Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/sQfzJXR8vSDy5wa9ClYDeEvS0_4.roa
File: sQfzJXR8vSDy5wa9ClYDeEvS0_4.roa (raw, json)
Hash identifier: Fe7x0Ws7nWRtrakV9/uiBTd6j89KTFyeMNSx5lq7QXo=
Subject key identifier: B1:07:F3:25:74:7C:BD:20:F2:E7:06:BD:0A:56:03:78:4B:D2:D3:FE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CC47AE8FCBE1D838B90421FE3D808CC03
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/sQfzJXR8vSDy5wa9ClYDeEvS0_4.roa
Signing time: Mon 01 Jan 2024 10:03:58 +0000
ROA not before: Mon 01 Jan 2024 10:03:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 88.209.244.0/24 maxlen: 24
88.209.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 18:32:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:7a:e8:fc:be:1d:83:8b:90:42:1f:e3:d8:08:cc:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 10:03:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b107f325747cbd20f2e706bd0a5603784bd2d3fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:87:02:0f:f3:ff:b3:c6:48:b3:bd:08:dd:86:
8d:c7:0f:56:96:1d:7f:db:d7:97:86:01:17:09:3b:
0d:79:d4:18:3a:98:59:96:ef:72:7d:a6:49:21:04:
24:65:db:c1:f6:cf:d4:ee:48:0a:2e:dd:23:84:85:
ff:e2:47:28:f3:3e:7a:2d:dd:9b:89:5e:66:0d:e3:
22:b1:c1:df:c3:24:b9:7f:5b:10:16:98:8c:87:e2:
69:44:73:d1:e6:ae:2a:bb:b8:36:dd:4e:b6:95:fe:
e3:3d:bc:b3:56:0c:3c:d1:c5:fe:24:6e:54:3a:aa:
e3:e7:11:ce:06:f0:b3:90:fd:25:96:18:ae:9b:44:
17:a7:d6:df:2f:3a:8a:ff:e3:41:23:53:87:f2:58:
aa:08:3d:b8:4e:67:cf:36:cc:59:49:49:8a:54:12:
af:f0:b9:ad:5f:1c:c3:e9:97:24:8d:5f:c6:6b:fc:
35:2b:96:23:bf:42:71:db:be:65:f4:86:5c:1b:a9:
cd:83:44:2b:1a:8f:99:07:f9:f0:28:d5:5a:d7:ea:
8a:24:15:de:b9:78:4b:f2:9d:ed:1b:89:ee:d2:ae:
9d:63:06:45:72:c6:25:96:09:36:e8:32:66:82:02:
d8:e7:f3:b4:d6:aa:4f:6f:0b:3b:d9:a2:46:c4:6b:
84:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:07:F3:25:74:7C:BD:20:F2:E7:06:BD:0A:56:03:78:4B:D2:D3:FE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/sQfzJXR8vSDy5wa9ClYDeEvS0_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.244.0/24
88.209.248.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:4c:40:9a:fa:8e:f4:a4:6e:22:1d:46:b8:71:10:09:95:ff:
5e:6e:51:8f:57:23:81:82:2e:a6:06:2c:e0:74:63:7b:4f:32:
e1:58:0d:f2:ed:1d:08:0b:84:a5:b1:89:fd:87:da:af:60:df:
7c:3e:d4:5f:ac:47:75:1e:80:14:26:fb:69:6e:3d:ee:c8:d8:
31:69:ef:cc:0d:fc:e2:2e:a4:27:b7:77:75:10:e8:3b:f6:d2:
e3:79:d1:14:55:09:ef:6d:d9:71:b2:a0:6b:4c:fe:4e:1d:d5:
3d:42:ab:35:05:36:5f:10:30:3b:93:c7:4f:8e:92:06:97:b2:
30:8f:59:c7:50:e0:cc:7e:4f:96:de:b1:2f:ca:19:a9:71:30:
e3:09:a3:84:3e:d0:e5:0c:3b:ad:35:fd:bf:ca:d5:13:54:5d:
1a:0d:d2:d7:eb:bb:3c:61:b8:ea:94:24:1f:18:89:e7:20:dd:
d6:80:43:34:07:d8:8f:6f:d4:36:f8:ef:33:c9:ad:05:ad:77:
fa:e0:ae:00:e9:a4:40:8c:a1:5e:b6:8d:8f:88:f6:33:20:f9:
c8:2f:57:68:49:36:2f:7f:a3:df:e1:6a:a0:e2:46:58:54:24:
7b:72:f4:f9:26:e2:93:b5:66:b6:cf:ea:2f:a1:08:1f:fa:af:
70:b9:8b:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEeuj8vh2Di5BCH+PYCMwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTAxMTAwMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA3ZjMyNTc0N2NiZDIwZjJlNzA2YmQwYTU2MDM3ODRiZDJkM2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4cCD/P/s8ZIs70I3YaNxw9Wlh1/
29eXhgEXCTsNedQYOphZlu9yfaZJIQQkZdvB9s/U7kgKLt0jhIX/4kco8z56Ld2b
iV5mDeMiscHfwyS5f1sQFpiMh+JpRHPR5q4qu7g23U62lf7jPbyzVgw80cX+JG5U
Oqrj5xHOBvCzkP0llhium0QXp9bfLzqK/+NBI1OH8liqCD24TmfPNsxZSUmKVBKv
8LmtXxzD6ZckjV/Ga/w1K5Yjv0Jx275l9IZcG6nNg0QrGo+ZB/nwKNVa1+qKJBXe
uXhL8p3tG4nu0q6dYwZFcsYllgk26DJmggLY5/O01qpPbws72aJGxGuEIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLEH8yV0fL0g8ucGvQpWA3hL0tP+MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvc1FmekpYUjh2U0R5NXdhOUNsWURlRXZTMF80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNH0AwQA
WNH4MA0GCSqGSIb3DQEBCwUAA4IBAQAbTECa+o70pG4iHUa4cRAJlf9eblGPVyOB
gi6mBizgdGN7TzLhWA3y7R0IC4SlsYn9h9qvYN98PtRfrEd1HoAUJvtpbj3uyNgx
ae/MDfziLqQnt3d1EOg79tLjedEUVQnvbdlxsqBrTP5OHdU9Qqs1BTZfEDA7k8dP
jpIGl7Iwj1nHUODMfk+W3rEvyhmpcTDjCaOEPtDlDDutNf2/ytUTVF0aDdLX67s8
YbjqlCQfGInnIN3WgEM0B9iPb9Q2+O8zya0FrXf64K4A6aRAjKFeto2PiPYzIPnI
L1doSTYvf6Pf4Wqg4kZYVCR7cvT5JuKTtWa2z+ovoQgf+q9wuYsd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:57 2024 by rpki-client on console-ams.rpki-client.org