Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/mNQN78lDQLeyaUzN7ayN204slWs.roa
File: mNQN78lDQLeyaUzN7ayN204slWs.roa (raw, json)
Hash identifier: /clk+Hp8ZIa+IHkQPJ/xmb0hx8UwKMVnoSpWG4FBjq0=
Subject key identifier: 98:D4:0D:EF:C9:43:40:B7:B2:69:4C:CD:ED:AC:8D:DB:4E:2C:95:6B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018682A7C1345F150CE3CD9E02B257EF3076
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/mNQN78lDQLeyaUzN7ayN204slWs.roa
Signing time: Fri 24 Feb 2023 09:01:17 +0000
ROA not before: Fri 24 Feb 2023 09:01:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 88.209.245.0/24 maxlen: 24
88.209.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Mar 2023 07:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:a7:c1:34:5f:15:0c:e3:cd:9e:02:b2:57:ef:30:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 24 09:01:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98d40defc94340b7b2694ccdedac8ddb4e2c956b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9a:34:6a:aa:a7:e4:4a:3b:fc:0f:49:46:24:
0c:e5:38:84:7e:23:27:1e:dc:69:d9:60:73:85:fb:
01:49:61:c6:9b:b2:71:b9:3e:68:8f:47:0b:73:93:
65:d6:56:52:d1:a1:00:17:40:5a:a8:fc:09:1e:40:
5e:1a:7d:42:62:ba:8e:40:77:8f:5e:e3:9d:ab:0d:
28:50:a3:3a:3c:a9:f9:66:90:4b:25:88:1d:ad:4a:
1a:c7:09:8c:8c:97:af:eb:2c:87:b6:e1:59:3a:76:
94:1e:a8:77:60:ad:a6:6e:e3:1a:7f:24:28:18:38:
18:53:d8:0e:e0:24:0c:ea:6b:f7:0f:4a:24:66:7f:
1f:ea:f0:af:ee:41:b9:b7:b3:e3:20:82:69:60:36:
3e:05:0d:aa:32:5a:69:f5:69:df:bf:b9:55:6e:31:
5d:dc:d5:8a:2b:f3:ae:7d:b5:8a:0e:64:77:a3:7f:
b8:34:ea:cb:de:08:ae:89:76:80:78:7f:73:b2:9a:
92:90:4b:71:7f:c7:a3:17:34:e7:01:25:9a:d9:8f:
a6:37:0f:a7:71:a9:fe:a9:4e:a3:5b:bf:fd:6d:e3:
c1:f4:16:ce:f5:3e:58:0a:8b:cb:14:b9:80:52:33:
21:21:c4:07:f5:c0:93:cb:79:67:83:55:1f:ca:d4:
69:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D4:0D:EF:C9:43:40:B7:B2:69:4C:CD:ED:AC:8D:DB:4E:2C:95:6B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/mNQN78lDQLeyaUzN7ayN204slWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.244.0/23
Signature Algorithm: sha256WithRSAEncryption
44:40:0a:af:e3:a9:e2:b5:ce:b3:03:8c:ad:6c:78:fc:9e:b0:
b9:fa:e3:4d:d3:b2:ee:b9:30:de:cc:a9:f8:f3:2a:a8:c9:56:
41:c6:4d:84:ee:92:1d:3a:da:a5:50:5d:10:40:ed:21:ef:31:
82:f7:fb:c9:35:61:8e:40:fc:1e:d9:c2:c9:9e:75:2c:d1:a1:
ff:2f:d6:e9:35:7e:b5:87:f8:71:15:0b:46:a1:ea:e1:2b:d6:
d8:47:59:98:e3:e5:33:a7:75:8c:46:86:52:45:03:28:15:cc:
18:79:1d:be:c5:d9:0f:57:f2:d4:2c:b0:41:7c:a1:83:0e:60:
6f:39:27:88:f8:5d:bb:39:3e:8d:bd:cf:df:53:44:dd:39:59:
7e:50:25:63:46:a0:ba:e0:d0:38:26:6e:43:d6:e9:c1:03:67:
9e:94:67:0e:1d:b6:ff:8d:7a:cb:af:12:f8:77:b9:a0:81:ee:
0f:45:4c:d3:16:2f:21:c7:11:d1:2c:e5:0c:61:52:73:95:89:
56:53:15:70:8a:77:58:d1:8d:ea:0d:e0:04:29:e6:11:dc:c0:
fc:7c:15:9e:dc:5c:47:94:e6:96:cf:2b:72:bf:ba:b8:39:57:
f0:d6:14:a0:12:c0:f5:cf:b8:fe:33:fb:34:7d:f6:8a:15:96:
88:e3:71:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaCp8E0XxUM482eArJX7zB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjI0MDkwMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQ0MGRlZmM5NDM0MGI3YjI2OTRjY2RlZGFjOGRkYjRlMmM5NTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZo0aqqn5Eo7/A9JRiQM5TiEfiMn
Htxp2WBzhfsBSWHGm7JxuT5oj0cLc5Nl1lZS0aEAF0BaqPwJHkBeGn1CYrqOQHeP
XuOdqw0oUKM6PKn5ZpBLJYgdrUoaxwmMjJev6yyHtuFZOnaUHqh3YK2mbuMafyQo
GDgYU9gO4CQM6mv3D0okZn8f6vCv7kG5t7PjIIJpYDY+BQ2qMlpp9Wnfv7lVbjFd
3NWKK/OufbWKDmR3o3+4NOrL3giuiXaAeH9zspqSkEtxf8ejFzTnASWa2Y+mNw+n
can+qU6jW7/9bePB9BbO9T5YCovLFLmAUjMhIcQH9cCTy3lng1UfytRpbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjUDe/JQ0C3smlMze2sjdtOLJVrMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbU5RTjc4bERRTGV5YVV6TjdheU4yMDRzbFdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNH0MA0G
CSqGSIb3DQEBCwUAA4IBAQBEQAqv46nitc6zA4ytbHj8nrC5+uNN07LuuTDezKn4
8yqoyVZBxk2E7pIdOtqlUF0QQO0h7zGC9/vJNWGOQPwe2cLJnnUs0aH/L9bpNX61
h/hxFQtGoerhK9bYR1mY4+Uzp3WMRoZSRQMoFcwYeR2+xdkPV/LULLBBfKGDDmBv
OSeI+F27OT6Nvc/fU0TdOVl+UCVjRqC64NA4Jm5D1unBA2eelGcOHbb/jXrLrxL4
d7mgge4PRUzTFi8hxxHRLOUMYVJzlYlWUxVwindY0Y3qDeAEKeYR3MD8fBWe3FxH
lOaWzytyv7q4OVfw1hSgEsD1z7j+M/s0ffaKFZaI43Gi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org