Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ujrIC7G9MLr01kPkz_sWpTcISk4.roa
File: ujrIC7G9MLr01kPkz_sWpTcISk4.roa (raw, json)
Hash identifier: F7ND7ZPif+MVPo3iLyzsfDUVW1nBLIyy7VPDXm3tuhM=
Subject key identifier: BA:3A:C8:0B:B1:BD:30:BA:F4:D6:43:E4:CF:FB:16:A5:37:08:4A:4E
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018610F75DCBD73B1BD0F82A1AA98FBB1AB1
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ujrIC7G9MLr01kPkz_sWpTcISk4.roa
Signing time: Thu 02 Feb 2023 07:11:32 +0000
ROA not before: Thu 02 Feb 2023 07:11:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 88.209.249.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Apr 2023 15:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:10:f7:5d:cb:d7:3b:1b:d0:f8:2a:1a:a9:8f:bb:1a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 2 07:11:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba3ac80bb1bd30baf4d643e4cffb16a537084a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0b:4a:2d:a4:2d:b1:a3:98:af:3c:59:0e:ab:
a7:31:fd:3a:f2:e3:e3:a4:53:67:27:89:1a:e9:f7:
70:c0:f9:5b:f1:1b:2d:50:d9:62:54:c0:45:ed:53:
ad:46:f2:a1:c7:3e:79:1d:3c:05:a8:fa:bc:07:87:
03:f4:5c:37:3f:41:d3:4b:83:ac:18:b5:73:ef:54:
b0:a4:2e:1c:5d:f1:f3:ef:28:07:ff:31:a8:79:74:
3c:b9:de:07:91:5d:eb:b5:ff:0c:c2:a0:da:ad:5a:
12:e7:fa:52:10:58:72:2d:34:d6:80:04:58:ed:0f:
6c:61:75:3d:ca:5d:26:8c:60:87:f3:46:2d:c3:5c:
40:ae:32:31:4c:97:a7:79:7f:64:41:f7:24:e9:15:
05:f4:9a:0e:96:98:25:d1:b4:0f:24:0d:c5:68:bb:
15:03:b0:da:7d:2a:aa:00:cb:2d:2e:e8:df:c4:d9:
ee:30:96:fc:cb:65:49:97:bc:71:d4:3a:8c:14:d7:
33:cd:01:fe:07:08:7a:a5:f2:47:cb:04:fa:a1:ad:
3e:fa:8b:d9:90:fd:5e:5b:72:e3:20:6a:c1:af:9d:
a2:d4:81:51:67:8b:f9:4b:6d:d4:74:53:55:d9:a6:
98:7a:42:da:b8:cb:02:55:35:e6:df:90:b6:83:78:
e3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3A:C8:0B:B1:BD:30:BA:F4:D6:43:E4:CF:FB:16:A5:37:08:4A:4E
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ujrIC7G9MLr01kPkz_sWpTcISk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.201.0/24
88.209.207.0/24
88.209.249.0/24
Signature Algorithm: sha256WithRSAEncryption
73:c2:6a:cc:68:39:06:b6:4a:15:15:e7:8d:7d:68:b1:29:77:
33:7e:25:52:4b:11:58:b2:62:5d:36:18:e7:bc:88:d7:c2:d1:
fb:d0:79:14:ad:df:d1:12:29:29:45:b0:a2:6d:2f:7c:ad:52:
f7:9c:b4:da:2e:dd:16:c1:ca:71:02:f7:d3:f6:af:f5:4c:c8:
5e:ba:89:1b:e3:9b:0e:a1:67:5f:91:05:5a:31:fb:73:e5:13:
09:ee:11:a8:2e:74:5c:4d:5f:a8:ab:d3:ef:b6:1f:a6:31:f2:
9b:3a:4b:d6:ba:8a:63:69:d7:71:a1:12:4b:1b:02:43:b9:14:
25:8d:60:25:ad:17:ff:e1:fc:77:5b:51:bb:9d:5b:32:87:06:
ac:98:4b:19:7d:67:37:84:34:09:2f:6a:1f:23:53:74:1c:d3:
60:18:ef:e4:45:75:4a:76:2c:ac:e7:0a:34:43:30:3a:75:e2:
5e:f1:23:e2:82:bc:fd:3b:d2:d3:17:c2:13:2e:a5:a7:e0:62:
de:43:f5:4b:7a:37:53:c9:4c:1c:45:9e:4c:7d:1d:35:40:22:
5e:06:e4:83:be:e7:2e:00:4b:3b:26:f8:9b:76:7c:1e:36:df:
2e:2b:a4:39:54:b3:72:2b:e2:6d:9f:09:0e:bf:1f:03:91:c1:
f4:6e:0b:35
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYQ913L1zsb0PgqGqmPuxqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjAyMDcxMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTNhYzgwYmIxYmQzMGJhZjRkNjQzZTRjZmZiMTZhNTM3MDg0YTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAtKLaQtsaOYrzxZDqunMf068uPj
pFNnJ4ka6fdwwPlb8RstUNliVMBF7VOtRvKhxz55HTwFqPq8B4cD9Fw3P0HTS4Os
GLVz71SwpC4cXfHz7ygH/zGoeXQ8ud4HkV3rtf8MwqDarVoS5/pSEFhyLTTWgARY
7Q9sYXU9yl0mjGCH80Ytw1xArjIxTJeneX9kQfck6RUF9JoOlpgl0bQPJA3FaLsV
A7DafSqqAMstLujfxNnuMJb8y2VJl7xx1DqMFNczzQH+Bwh6pfJHywT6oa0++ovZ
kP1eW3LjIGrBr52i1IFRZ4v5S23UdFNV2aaYekLauMsCVTXm35C2g3jj1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLo6yAuxvTC69NZD5M/7FqU3CEpOMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdWpySUM3RzlNTHIwMWtQa3pfc1dwVGNJU2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNHJAwQA
WNHPAwQAWNH5MA0GCSqGSIb3DQEBCwUAA4IBAQBzwmrMaDkGtkoVFeeNfWixKXcz
fiVSSxFYsmJdNhjnvIjXwtH70HkUrd/REikpRbCibS98rVL3nLTaLt0WwcpxAvfT
9q/1TMheuokb45sOoWdfkQVaMftz5RMJ7hGoLnRcTV+oq9Pvth+mMfKbOkvWuopj
addxoRJLGwJDuRQljWAlrRf/4fx3W1G7nVsyhwasmEsZfWc3hDQJL2ofI1N0HNNg
GO/kRXVKdiys5wo0QzA6deJe8SPigrz9O9LTF8ITLqWn4GLeQ/VLejdTyUwcRZ5M
fR01QCJeBuSDvucuAEs7JvibdnweNt8uK6Q5VLNyK+JtnwkOvx8DkcH0bgs1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:57 2024 by rpki-client on console-ams.rpki-client.org