Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/q-NUYyZEoRL1cEk89Hl24WPYK0s.roa
File: q-NUYyZEoRL1cEk89Hl24WPYK0s.roa (raw, json)
Hash identifier: xTPOJ3+GmDOdYsFPsOkDCZPHiHeKmEBo4Xyz5ALPzmk=
Subject key identifier: AB:E3:54:63:26:44:A1:12:F5:70:49:3C:F4:79:76:E1:63:D8:2B:4B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0191A708E137B6BEDF668088B2B1D0861A83
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/q-NUYyZEoRL1cEk89Hl24WPYK0s.roa
Signing time: Sat 31 Aug 2024 06:04:22 +0000
ROA not before: Sat 31 Aug 2024 06:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.195.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
88.209.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 06:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a7:08:e1:37:b6:be:df:66:80:88:b2:b1:d0:86:1a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 31 06:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abe354632644a112f570493cf47976e163d82b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a0:c3:2b:ea:0e:97:81:3b:34:34:c9:04:63:
73:75:df:83:3b:6b:12:81:ea:81:db:bd:50:77:03:
9a:23:90:3b:b5:1b:f8:2d:5d:10:50:f9:2a:31:1f:
32:ca:0f:8d:58:e3:b1:4a:1f:8a:80:cb:6f:dc:06:
85:d2:e8:08:56:a8:24:9c:4f:cc:72:9f:ec:b4:e0:
63:ce:ae:03:f9:45:f3:1f:56:d0:6f:2f:13:e4:3e:
9b:91:a9:aa:ee:22:1e:df:27:d0:34:d8:4e:69:eb:
cf:f2:7a:b0:34:6e:71:42:32:0c:ee:fd:b4:eb:d6:
34:da:68:01:d1:95:16:93:77:c4:49:ac:5f:58:fa:
6e:62:96:75:06:93:27:c3:51:52:50:60:5e:c7:7e:
c2:87:4c:16:93:29:66:6a:8a:7b:7e:4a:79:69:65:
3f:6c:cb:3a:fd:eb:0d:3b:96:e4:35:60:3d:88:d3:
a8:e0:bf:d6:bf:7d:6d:77:3a:76:70:f3:18:7f:f8:
a2:a8:10:03:10:1a:6f:96:18:4c:75:8b:5c:6f:fe:
bf:93:06:dd:a9:e8:4a:d4:df:d7:79:51:f3:0f:6f:
1f:12:53:c7:57:4f:d6:72:45:57:3b:d5:fa:da:1c:
68:df:e0:c6:ce:33:70:94:73:bb:69:30:ae:79:5c:
e4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E3:54:63:26:44:A1:12:F5:70:49:3C:F4:79:76:E1:63:D8:2B:4B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/q-NUYyZEoRL1cEk89Hl24WPYK0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.195.0/24
88.209.211.0/24
88.209.232.0/22
88.209.244.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:f7:0b:5b:00:fb:50:f1:f1:cb:bb:e0:49:eb:5c:2b:ec:b0:
20:95:72:44:44:63:30:f4:9f:1d:27:d9:ac:cf:05:af:fe:b2:
fa:11:b6:54:5e:18:21:22:19:be:f7:66:96:00:ea:b3:73:a7:
bf:c4:a5:17:04:61:da:04:76:fc:9c:02:8b:11:a6:0d:2a:4a:
5e:86:d3:c6:62:8d:f0:93:a6:8a:13:0f:7b:12:9a:13:e7:e0:
7a:df:ef:70:54:e1:49:fe:c0:b1:2a:a5:ef:91:3c:76:c5:f4:
bb:40:25:5d:a8:13:1c:6a:9a:32:b5:71:fb:3f:33:78:8f:8e:
af:f6:3d:19:a4:54:73:6e:94:ef:bc:b0:a7:51:90:7c:3a:f8:
f7:9e:4a:0d:e3:17:6f:79:87:7d:af:db:4f:ea:c8:55:a2:91:
13:29:d7:29:8d:c9:d9:0e:ae:8c:af:11:2c:08:5c:86:88:25:
f9:4a:1a:e0:88:14:68:00:cb:27:54:62:e4:5b:4e:ca:73:1f:
06:fe:de:1d:e9:0d:b7:57:d3:d5:64:4d:09:3e:77:6b:20:24:
18:d9:3b:55:74:a2:09:62:01:cf:c5:83:e5:84:cc:74:fa:f1:
1c:61:a9:a9:68:98:c5:5c:99:d0:22:7c:08:d8:d6:a4:12:de:
f1:7f:7f:72
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZGnCOE3tr7fZoCIsrHQhhqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwODMxMDYwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmUzNTQ2MzI2NDRhMTEyZjU3MDQ5M2NmNDc5NzZlMTYzZDgyYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaDDK+oOl4E7NDTJBGNzdd+DO2sS
geqB271QdwOaI5A7tRv4LV0QUPkqMR8yyg+NWOOxSh+KgMtv3AaF0ugIVqgknE/M
cp/stOBjzq4D+UXzH1bQby8T5D6bkamq7iIe3yfQNNhOaevP8nqwNG5xQjIM7v20
69Y02mgB0ZUWk3fESaxfWPpuYpZ1BpMnw1FSUGBex37Ch0wWkylmaop7fkp5aWU/
bMs6/esNO5bkNWA9iNOo4L/Wv31tdzp2cPMYf/iiqBADEBpvlhhMdYtcb/6/kwbd
qehK1N/XeVHzD28fElPHV0/WckVXO9X62hxo3+DGzjNwlHO7aTCueVzkYQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKvjVGMmRKES9XBJPPR5duFj2CtLMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcS1OVVl5WkVvUkwxY0VrODlIbDI0V1BZSzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWJc4AwQA
WNHDAwQAWNHTAwQCWNHoAwQAWNH0MA0GCSqGSIb3DQEBCwUAA4IBAQCr9wtbAPtQ
8fHLu+BJ61wr7LAglXJERGMw9J8dJ9mszwWv/rL6EbZUXhghIhm+92aWAOqzc6e/
xKUXBGHaBHb8nAKLEaYNKkpehtPGYo3wk6aKEw97EpoT5+B63+9wVOFJ/sCxKqXv
kTx2xfS7QCVdqBMcapoytXH7PzN4j46v9j0ZpFRzbpTvvLCnUZB8Ovj3nkoN4xdv
eYd9r9tP6shVopETKdcpjcnZDq6MrxEsCFyGiCX5ShrgiBRoAMsnVGLkW07Kcx8G
/t4d6Q23V9PVZE0JPndrICQY2TtVdKIJYgHPxYPlhMx0+vEcYampaJjFXJnQInwI
2NakEt7xf39y
-----END CERTIFICATE-----
Generated at Thu Sep 5 07:58:47 2024 by rpki-client on console-fra.rpki-client.org