Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/lQ2PLOYprUo6ltqqWG6FToCXJaY.roa
File: lQ2PLOYprUo6ltqqWG6FToCXJaY.roa (raw, json)
Hash identifier: 4Cu4Edx+CpJ+bysFN2+/8Xmo2iQhqDmo/crXZMcUlUU=
Subject key identifier: 95:0D:8F:2C:E6:29:AD:4A:3A:96:DA:AA:58:6E:85:4E:80:97:25:A6
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01881E07D4967C37FBE00CA932024977703E
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/lQ2PLOYprUo6ltqqWG6FToCXJaY.roa
Signing time: Mon 15 May 2023 06:10:09 +0000
ROA not before: Mon 15 May 2023 06:10:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 88.209.244.0/24 maxlen: 24
88.209.192.0/24 maxlen: 24
88.151.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 May 2023 08:09:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1e:07:d4:96:7c:37:fb:e0:0c:a9:32:02:49:77:70:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 15 06:10:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=950d8f2ce629ad4a3a96daaa586e854e809725a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c2:08:c6:ba:b8:0d:31:6c:31:ea:0d:46:12:
03:c9:49:e3:04:fc:14:37:5c:6e:9a:06:2b:c1:f4:
b5:bf:b3:98:c5:3e:c4:97:cd:24:26:29:77:b8:ea:
ac:53:af:a4:b4:17:0f:19:5e:8f:62:8a:6b:9e:d0:
ba:75:94:09:84:96:fc:20:47:cb:54:cf:f5:9c:21:
51:7b:9e:8f:63:68:89:b4:8a:56:f9:b2:da:12:80:
61:29:54:0f:09:2f:7f:f8:a0:58:08:6e:a4:a1:0f:
ee:dc:93:76:5b:2a:bf:5e:8e:33:b5:41:52:e8:86:
9c:db:b2:ec:2b:fa:15:d6:54:d0:63:00:a4:0f:72:
aa:25:12:19:fa:17:ee:a8:82:d3:99:1a:df:51:e8:
8b:6c:b7:41:6b:04:d2:8b:09:1d:1f:d8:af:6c:d3:
78:34:ca:44:8f:2e:2b:7e:7a:af:a9:01:f0:5d:52:
ab:16:bf:69:0f:ae:5e:40:5e:ab:ca:8b:ea:33:8d:
9f:65:db:93:c0:33:a6:ef:f7:b4:c9:ad:57:7c:84:
69:85:6f:2e:31:5a:cd:73:33:42:2b:7a:10:68:f7:
95:78:4f:40:00:db:51:f5:d8:a8:e6:f9:0c:48:8d:
12:d5:35:b8:33:17:eb:5d:6b:09:66:c6:22:15:11:
54:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0D:8F:2C:E6:29:AD:4A:3A:96:DA:AA:58:6E:85:4E:80:97:25:A6
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/lQ2PLOYprUo6ltqqWG6FToCXJaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.59.0/24
88.209.192.0/24
88.209.244.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:86:d7:bd:42:a0:28:fb:b0:10:24:9c:03:58:0e:0f:f7:93:
b6:62:00:8f:9c:59:41:d8:1a:1d:89:e2:f2:e5:a1:01:ec:67:
96:db:b5:41:8b:ca:21:3e:2b:42:04:c9:db:da:58:bf:46:b5:
bc:60:a1:58:1b:f8:7f:20:1f:79:7a:4e:fe:68:bb:0c:9e:bd:
5a:bc:83:9b:4f:b8:96:a4:79:8f:5d:6c:10:b9:f0:3e:e2:cb:
14:7c:13:52:d1:71:d1:15:a5:7e:23:dd:6c:45:17:e1:d4:d5:
57:eb:a8:b3:42:1c:e8:13:2d:a9:a4:3f:16:29:95:99:ee:18:
2d:33:44:07:a2:dc:ec:ed:37:ce:be:54:7a:38:b9:81:8d:49:
2f:22:58:26:1a:fb:10:cc:9b:c0:c4:d9:03:64:c5:9d:ab:0d:
ba:89:d8:f8:77:19:1c:d1:0e:97:db:5f:cb:4d:b1:17:0b:38:
40:70:e4:e7:5d:cd:eb:f5:d9:84:7a:2f:63:94:78:a4:f7:1d:
4b:be:10:10:b0:31:55:3e:07:67:26:5b:e8:3c:83:53:52:df:
ea:46:d4:d5:18:1b:48:32:3a:11:67:8a:ed:03:aa:7b:f2:a6:
9a:f5:b9:d6:bf:61:21:bb:1e:0a:70:fa:b7:52:43:27:9b:27:
44:ee:d6:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgeB9SWfDf74AypMgJJd3A+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTE1MDYxMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBkOGYyY2U2MjlhZDRhM2E5NmRhYWE1ODZlODU0ZTgwOTcyNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMIIxrq4DTFsMeoNRhIDyUnjBPwU
N1xumgYrwfS1v7OYxT7El80kJil3uOqsU6+ktBcPGV6PYoprntC6dZQJhJb8IEfL
VM/1nCFRe56PY2iJtIpW+bLaEoBhKVQPCS9/+KBYCG6koQ/u3JN2Wyq/Xo4ztUFS
6Iac27LsK/oV1lTQYwCkD3KqJRIZ+hfuqILTmRrfUeiLbLdBawTSiwkdH9ivbNN4
NMpEjy4rfnqvqQHwXVKrFr9pD65eQF6ryovqM42fZduTwDOm7/e0ya1XfIRphW8u
MVrNczNCK3oQaPeVeE9AANtR9dio5vkMSI0S1TW4MxfrXWsJZsYiFRFUtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJUNjyzmKa1KOpbaqlhuhU6AlyWmMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbFEyUExPWXByVW82bHRxcVdHNkZUb0NYSmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWJc7AwQA
WNHAAwQAWNH0MA0GCSqGSIb3DQEBCwUAA4IBAQCNhte9QqAo+7AQJJwDWA4P95O2
YgCPnFlB2BodieLy5aEB7GeW27VBi8ohPitCBMnb2li/RrW8YKFYG/h/IB95ek7+
aLsMnr1avIObT7iWpHmPXWwQufA+4ssUfBNS0XHRFaV+I91sRRfh1NVX66izQhzo
Ey2ppD8WKZWZ7hgtM0QHotzs7TfOvlR6OLmBjUkvIlgmGvsQzJvAxNkDZMWdqw26
idj4dxkc0Q6X21/LTbEXCzhAcOTnXc3r9dmEei9jlHik9x1LvhAQsDFVPgdnJlvo
PINTUt/qRtTVGBtIMjoRZ4rtA6p78qaa9bnWv2Ehux4KcPq3UkMnmydE7tZp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org