Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/urnsXKpROSVwRXNLfNR4LPH6JmE.roa
File: urnsXKpROSVwRXNLfNR4LPH6JmE.roa (raw, json)
Hash identifier: gmmxNMiYlCPiodaoZu+ZUyFczRXbhfdQAq+IAgPXC5Q=
Subject key identifier: BA:B9:EC:5C:AA:51:39:25:70:45:73:4B:7C:D4:78:2C:F1:FA:26:61
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0192512AE7DA7D13A82C2A55C6E41CBE8302
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/urnsXKpROSVwRXNLfNR4LPH6JmE.roa
Signing time: Thu 03 Oct 2024 06:56:58 +0000
ROA not before: Thu 03 Oct 2024 06:56:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.194.0/24 maxlen: 24
88.209.195.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
92.52.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 09:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:2a:e7:da:7d:13:a8:2c:2a:55:c6:e4:1c:be:83:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 3 06:56:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bab9ec5caa5139257045734b7cd4782cf1fa2661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c7:af:5e:69:c8:69:be:24:06:f3:8c:21:32:
29:01:b6:67:4a:8c:9c:e8:a5:de:35:c2:6f:cf:dd:
28:8f:70:51:dd:3d:70:66:d9:73:26:42:17:2d:d6:
d0:18:b9:af:9c:8a:e7:34:7c:22:51:4a:f6:15:14:
a8:0f:d8:fb:d6:de:bc:0c:be:3f:74:38:af:89:97:
62:87:c2:bb:5f:e0:ff:ea:51:d2:4d:27:1d:07:41:
54:ba:e3:ed:1f:ee:0e:67:a3:9d:17:c2:8d:e9:32:
55:57:ee:3f:0b:38:a4:35:6e:3b:b5:97:5b:fa:e5:
f6:36:3e:66:9f:0d:9a:f3:3a:75:9f:9e:77:49:70:
be:b4:59:98:81:40:0a:6b:03:ac:f8:fc:c5:19:5b:
69:ad:ac:87:4e:8e:ae:45:5f:56:e1:e4:7d:ed:3f:
c4:e3:21:f5:a8:21:7b:77:ad:85:8e:52:33:19:2e:
bf:48:1a:e8:bc:5b:f3:54:5a:1d:b4:64:24:91:fb:
02:87:10:aa:c2:5d:a5:8a:0c:e0:8e:e8:ef:e9:f7:
5c:f3:95:3e:51:0d:89:5b:6c:53:91:2e:0c:ba:3e:
ae:fb:54:0c:b8:45:f2:09:bb:6b:67:c7:4a:76:b9:
fe:7a:b1:81:7c:2f:8c:1b:51:48:1c:20:6f:66:f1:
d5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B9:EC:5C:AA:51:39:25:70:45:73:4B:7C:D4:78:2C:F1:FA:26:61
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/urnsXKpROSVwRXNLfNR4LPH6JmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.194.0/23
88.209.211.0/24
88.209.232.0/22
92.52.219.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:58:da:c6:4f:98:8e:4d:f3:86:81:08:1f:f6:36:b9:81:2a:
74:8e:c0:f4:af:1b:c3:33:78:bd:dd:00:b7:26:bc:16:f5:53:
b6:3a:a1:e6:f9:f7:76:30:59:0f:f0:51:63:69:28:f0:ab:a6:
a7:95:f0:75:5b:81:fd:6b:60:61:f7:37:99:7b:cb:30:c7:ad:
84:95:6f:ba:86:4e:df:52:1c:ed:72:bc:93:69:d6:ae:70:3e:
6d:69:bf:77:5a:45:db:0d:47:87:b6:96:6e:33:01:ac:27:f8:
33:61:ef:e0:cd:ea:53:39:b4:8e:98:73:b8:02:41:f7:96:53:
1f:20:82:39:49:14:08:81:5b:e4:51:88:c9:60:64:03:0d:aa:
1b:11:26:f1:2d:ed:57:42:a8:f1:4e:e1:14:bd:3d:b9:89:fc:
39:f0:86:f0:bf:7a:6e:d2:9a:50:b1:7d:c2:35:3f:18:19:9c:
ea:d1:f2:35:ed:24:2b:da:a1:7d:a3:80:f9:74:5a:25:61:20:
4f:c8:4b:6a:57:ec:d6:09:1d:88:9c:0b:97:56:f1:0f:3d:ff:
c9:2d:1b:53:94:cd:c4:08:ea:e2:d2:c5:f8:c5:ac:ea:22:1a:
94:0e:36:a2:5e:b7:5d:61:4c:55:d0:5f:45:d7:64:b2:3f:1f:
d1:bf:94:5c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJRKufafROoLCpVxuQcvoMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQxMDAzMDY1NjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWI5ZWM1Y2FhNTEzOTI1NzA0NTczNGI3Y2Q0NzgyY2YxZmEyNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8evXmnIab4kBvOMITIpAbZnSoyc
6KXeNcJvz90oj3BR3T1wZtlzJkIXLdbQGLmvnIrnNHwiUUr2FRSoD9j71t68DL4/
dDiviZdih8K7X+D/6lHSTScdB0FUuuPtH+4OZ6OdF8KN6TJVV+4/CzikNW47tZdb
+uX2Nj5mnw2a8zp1n553SXC+tFmYgUAKawOs+PzFGVtprayHTo6uRV9W4eR97T/E
4yH1qCF7d62FjlIzGS6/SBrovFvzVFodtGQkkfsChxCqwl2ligzgjujv6fdc85U+
UQ2JW2xTkS4Muj6u+1QMuEXyCbtrZ8dKdrn+erGBfC+MG1FIHCBvZvHV+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLq57FyqUTklcEVzS3zUeCzx+iZhMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdXJuc1hLcFJPU1Z3UlhOTGZOUjRMUEg2Sm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWJc4AwQB
WNHCAwQAWNHTAwQCWNHoAwQAXDTbMA0GCSqGSIb3DQEBCwUAA4IBAQAKWNrGT5iO
TfOGgQgf9ja5gSp0jsD0rxvDM3i93QC3JrwW9VO2OqHm+fd2MFkP8FFjaSjwq6an
lfB1W4H9a2Bh9zeZe8swx62ElW+6hk7fUhztcryTadaucD5tab93WkXbDUeHtpZu
MwGsJ/gzYe/gzepTObSOmHO4AkH3llMfIII5SRQIgVvkUYjJYGQDDaobESbxLe1X
QqjxTuEUvT25ifw58Ibwv3pu0ppQsX3CNT8YGZzq0fI17SQr2qF9o4D5dFolYSBP
yEtqV+zWCR2InAuXVvEPPf/JLRtTlM3ECOri0sX4xazqIhqUDjaiXrddYUxV0F9F
12SyPx/Rv5Rc
-----END CERTIFICATE-----
Generated at Thu Oct 3 10:49:53 2024 by rpki-client on console-fra.rpki-client.org