Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/utt3DYJstAf2IwRS852sp68-EjY.roa
File: utt3DYJstAf2IwRS852sp68-EjY.roa (raw, json)
Hash identifier: 54hDbZOdDAfpqoldoLadZXvw1J9ZL/HQ1cyq2iPSzKg=
Subject key identifier: BA:DB:77:0D:82:6C:B4:07:F6:23:04:52:F3:9D:AC:A7:AF:3E:12:36
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018AD1F2D62A13BC74371FF53CE45808E875
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/utt3DYJstAf2IwRS852sp68-EjY.roa
Signing time: Tue 26 Sep 2023 14:44:27 +0000
ROA not before: Tue 26 Sep 2023 14:44:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 88.209.230.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
88.151.63.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
88.209.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:f2:d6:2a:13:bc:74:37:1f:f5:3c:e4:58:08:e8:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 26 14:44:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=badb770d826cb407f6230452f39daca7af3e1236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a5:80:19:69:88:a0:2a:46:a3:e4:1d:24:a2:
c8:f5:9e:d5:4f:b1:05:1e:0d:be:84:02:19:18:32:
d4:13:15:39:47:34:3c:ac:4f:43:f8:09:11:aa:5a:
55:99:97:fe:24:7c:a3:64:10:4d:6b:13:e8:f7:c1:
b6:3b:28:fa:d2:3f:8b:4f:1e:95:e8:c3:ab:ea:7e:
ea:dc:8b:49:ea:dc:1a:e1:ac:ac:8b:d2:f1:a7:ea:
19:44:3a:30:47:f5:7a:4e:14:3d:73:04:d1:28:a5:
98:30:b5:6f:6a:fe:b7:81:6d:1d:0d:68:b2:7e:40:
17:6d:0a:54:39:6c:04:06:87:d5:33:f4:6c:2b:1e:
53:49:31:33:6c:ae:a5:aa:52:8d:ae:f6:34:7b:30:
e1:bf:98:35:b9:16:5a:e0:dd:18:da:7a:c3:f1:e0:
d2:e7:60:76:af:65:89:98:a7:4c:a9:49:87:89:46:
e9:de:87:33:37:b2:26:0b:06:f7:aa:3e:03:e8:08:
6d:8d:4c:32:ba:73:a0:16:bd:d6:3f:54:c5:28:2f:
85:f1:9d:1c:b5:4f:5e:16:70:9f:dd:2d:3a:19:92:
e7:8a:10:d3:35:b3:3a:aa:4c:b8:01:d9:c0:55:7e:
e4:84:bc:5c:e6:fd:f3:da:d8:7e:cc:a3:84:ab:0a:
eb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:DB:77:0D:82:6C:B4:07:F6:23:04:52:F3:9D:AC:A7:AF:3E:12:36
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/utt3DYJstAf2IwRS852sp68-EjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.159.0/24
88.151.63.0/24
88.209.203.0/24
88.209.230.0/24
88.209.255.0/24
Signature Algorithm: sha256WithRSAEncryption
af:2e:bf:09:56:07:46:ff:6b:3b:ae:9e:76:e3:b3:7c:c3:5a:
90:10:fb:cc:74:36:62:ac:f4:46:ce:82:8c:1c:51:3f:86:b1:
a5:59:e6:19:be:88:f0:6d:8e:37:b2:e8:52:f7:17:f4:32:89:
46:c7:71:6e:a7:fa:a4:1e:90:4a:35:9a:b2:29:01:6a:bb:98:
ff:9a:dc:4f:54:b6:15:d6:cc:32:75:56:f9:cf:b7:35:be:cf:
2d:3a:7c:35:d9:0b:9c:7c:85:54:aa:9a:27:26:7a:42:99:e7:
a1:57:03:50:04:26:fb:2a:a2:50:6f:cb:f6:85:bf:ce:7a:54:
b7:ec:39:c4:03:d1:18:c0:c7:fb:0d:54:45:92:02:ca:b9:22:
c5:94:70:b3:8a:ed:79:a4:95:b4:3c:ed:ce:a9:41:6d:8b:3d:
9c:cc:13:32:e4:3b:9a:49:02:da:a2:3d:cf:7f:6d:29:23:26:
f7:29:4a:4c:27:2a:ca:7a:28:90:64:91:a8:31:7c:c0:7d:03:
e2:45:9b:7b:64:cd:3b:59:e9:55:16:64:7c:38:d0:32:3d:60:
df:32:9b:88:05:c2:4d:23:d0:87:6f:a9:83:5a:16:ee:56:d3:
12:1b:df:52:b5:04:95:05:47:08:f7:50:3d:40:26:6a:a0:f7:
ee:88:df:cb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrR8tYqE7x0Nx/1PORYCOh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwOTI2MTQ0NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWRiNzcwZDgyNmNiNDA3ZjYyMzA0NTJmMzlkYWNhN2FmM2UxMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaWAGWmIoCpGo+QdJKLI9Z7VT7EF
Hg2+hAIZGDLUExU5RzQ8rE9D+AkRqlpVmZf+JHyjZBBNaxPo98G2Oyj60j+LTx6V
6MOr6n7q3ItJ6twa4aysi9Lxp+oZRDowR/V6ThQ9cwTRKKWYMLVvav63gW0dDWiy
fkAXbQpUOWwEBofVM/RsKx5TSTEzbK6lqlKNrvY0ezDhv5g1uRZa4N0Y2nrD8eDS
52B2r2WJmKdMqUmHiUbp3oczN7ImCwb3qj4D6AhtjUwyunOgFr3WP1TFKC+F8Z0c
tU9eFnCf3S06GZLnihDTNbM6qky4AdnAVX7khLxc5v3z2th+zKOEqwrruQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLrbdw2CbLQH9iMEUvOdrKevPhI2MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdXR0M0RZSnN0QWYySXdSUzg1MnNwNjgtRWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATfKfAwQA
WJc/AwQAWNHLAwQAWNHmAwQAWNH/MA0GCSqGSIb3DQEBCwUAA4IBAQCvLr8JVgdG
/2s7rp5247N8w1qQEPvMdDZirPRGzoKMHFE/hrGlWeYZvojwbY43suhS9xf0MolG
x3Fup/qkHpBKNZqyKQFqu5j/mtxPVLYV1swydVb5z7c1vs8tOnw12QucfIVUqpon
JnpCmeehVwNQBCb7KqJQb8v2hb/OelS37DnEA9EYwMf7DVRFkgLKuSLFlHCziu15
pJW0PO3OqUFtiz2czBMy5DuaSQLaoj3Pf20pIyb3KUpMJyrKeiiQZJGoMXzAfQPi
RZt7ZM07WelVFmR8ONAyPWDfMpuIBcJNI9CHb6mDWhbuVtMSG99StQSVBUcI91A9
QCZqoPfuiN/L
-----END CERTIFICATE-----
Generated at Fri Oct 20 06:55:02 2023 by rpki-client on console-fra.rpki-client.org