Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/xCte5_7w4Dy11bhhIIpnqqAy8yM.roa
File: xCte5_7w4Dy11bhhIIpnqqAy8yM.roa (raw, json)
Hash identifier: 9jVqQGTQFw8aE/qVtbDW7hVQepGkWiNL9Fy1+P8kQTA=
Subject key identifier: C4:2B:5E:E7:FE:F0:E0:3C:B5:D5:B8:61:20:8A:67:AA:A0:32:F3:23
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01922821FC655C4F593D2B69C2F3CE449A24
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/xCte5_7w4Dy11bhhIIpnqqAy8yM.roa
Signing time: Wed 25 Sep 2024 07:42:48 +0000
ROA not before: Wed 25 Sep 2024 07:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.194.0/24 maxlen: 24
88.209.195.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 06:56:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:28:21:fc:65:5c:4f:59:3d:2b:69:c2:f3:ce:44:9a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 25 07:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c42b5ee7fef0e03cb5d5b861208a67aaa032f323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e2:7c:dd:95:5e:5b:bc:b3:a5:7b:5f:fb:62:
b7:4a:b6:1e:20:2a:c3:ee:ba:e4:ba:c3:a0:0d:e0:
71:bf:74:11:4c:40:41:e9:ba:c6:e1:d7:83:90:e0:
ee:9a:e9:04:2e:c9:92:c2:34:52:30:49:78:cf:45:
5a:66:50:ae:71:5a:3e:da:5d:66:22:c8:65:43:db:
90:a2:55:83:d7:cd:c2:8a:ea:a5:2a:c1:c9:53:58:
9a:3a:9d:75:38:c0:3f:b8:5a:77:4a:f0:08:40:5a:
8c:b4:10:8b:78:36:76:2e:63:da:35:e0:30:eb:43:
39:19:86:f5:41:68:4f:c4:87:54:1b:ab:5b:ba:81:
ef:63:5d:1f:e4:ba:05:48:2e:94:b3:d4:ff:91:83:
ab:92:3e:55:f0:6a:6a:86:11:98:50:9f:d8:03:ef:
40:e9:03:f1:ab:02:e8:5f:c9:09:44:e2:5b:a8:c2:
37:48:66:e5:21:c4:31:68:1c:e9:95:be:6b:0d:4e:
3d:ba:bc:39:11:ff:51:31:7f:b4:0f:6f:6a:bc:73:
e4:78:2a:6d:a5:76:c2:c6:02:d8:1b:6d:85:58:f0:
c4:21:ad:3a:0a:3d:45:86:83:2e:ce:20:d7:11:37:
35:d7:a4:4e:49:cd:3d:a2:66:c9:c8:50:f3:d4:75:
57:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2B:5E:E7:FE:F0:E0:3C:B5:D5:B8:61:20:8A:67:AA:A0:32:F3:23
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/xCte5_7w4Dy11bhhIIpnqqAy8yM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.194.0/23
88.209.211.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
51:4a:e3:18:f0:bb:3a:23:26:d6:46:17:51:07:af:06:b9:a8:
6c:a6:8d:eb:aa:53:72:50:d6:8d:43:b2:cb:29:5b:c2:91:52:
d6:59:3c:be:1d:0f:f3:36:40:43:cb:61:c5:9b:89:b5:de:f4:
16:eb:92:1e:63:b3:87:04:04:20:48:eb:a5:f5:18:b0:50:f5:
a6:3b:4e:13:e6:4b:84:5f:5d:d4:93:43:fc:e8:06:9c:3c:30:
69:0e:75:b1:77:08:04:8a:6a:83:34:59:ba:63:0d:66:03:02:
0a:cf:c0:4c:1f:d9:c1:b2:0d:23:24:29:02:32:d1:2f:74:ae:
6b:f7:ca:db:e1:c4:a6:ee:c1:3a:d3:d6:1e:cd:c6:c5:75:47:
96:3f:d5:95:bc:d6:b0:d1:aa:9d:3b:03:4b:8c:65:67:df:6d:
c8:28:7f:9b:f0:ce:67:b3:49:97:43:3d:39:2b:0b:ce:29:e2:
b9:a7:1b:e1:c2:34:cf:23:71:81:e7:7f:c0:c4:d7:13:b7:a7:
72:d9:a9:7d:6d:4c:51:83:04:c0:8d:af:58:3e:ee:65:57:01:
5c:eb:f7:4b:6d:4d:eb:bb:f4:3f:4b:8f:f9:f7:0f:37:0f:b9:
ba:6c:77:2c:37:df:65:27:48:b2:ce:5d:7a:b1:16:21:0d:48:
90:90:ce:1f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZIoIfxlXE9ZPStpwvPORJokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwOTI1MDc0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDJiNWVlN2ZlZjBlMDNjYjVkNWI4NjEyMDhhNjdhYWEwMzJmMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuJ83ZVeW7yzpXtf+2K3SrYeICrD
7rrkusOgDeBxv3QRTEBB6brG4deDkODumukELsmSwjRSMEl4z0VaZlCucVo+2l1m
IshlQ9uQolWD183CiuqlKsHJU1iaOp11OMA/uFp3SvAIQFqMtBCLeDZ2LmPaNeAw
60M5GYb1QWhPxIdUG6tbuoHvY10f5LoFSC6Us9T/kYOrkj5V8GpqhhGYUJ/YA+9A
6QPxqwLoX8kJROJbqMI3SGblIcQxaBzplb5rDU49urw5Ef9RMX+0D29qvHPkeCpt
pXbCxgLYG22FWPDEIa06Cj1FhoMuziDXETc116ROSc09ombJyFDz1HVXWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMQrXuf+8OA8tdW4YSCKZ6qgMvMjMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEveEN0ZTVfN3c0RHkxMWJoaElJcG5xcUF5OHlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWJc4AwQB
WNHCAwQAWNHTAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQBRSuMY8Ls6IybWRhdR
B68Guahspo3rqlNyUNaNQ7LLKVvCkVLWWTy+HQ/zNkBDy2HFm4m13vQW65IeY7OH
BAQgSOul9RiwUPWmO04T5kuEX13Uk0P86AacPDBpDnWxdwgEimqDNFm6Yw1mAwIK
z8BMH9nBsg0jJCkCMtEvdK5r98rb4cSm7sE609YezcbFdUeWP9WVvNaw0aqdOwNL
jGVn323IKH+b8M5ns0mXQz05KwvOKeK5pxvhwjTPI3GB53/AxNcTt6dy2al9bUxR
gwTAja9YPu5lVwFc6/dLbU3ru/Q/S4/59w83D7m6bHcsN99lJ0iyzl16sRYhDUiQ
kM4f
-----END CERTIFICATE-----
Generated at Thu Oct 3 09:26:23 2024 by rpki-client on console-ams.rpki-client.org