Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uiOZ01QW2oths9TqiVTWmz4JE2Y.roa
File: uiOZ01QW2oths9TqiVTWmz4JE2Y.roa (raw, json)
Hash identifier: 9P3+YjuSiiMiUZzDeJRYY1L8rUE2n0h19mDi2BYeaeI=
Subject key identifier: BA:23:99:D3:54:16:DA:8B:61:B3:D4:EA:89:54:D6:9B:3E:09:13:66
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018C917F267D8ACB01DF1425F0A7E274E610
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uiOZ01QW2oths9TqiVTWmz4JE2Y.roa
Signing time: Fri 22 Dec 2023 12:27:58 +0000
ROA not before: Fri 22 Dec 2023 12:27:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47169
IP address blocks: 88.209.250.0/23 maxlen: 23
45.88.92.0/24 maxlen: 24
92.52.192.0/21 maxlen: 21
45.14.8.0/23 maxlen: 23
92.52.200.0/22 maxlen: 22
88.209.218.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:7f:26:7d:8a:cb:01:df:14:25:f0:a7:e2:74:e6:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 22 12:27:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba2399d35416da8b61b3d4ea8954d69b3e091366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a6:04:80:18:24:dc:26:e8:d5:db:f7:82:b1:
b4:31:c3:b0:98:67:45:33:af:93:1c:6f:d5:7b:fe:
ae:4f:ea:31:08:24:61:c7:9b:d1:d2:23:32:d3:56:
35:a9:25:07:f6:24:6a:e5:fd:bb:83:72:57:f0:3b:
46:6f:26:84:cc:cf:24:ad:8d:0f:2b:8e:c7:e8:06:
39:1e:ff:b6:66:fd:79:d1:2d:7a:47:6f:72:b9:d6:
08:a4:6b:0c:f4:c0:a0:9d:aa:4a:45:61:ae:b8:d8:
1e:43:e9:c8:f0:5d:2c:26:80:7e:dc:5a:3f:f1:d3:
a2:5d:86:f8:12:8e:3e:b8:1a:b7:f0:65:80:8b:2c:
7c:3c:07:6a:86:9c:e1:79:f0:60:bf:6e:aa:60:b9:
ef:d6:20:82:57:86:ae:f4:00:3c:2f:e1:f0:c3:8a:
eb:0a:a4:2a:57:c3:53:ff:8e:c9:b1:10:dd:f1:a6:
2d:97:69:ae:68:10:9b:75:96:14:89:e8:a7:ab:43:
66:06:c9:82:7b:f4:e9:7b:c1:c4:61:d5:94:98:e9:
31:37:45:bb:ad:4b:38:9b:14:ba:66:61:f0:5f:3b:
43:13:c0:25:30:5c:06:18:bc:ba:ba:60:c0:a7:65:
04:09:18:60:81:15:a4:2f:25:57:ea:bf:4d:22:f1:
53:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:23:99:D3:54:16:DA:8B:61:B3:D4:EA:89:54:D6:9B:3E:09:13:66
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uiOZ01QW2oths9TqiVTWmz4JE2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.8.0/23
45.88.92.0/24
88.209.218.0/24
88.209.250.0/23
92.52.192.0-92.52.203.255
Signature Algorithm: sha256WithRSAEncryption
32:f4:a1:1b:c4:3f:64:0d:17:9b:c7:53:4e:86:67:52:38:e1:
03:c5:1d:a4:6f:0c:13:23:72:45:dc:24:6d:2a:2b:b5:96:58:
1a:ca:1c:47:d2:ba:cf:72:c2:c4:62:b7:a8:c6:91:67:c1:91:
c4:51:28:d5:88:f4:17:e2:16:68:64:df:c3:5c:21:dc:43:89:
2e:b9:35:68:37:47:04:11:a1:ae:18:8a:bd:85:aa:ce:71:15:
29:3b:0f:6b:01:ca:85:6d:11:f4:18:3a:94:35:aa:3b:88:0d:
ba:90:71:b9:19:3b:d5:f1:24:84:e7:ef:1c:15:2c:23:0d:6d:
dd:91:5e:05:78:2e:2b:a8:53:bd:5a:16:e9:ea:32:0a:b0:34:
94:2d:f0:bb:ca:cd:8d:be:68:5d:a1:f2:3b:c0:d2:08:7c:8a:
bc:73:bd:32:6e:85:df:32:c4:ff:43:82:1e:14:05:b5:ea:a6:
99:4d:6a:a5:22:92:26:76:4e:7b:8c:92:40:69:34:f0:c2:95:
a7:2a:c1:1a:1b:81:8f:86:17:91:7f:a3:0c:3e:4d:83:8d:66:
bf:78:d7:18:ee:9b:bd:ad:e7:18:fe:4e:77:d4:79:e0:ff:8d:
ad:55:6a:4f:26:cc:cf:d8:04:e5:74:76:e1:3a:cf:96:86:6c:
f9:ad:5b:d1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYyRfyZ9issB3xQl8KfidOYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMjIyMTIyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTIzOTlkMzU0MTZkYThiNjFiM2Q0ZWE4OTU0ZDY5YjNlMDkxMzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6YEgBgk3Cbo1dv3grG0McOwmGdF
M6+THG/Ve/6uT+oxCCRhx5vR0iMy01Y1qSUH9iRq5f27g3JX8DtGbyaEzM8krY0P
K47H6AY5Hv+2Zv150S16R29yudYIpGsM9MCgnapKRWGuuNgeQ+nI8F0sJoB+3Fo/
8dOiXYb4Eo4+uBq38GWAiyx8PAdqhpzhefBgv26qYLnv1iCCV4au9AA8L+Hww4rr
CqQqV8NT/47JsRDd8aYtl2muaBCbdZYUieinq0NmBsmCe/Tpe8HEYdWUmOkxN0W7
rUs4mxS6ZmHwXztDE8AlMFwGGLy6umDAp2UECRhggRWkLyVX6r9NIvFTcwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLojmdNUFtqLYbPU6olU1ps+CRNmMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdWlPWjAxUVcyb3RoczlUcWlWVFdtejRKRTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBLQ4IAwQA
LVhcAwQAWNHaAwQBWNH6MAwDBAZcNMADBAJcNMgwDQYJKoZIhvcNAQELBQADggEB
ADL0oRvEP2QNF5vHU06GZ1I44QPFHaRvDBMjckXcJG0qK7WWWBrKHEfSus9ywsRi
t6jGkWfBkcRRKNWI9BfiFmhk38NcIdxDiS65NWg3RwQRoa4Yir2Fqs5xFSk7D2sB
yoVtEfQYOpQ1qjuIDbqQcbkZO9XxJITn7xwVLCMNbd2RXgV4LiuoU71aFunqMgqw
NJQt8LvKzY2+aF2h8jvA0gh8irxzvTJuhd8yxP9Dgh4UBbXqpplNaqUikiZ2TnuM
kkBpNPDClacqwRobgY+GF5F/oww+TYONZr941xjum72t5xj+TnfUeeD/ja1Vak8m
zM/YBOV0duE6z5aGbPmtW9E=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:55 2024 by rpki-client on console-ams.rpki-client.org