Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tXgRZ5yFJfOiiLVJwQABdd3ByzI.roa
File: tXgRZ5yFJfOiiLVJwQABdd3ByzI.roa (raw, json)
Hash identifier: iJ296lrp9/wETuNrzUYWYByocO+8oUeqvOuvMhbYtts=
Subject key identifier: B5:78:11:67:9C:85:25:F3:A2:88:B5:49:C1:00:01:75:DD:C1:CB:32
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018875C9FDD53A0F9DEF8FBD2250F53C2D20
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tXgRZ5yFJfOiiLVJwQABdd3ByzI.roa
Signing time: Thu 01 Jun 2023 07:09:11 +0000
ROA not before: Thu 01 Jun 2023 07:09:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.245.0/24 maxlen: 24
88.209.248.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.220.0/24 maxlen: 24
88.209.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Jun 2023 13:47:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:75:c9:fd:d5:3a:0f:9d:ef:8f:bd:22:50:f5:3c:2d:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 1 07:09:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b57811679c8525f3a288b549c1000175ddc1cb32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:81:50:25:9d:38:90:22:ae:8e:ca:eb:78:b4:
72:f7:96:40:2d:bc:2c:3e:3e:bc:59:e6:ed:cc:d4:
de:ba:7e:2d:29:56:ec:1f:7d:78:d9:13:db:88:02:
2c:93:1d:a3:5c:0b:dd:9d:13:e3:dc:35:02:31:a0:
64:0f:24:c5:ff:fa:3e:ca:59:11:82:0a:e3:e2:27:
7d:6e:dc:e8:2e:19:a6:3c:b7:89:a9:4e:89:fb:42:
73:27:64:0b:8e:eb:7b:91:da:42:37:c6:0e:63:4d:
bc:2a:60:26:5c:23:87:a7:6d:28:d6:1d:ab:1d:30:
ca:c1:42:ff:ad:5d:39:00:de:46:6a:3f:cb:7a:b6:
e6:75:b9:fd:be:0f:0b:31:e6:d2:88:79:c8:e7:9f:
83:a7:c8:da:42:77:d5:18:d8:21:df:f4:72:0b:ac:
45:dd:e6:b2:d7:82:09:1b:58:82:db:0d:4b:cd:01:
18:66:0e:17:97:24:26:d1:82:1e:b0:0a:3c:db:e5:
cd:ca:14:61:d7:62:26:ce:55:7d:3b:30:90:94:03:
32:67:3d:bb:d4:3d:e6:d1:78:1e:fe:2c:46:1e:3f:
67:42:bc:81:d8:9f:82:5b:02:dd:b1:7d:1d:1d:28:
36:a9:0e:49:58:be:39:13:3f:41:75:82:c1:87:11:
f7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:78:11:67:9C:85:25:F3:A2:88:B5:49:C1:00:01:75:DD:C1:CB:32
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tXgRZ5yFJfOiiLVJwQABdd3ByzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.211.0/24
88.209.220.0/24
88.209.222.0/24
88.209.224.0/23
88.209.245.0/24
88.209.248.0/24
Signature Algorithm: sha256WithRSAEncryption
af:c0:45:63:1f:4e:76:77:14:2e:c5:49:47:0e:d9:0d:ad:73:
71:1f:7b:d5:9b:3f:73:b2:45:81:50:44:58:57:76:6e:ba:7c:
9d:4b:12:82:4f:a5:9d:ec:e0:3f:4b:79:76:24:f7:85:17:6b:
28:0c:1e:86:f3:9f:94:27:09:42:fe:a6:67:94:00:b9:36:2a:
d7:b0:b1:06:a6:00:98:06:43:ac:66:d8:1d:14:29:ae:ec:0b:
2a:64:94:2e:dd:f0:71:b5:45:0a:ca:8c:9e:81:be:9c:e2:6a:
85:b3:51:b6:e9:e2:55:ba:97:38:75:0a:3a:f8:d7:ad:6c:2e:
fa:d1:48:03:03:ff:a5:0d:db:21:1f:35:aa:b7:a2:60:06:8c:
89:a8:e8:28:a8:62:63:db:59:39:9e:c2:6e:12:da:af:da:e0:
d5:53:44:5c:ef:3b:e7:31:ea:d8:e5:4e:b8:a0:02:0d:5c:f3:
2d:3f:fc:c4:07:5a:c6:9b:91:05:b4:81:ef:8e:23:85:b0:e7:
85:b4:4c:3c:85:73:c7:5d:82:ad:b3:77:3e:fd:70:cd:04:25:
6d:d2:06:80:04:51:e4:d5:34:a4:97:a8:ad:89:16:ca:e3:ef:
ec:ee:b6:57:bd:8b:b4:5f:d3:6b:af:97:19:15:a5:4e:e9:ab:
ac:1f:83:e1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYh1yf3VOg+d74+9IlD1PC0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjAxMDcwOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTc4MTE2NzljODUyNWYzYTI4OGI1NDljMTAwMDE3NWRkYzFjYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4FQJZ04kCKujsrreLRy95ZALbws
Pj68WebtzNTeun4tKVbsH3142RPbiAIskx2jXAvdnRPj3DUCMaBkDyTF//o+ylkR
ggrj4id9btzoLhmmPLeJqU6J+0JzJ2QLjut7kdpCN8YOY028KmAmXCOHp20o1h2r
HTDKwUL/rV05AN5Gaj/Lerbmdbn9vg8LMebSiHnI55+Dp8jaQnfVGNgh3/RyC6xF
3eay14IJG1iC2w1LzQEYZg4XlyQm0YIesAo82+XNyhRh12ImzlV9OzCQlAMyZz27
1D3m0Xge/ixGHj9nQryB2J+CWwLdsX0dHSg2qQ5JWL45Ez9BdYLBhxH3vwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLV4EWechSXzooi1ScEAAXXdwcsyMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdFhnUlo1eUZKZk9paUxWSndRQUJkZDNCeXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWNHTAwQA
WNHcAwQAWNHeAwQBWNHgAwQAWNH1AwQAWNH4MA0GCSqGSIb3DQEBCwUAA4IBAQCv
wEVjH052dxQuxUlHDtkNrXNxH3vVmz9zskWBUERYV3ZuunydSxKCT6Wd7OA/S3l2
JPeFF2soDB6G85+UJwlC/qZnlAC5NirXsLEGpgCYBkOsZtgdFCmu7AsqZJQu3fBx
tUUKyoyegb6c4mqFs1G26eJVupc4dQo6+NetbC760UgDA/+lDdshHzWqt6JgBoyJ
qOgoqGJj21k5nsJuEtqv2uDVU0Rc7zvnMerY5U64oAINXPMtP/zEB1rGm5EFtIHv
jiOFsOeFtEw8hXPHXYKts3c+/XDNBCVt0gaABFHk1TSkl6itiRbK4+/s7rZXvYu0
X9Nrr5cZFaVO6ausH4Ph
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:57 2024 by rpki-client on console-ams.rpki-client.org