Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/wLfLE6QIRUWP28ZkpgwPuGQAfc0.roa
File: wLfLE6QIRUWP28ZkpgwPuGQAfc0.roa (raw, json)
Hash identifier: J80Ld+cFyNpN9vb9r3zO+Y0M2suwS62MSQeHaDx+hnw=
Subject key identifier: C0:B7:CB:13:A4:08:45:45:8F:DB:C6:64:A6:0C:0F:B8:64:00:7D:CD
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01863053C7BFC6EC58585A27005E10167073
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/wLfLE6QIRUWP28ZkpgwPuGQAfc0.roa
Signing time: Wed 08 Feb 2023 09:20:42 +0000
ROA not before: Wed 08 Feb 2023 09:20:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.245.0/24 maxlen: 24
88.209.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Feb 2023 12:43:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:30:53:c7:bf:c6:ec:58:58:5a:27:00:5e:10:16:70:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 8 09:20:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0b7cb13a40845458fdbc664a60c0fb864007dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:22:cd:d4:dd:d3:d0:f6:49:a9:d7:21:86:0b:
99:67:56:9b:da:b2:41:1d:d0:3a:79:a3:57:f2:1f:
49:54:cc:3e:de:64:a5:0f:96:3d:7c:c5:f4:31:07:
36:57:2a:7f:fd:59:66:3b:a6:c6:f3:87:ce:f1:cc:
e3:bb:5c:5b:8d:67:a5:eb:64:b8:8f:8a:aa:10:31:
ca:fa:58:eb:8f:0d:0f:0e:a9:32:ff:34:ae:fa:d3:
7b:7c:02:1d:32:98:6c:7e:f8:93:fa:c7:27:47:30:
e1:e1:e3:f7:11:9a:a0:ac:98:3e:b1:c2:28:2b:47:
a4:b5:c7:8b:ec:16:5b:6b:aa:5c:04:02:a7:10:0b:
f6:1f:92:bb:23:51:93:75:a1:9d:d0:90:7a:51:c3:
b6:5c:57:c1:c0:b4:16:e0:44:f4:ac:fe:a1:bf:da:
b5:f1:87:d3:01:82:45:93:66:77:8e:9c:43:2a:c9:
86:a1:aa:6b:02:04:fc:b7:89:dc:03:96:d0:64:3f:
aa:56:8f:80:7d:4b:d0:ed:b5:ec:d3:67:25:a3:cd:
69:d5:70:18:05:5c:5e:58:b1:71:68:07:de:11:2f:
af:5a:37:aa:cc:fe:3e:30:9d:71:70:28:2d:a9:22:
ee:79:f8:e2:43:5d:fb:27:21:56:61:82:2a:74:bd:
83:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B7:CB:13:A4:08:45:45:8F:DB:C6:64:A6:0C:0F:B8:64:00:7D:CD
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/wLfLE6QIRUWP28ZkpgwPuGQAfc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.220.0/22
88.209.245.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:f4:31:98:15:82:8f:9b:13:a9:5d:d4:88:13:df:24:14:4a:
88:bd:9a:03:a2:83:f2:7f:54:a4:77:d0:fa:e9:53:b2:3f:f5:
1b:23:59:41:b0:d4:b0:8c:5f:79:3b:5d:44:28:cf:e9:4c:08:
90:b1:e2:db:ca:b7:1d:2d:37:45:2b:a7:dc:bb:13:cb:a3:13:
5f:03:15:41:a1:18:7a:da:7e:1b:17:99:0f:32:57:f2:eb:e5:
02:87:d7:b6:f7:c5:b8:ad:ce:fb:d6:36:26:26:03:35:60:de:
f0:de:96:94:71:22:7b:bc:c3:91:9c:0b:1f:f6:d8:30:fe:7e:
62:66:96:3c:80:e0:02:b8:04:ec:3e:76:e5:89:28:f4:04:46:
d8:5c:be:8d:9e:d9:99:fc:27:67:a9:da:c6:22:02:1b:de:2f:
84:97:2b:48:1a:4e:e1:85:15:b3:30:14:80:bd:b3:7b:e3:b6:
ed:38:64:bd:60:5a:ca:22:72:a1:8e:54:50:27:5a:32:69:24:
92:24:87:af:0f:e2:38:e8:d9:45:7d:ca:08:83:62:db:f2:14:
96:f5:4b:e8:c9:b8:be:a7:e0:8a:64:45:a0:02:50:16:14:1a:
b5:10:6d:e9:34:ab:f0:24:e7:bb:43:a3:8d:bd:9e:f6:5a:f2:
9f:eb:1c:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYwU8e/xuxYWFonAF4QFnBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjA4MDkyMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGI3Y2IxM2E0MDg0NTQ1OGZkYmM2NjRhNjBjMGZiODY0MDA3ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyLN1N3T0PZJqdchhguZZ1ab2rJB
HdA6eaNX8h9JVMw+3mSlD5Y9fMX0MQc2Vyp//VlmO6bG84fO8czju1xbjWel62S4
j4qqEDHK+ljrjw0PDqky/zSu+tN7fAIdMphsfviT+scnRzDh4eP3EZqgrJg+scIo
K0ektceL7BZba6pcBAKnEAv2H5K7I1GTdaGd0JB6UcO2XFfBwLQW4ET0rP6hv9q1
8YfTAYJFk2Z3jpxDKsmGoaprAgT8t4ncA5bQZD+qVo+AfUvQ7bXs02clo81p1XAY
BVxeWLFxaAfeES+vWjeqzP4+MJ1xcCgtqSLuefjiQ137JyFWYYIqdL2DYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMC3yxOkCEVFj9vGZKYMD7hkAH3NMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvd0xmTEU2UUlSVVdQMjhaa3Bnd1B1R1FBZmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWNHcAwQA
WNH1MA0GCSqGSIb3DQEBCwUAA4IBAQCK9DGYFYKPmxOpXdSIE98kFEqIvZoDooPy
f1Skd9D66VOyP/UbI1lBsNSwjF95O11EKM/pTAiQseLbyrcdLTdFK6fcuxPLoxNf
AxVBoRh62n4bF5kPMlfy6+UCh9e298W4rc771jYmJgM1YN7w3paUcSJ7vMORnAsf
9tgw/n5iZpY8gOACuATsPnbliSj0BEbYXL6NntmZ/CdnqdrGIgIb3i+ElytIGk7h
hRWzMBSAvbN747btOGS9YFrKInKhjlRQJ1oyaSSSJIevD+I46NlFfcoIg2Lb8hSW
9Uvoybi+p+CKZEWgAlAWFBq1EG3pNKvwJOe7Q6ONvZ72WvKf6xyj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org