Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/r7rVOb5Nzcoi0mrX9fmVGk64AE8.roa
File: r7rVOb5Nzcoi0mrX9fmVGk64AE8.roa (raw, json)
Hash identifier: 9GHIYEVVrMBYTWfsakqnBwsSn4GDzWcnzJ4QR/O1OqM=
Subject key identifier: AF:BA:D5:39:BE:4D:CD:CA:22:D2:6A:D7:F5:F9:95:1A:4E:B8:00:4F
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0191FF31F1D62F76A5C13686170297709AA6
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/r7rVOb5Nzcoi0mrX9fmVGk64AE8.roa
Signing time: Tue 17 Sep 2024 08:55:48 +0000
ROA not before: Tue 17 Sep 2024 08:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.194.0/24 maxlen: 24
88.209.195.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 10:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:31:f1:d6:2f:76:a5:c1:36:86:17:02:97:70:9a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 17 08:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afbad539be4dcdca22d26ad7f5f9951a4eb8004f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9f:44:11:84:b3:03:57:39:31:d2:ef:46:fb:
33:e8:8d:bd:d5:5a:e1:7e:72:c6:b3:cd:d5:eb:df:
5f:b0:e9:3d:7b:f3:94:54:d8:ea:09:65:b6:7d:47:
29:be:63:37:13:a1:e3:e0:93:5e:ac:7d:29:61:a1:
f2:81:f0:f1:a7:9e:1b:39:7d:85:78:75:d0:5d:0b:
0f:dc:ee:fa:1c:ee:4b:ac:a2:8c:a2:3e:14:18:69:
73:92:81:0c:03:3c:6c:e5:d2:e2:cc:75:5a:ae:d8:
9a:12:c9:73:2e:df:6a:85:de:d6:14:f7:74:a9:3b:
f6:ee:78:7c:02:9e:4a:31:40:be:7d:36:1c:13:0d:
d6:5c:46:f8:7c:42:c4:44:9a:0d:f9:f3:c9:cf:bc:
a7:dc:cf:c4:ca:2a:a7:46:42:5d:ed:b2:eb:5e:c7:
dd:8b:d7:ce:68:dd:50:6f:11:2c:d0:a5:02:ee:58:
f3:61:1e:d1:d9:c2:d9:e4:4a:f4:79:70:ac:e2:b8:
56:24:b0:84:a6:f5:80:f2:af:1d:fd:46:60:04:a9:
b8:77:76:6a:3f:a4:e6:6e:74:1f:be:6e:16:b6:d2:
20:81:29:f6:b9:fb:23:36:be:4a:f0:7f:35:cc:45:
db:a6:f0:84:2f:07:1f:0d:19:04:02:2f:40:9e:19:
2d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:BA:D5:39:BE:4D:CD:CA:22:D2:6A:D7:F5:F9:95:1A:4E:B8:00:4F
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/r7rVOb5Nzcoi0mrX9fmVGk64AE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.194.0/23
88.209.211.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:45:d6:01:f4:e9:42:aa:e7:66:ac:55:be:46:f9:f5:14:d5:
f3:c6:41:d0:4b:ef:d9:e3:e8:c1:52:bf:12:d8:09:b2:33:3e:
c6:57:6d:36:cb:46:47:ba:92:2d:db:03:98:1e:df:bc:4f:36:
f0:10:68:b6:d5:c1:b2:5e:eb:62:2c:6c:9d:de:3e:03:e7:08:
95:be:02:80:8e:3f:81:c6:3b:91:fe:cb:b8:40:6b:85:d0:13:
a3:db:b7:25:43:e5:95:3a:06:48:ac:bf:0f:ce:38:fe:07:bd:
e2:c8:1c:c7:88:cd:42:9e:96:76:fc:97:ae:7a:7e:29:ac:4c:
b7:44:bd:65:84:e4:7a:af:a1:d7:26:ad:15:03:72:b4:97:60:
99:85:b8:01:de:2d:38:6b:e8:4d:86:41:e4:e8:5a:d8:e8:5a:
b2:b2:d4:a6:92:8b:0b:4a:11:da:c1:d7:70:08:f0:5b:d3:43:
4c:ad:d7:5a:08:28:80:b1:2b:41:08:88:20:8b:fb:53:43:54:
f3:71:ca:c3:9b:70:04:b3:ae:c1:64:f2:56:4d:df:29:f8:d9:
bc:08:86:3a:af:12:19:3c:5f:14:8a:70:b8:9f:c6:14:29:69:
b0:07:f8:74:e9:22:b7:c7:e9:73:b3:33:28:25:79:18:ab:3b:
7b:43:53:92
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZH/MfHWL3alwTaGFwKXcJqmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwOTE3MDg1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmJhZDUzOWJlNGRjZGNhMjJkMjZhZDdmNWY5OTUxYTRlYjgwMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ9EEYSzA1c5MdLvRvsz6I291Vrh
fnLGs83V699fsOk9e/OUVNjqCWW2fUcpvmM3E6Hj4JNerH0pYaHygfDxp54bOX2F
eHXQXQsP3O76HO5LrKKMoj4UGGlzkoEMAzxs5dLizHVartiaEslzLt9qhd7WFPd0
qTv27nh8Ap5KMUC+fTYcEw3WXEb4fELERJoN+fPJz7yn3M/EyiqnRkJd7bLrXsfd
i9fOaN1QbxEs0KUC7ljzYR7R2cLZ5Er0eXCs4rhWJLCEpvWA8q8d/UZgBKm4d3Zq
P6TmbnQfvm4WttIggSn2ufsjNr5K8H81zEXbpvCELwcfDRkEAi9AnhktgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK+61Tm+Tc3KItJq1/X5lRpOuABPMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcjdyVk9iNU56Y29pMG1yWDlmbVZHazY0QUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWJc4AwQB
WNHCAwQAWNHTAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQB6RdYB9OlCqudmrFW+
Rvn1FNXzxkHQS+/Z4+jBUr8S2AmyMz7GV202y0ZHupIt2wOYHt+8TzbwEGi21cGy
XutiLGyd3j4D5wiVvgKAjj+BxjuR/su4QGuF0BOj27clQ+WVOgZIrL8Pzjj+B73i
yBzHiM1CnpZ2/Jeuen4prEy3RL1lhOR6r6HXJq0VA3K0l2CZhbgB3i04a+hNhkHk
6FrY6FqystSmkosLShHawddwCPBb00NMrddaCCiAsStBCIggi/tTQ1TzccrDm3AE
s67BZPJWTd8p+Nm8CIY6rxIZPF8UinC4n8YUKWmwB/h06SK3x+lzszMoJXkYqzt7
Q1OS
-----END CERTIFICATE-----
Generated at Wed Sep 18 14:49:16 2024 by rpki-client on console-ams.rpki-client.org