Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zpywlkxMGHiG0ojBDK3iyVMl9jE.roa
File: zpywlkxMGHiG0ojBDK3iyVMl9jE.roa (raw, json)
Hash identifier: mdCP0/tnl+NpzVbnnXm7r1SeiDc1EFf3Z9bx/5jpnzw=
Subject key identifier: CE:9C:B0:96:4C:4C:18:78:86:D2:88:C1:0C:AD:E2:C9:53:25:F6:31
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018880F8D8F22F857A1C38F3497EA42FF099
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zpywlkxMGHiG0ojBDK3iyVMl9jE.roa
Signing time: Sat 03 Jun 2023 11:16:12 +0000
ROA not before: Sat 03 Jun 2023 11:16:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.245.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Jun 2023 06:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:80:f8:d8:f2:2f:85:7a:1c:38:f3:49:7e:a4:2f:f0:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 3 11:16:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce9cb0964c4c187886d288c10cade2c95325f631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3a:9c:08:39:32:69:26:65:e0:24:f8:81:80:
31:9a:f2:11:b6:91:11:7d:56:ca:e8:97:55:e9:fa:
f5:86:0a:e6:b0:d4:6c:8c:87:ea:5c:41:58:a3:fc:
fd:53:00:4f:ed:c7:96:25:24:81:96:1f:99:7a:f7:
1d:e8:05:9f:e2:77:a9:8d:ce:f9:f3:87:2c:75:ee:
d1:8c:c0:e1:ff:7e:f9:8e:42:c6:03:83:3e:b8:ea:
d5:63:10:f7:e6:c5:fd:5b:83:52:02:00:ce:61:41:
68:36:24:41:0d:d1:ff:9d:53:ad:12:60:5e:da:4a:
e5:1f:5a:7f:8c:39:54:1d:38:0e:0e:2a:12:b8:d4:
8c:3d:35:49:94:c1:f0:1f:5d:28:d1:ca:1c:c2:14:
d9:9a:35:b1:6f:46:01:21:16:c1:fa:8e:21:11:55:
72:a3:1f:53:50:4e:24:58:99:24:af:d9:19:85:df:
0b:0e:c8:ff:e1:1c:f5:b2:72:c5:1a:33:8a:9e:55:
c1:d8:6b:08:c7:c9:c8:45:95:9b:cf:53:85:02:b5:
5a:8d:1a:54:0c:fe:a6:c4:fa:0c:62:c5:64:83:10:
78:c4:5e:dd:b7:43:9a:d6:95:c0:00:93:f8:1f:85:
ce:7a:74:a2:cf:10:4e:53:45:fa:15:fd:b8:91:c6:
e3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:9C:B0:96:4C:4C:18:78:86:D2:88:C1:0C:AD:E2:C9:53:25:F6:31
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zpywlkxMGHiG0ojBDK3iyVMl9jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.211.0/24
88.209.222.0/24
88.209.245.0/24
Signature Algorithm: sha256WithRSAEncryption
60:fc:b0:d9:2a:85:16:03:bf:60:ad:c8:8e:3c:90:16:be:43:
1e:12:79:d7:18:61:54:a6:65:93:de:bb:8c:2b:e9:bd:11:6b:
27:f1:34:06:06:be:08:e8:12:8e:7a:bc:e8:46:d4:ce:d6:8b:
58:03:53:d5:62:c1:09:3b:e8:48:b9:c3:cd:df:b9:92:ab:7b:
cf:15:cb:f6:df:67:8e:f7:ba:8c:6f:c3:66:8c:fb:24:0e:db:
6e:75:6f:b1:8e:53:6a:79:ff:5d:72:c3:6c:68:2d:e4:bb:07:
2a:2d:22:77:98:29:5c:4e:55:53:21:e6:34:3d:11:e4:b2:be:
ff:93:f5:48:51:a5:e7:b5:df:c0:e8:7f:fa:7f:d7:bd:80:13:
18:ee:57:98:ba:43:e9:3e:57:59:ff:4f:94:e5:99:41:6b:c0:
aa:44:83:d1:c0:6c:46:c6:4a:9e:4f:eb:68:f1:9b:0d:a3:19:
06:25:18:b4:c4:09:73:dc:fd:ee:06:7b:3a:7b:0e:e1:c9:31:
c5:e0:ee:63:13:25:af:97:91:e6:ef:62:bf:c8:ab:dd:c0:08:
85:6f:11:f8:9a:3e:3f:f4:7f:f1:a2:04:cc:f5:a8:53:9a:4a:
fe:17:bb:93:93:a6:00:1b:20:5d:56:e8:21:3b:ce:4d:dc:d8:
21:a4:05:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiA+NjyL4V6HDjzSX6kL/CZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjAzMTExNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTljYjA5NjRjNGMxODc4ODZkMjg4YzEwY2FkZTJjOTUzMjVmNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TqcCDkyaSZl4CT4gYAxmvIRtpER
fVbK6JdV6fr1hgrmsNRsjIfqXEFYo/z9UwBP7ceWJSSBlh+Zevcd6AWf4nepjc75
84csde7RjMDh/375jkLGA4M+uOrVYxD35sX9W4NSAgDOYUFoNiRBDdH/nVOtEmBe
2krlH1p/jDlUHTgODioSuNSMPTVJlMHwH10o0cocwhTZmjWxb0YBIRbB+o4hEVVy
ox9TUE4kWJkkr9kZhd8LDsj/4Rz1snLFGjOKnlXB2GsIx8nIRZWbz1OFArVajRpU
DP6mxPoMYsVkgxB4xF7dt0Oa1pXAAJP4H4XOenSizxBOU0X6Ff24kcbj2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM6csJZMTBh4htKIwQyt4slTJfYxMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvenB5d2xreE1HSGlHMG9qQkRLM2l5Vk1sOWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNHTAwQA
WNHeAwQAWNH1MA0GCSqGSIb3DQEBCwUAA4IBAQBg/LDZKoUWA79grciOPJAWvkMe
EnnXGGFUpmWT3ruMK+m9EWsn8TQGBr4I6BKOerzoRtTO1otYA1PVYsEJO+hIucPN
37mSq3vPFcv232eO97qMb8NmjPskDttudW+xjlNqef9dcsNsaC3kuwcqLSJ3mClc
TlVTIeY0PRHksr7/k/VIUaXntd/A6H/6f9e9gBMY7leYukPpPldZ/0+U5ZlBa8Cq
RIPRwGxGxkqeT+to8ZsNoxkGJRi0xAlz3P3uBns6ew7hyTHF4O5jEyWvl5Hm72K/
yKvdwAiFbxH4mj4/9H/xogTM9ahTmkr+F7uTk6YAGyBdVughO85N3NghpAXc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org