU8SAQU6+nWhh9
zc5EQkSmhqZMZWv9TnCuZwjqqEG2jwvW7vX0adjEUr50XbOmvwRnM7TajQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJfSYWRDjGVqI8Ue+cyrTRwLouF9MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbDlKaFpFT01aV29qeFI3NXpLdE5IQXVpNFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbZyAwQB
WJc4AwQAWNHTAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQC3/evSPSoPV8KNpM3B
enOoMNugVGehlU7jfRsZ094DjPL31F9wuAZp9stjzTsl2az3E52PLvxFRyI0p8h0
6TGDoTymYk5YdQ7wyTW2B5laz8liOgOQZCq69xElzykBiA0ZAmZuESiLDrx9otrJ
Or7kH5gz+FinLw85G8561OQXfvD8UeiaXUJ0ORJZgSBIZrpFlauUNoLYinvFwgFp
o2qo4VdY0s/3fxTFnG8HlKE8dbmxF4CG2V89fyng5iyc55SR8WIPKLKfjgLUWaKo
91bEdzcalURddqnqovbquJgBWouGVeQaQLMjCY6Tjxn4ImtOKb+BXzYUjXl8GFwu
ohY9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org