Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/I-foEZqIOaQ7j7HPw2bG_3guMB8.roa
File: I-foEZqIOaQ7j7HPw2bG_3guMB8.roa (raw, json)
Hash identifier: 1CHv9kDMGCazipvGZNOYmsjh62pZYLMGF1bQiYWUWJk=
Subject key identifier: 23:E7:E8:11:9A:88:39:A4:3B:8F:B1:CF:C3:66:C6:FF:78:2E:30:1F
Certificate issuer: /CN=9bea3a3a4a3606c7396f15f501ac5c641785750c
Certificate serial: 018ECC7078FF689EBC6176166236C8C80252
Authority key identifier: 9B:EA:3A:3A:4A:36:06:C7:39:6F:15:F5:01:AC:5C:64:17:85:75:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-o6Oko2Bsc5bxX1AaxcZBeFdQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/I-foEZqIOaQ7j7HPw2bG_3guMB8.roa
Signing time: Thu 11 Apr 2024 09:15:06 +0000
ROA not before: Thu 11 Apr 2024 09:15:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197524
IP address blocks: 5.22.240.0/21 maxlen: 21
88.133.0.0/17 maxlen: 17
88.133.0.0/19 maxlen: 19
88.133.64.0/19 maxlen: 19
88.133.128.0/20 maxlen: 20
88.133.156.0/22 maxlen: 24
109.199.160.0/19 maxlen: 19
185.9.64.0/22 maxlen: 22
2a01:a980::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 29 Apr 2024 20:58:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:70:78:ff:68:9e:bc:61:76:16:62:36:c8:c8:02:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bea3a3a4a3606c7396f15f501ac5c641785750c
Validity
Not Before: Apr 11 09:15:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23e7e8119a8839a43b8fb1cfc366c6ff782e301f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:01:b1:cb:05:93:51:79:77:24:88:e5:4d:b3:
b6:76:b6:a2:ad:8a:91:31:53:32:12:93:9d:a9:ec:
bb:e8:08:85:3a:48:d1:15:d0:2a:b6:22:60:49:e8:
94:0b:1d:18:97:b5:23:85:f3:1b:2c:85:60:4a:37:
c7:70:7d:e2:ef:31:8c:9b:61:cf:25:f4:d3:35:6c:
b8:42:ac:8a:a2:fc:6f:9b:17:ea:58:6e:88:bf:c8:
25:fa:34:be:db:8c:81:db:7b:82:b2:3c:7a:3d:98:
bb:14:7d:cc:db:15:70:32:b0:db:15:7f:fd:10:c5:
a7:45:fa:2c:df:aa:50:c5:dc:4f:da:5c:93:04:13:
25:6b:7c:c9:3d:96:e6:3f:6f:f3:01:6e:5d:ad:f9:
6b:ca:a8:51:22:88:a3:0d:68:02:c7:76:1b:eb:f7:
73:13:e0:74:be:eb:19:33:1d:7a:f8:51:8a:91:1f:
26:03:97:3a:80:c6:a0:43:68:5b:86:43:c9:71:5e:
ad:be:33:7c:29:a7:22:44:d5:48:95:5e:72:9b:1c:
2e:5f:79:eb:c5:43:c0:1a:78:50:b5:8c:8a:db:a9:
01:fa:2d:cb:28:e7:1c:c3:ee:df:16:f9:ae:24:76:
54:b6:d4:e5:d8:3b:56:17:6b:97:b5:eb:b1:42:6b:
bd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E7:E8:11:9A:88:39:A4:3B:8F:B1:CF:C3:66:C6:FF:78:2E:30:1F
X509v3 Authority Key Identifier:
keyid:9B:EA:3A:3A:4A:36:06:C7:39:6F:15:F5:01:AC:5C:64:17:85:75:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-o6Oko2Bsc5bxX1AaxcZBeFdQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/I-foEZqIOaQ7j7HPw2bG_3guMB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/m-o6Oko2Bsc5bxX1AaxcZBeFdQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.240.0/21
88.133.0.0-88.133.143.255
88.133.156.0/22
109.199.160.0/19
185.9.64.0/22
IPv6:
2a01:a980::/29
Signature Algorithm: sha256WithRSAEncryption
90:09:0d:33:e5:ba:d0:e4:61:13:2f:aa:d0:23:46:a6:86:1d:
31:5e:f0:72:2c:0e:1b:e0:04:a2:33:d0:90:cb:7d:e0:6c:03:
26:52:e7:f8:0d:d8:bf:2b:d8:80:85:9b:e3:21:44:e5:64:76:
c2:bb:d3:76:b1:69:cc:d5:c3:bc:cf:25:8d:d7:8e:5d:d3:a1:
82:e7:db:2a:63:77:9e:ef:d3:2a:61:87:07:37:3e:e2:2a:13:
1f:23:66:d8:8d:03:7c:2e:9c:b4:32:28:c6:3a:41:58:33:5b:
0d:69:43:e1:5a:e4:2b:31:9e:84:ae:e5:20:f3:83:2c:a8:50:
3b:b7:18:42:a4:07:60:9d:d7:1f:24:72:f5:f9:53:cc:a1:a2:
b8:7f:42:07:c6:65:e4:eb:48:a5:4e:de:07:a0:5d:1d:fb:2b:
79:93:22:0d:5b:3e:2f:ba:f1:bf:d8:83:ab:1b:0b:ae:e9:bd:
23:61:25:92:19:b0:6d:64:29:a4:6d:8e:75:3d:5b:25:ef:8c:
6f:e8:e7:f5:d5:af:c7:e9:b8:2a:bb:40:9f:2e:ff:ee:51:2d:
cb:de:f8:69:27:8b:fe:c6:37:88:a0:09:56:38:f9:46:a9:bf:
75:32:24:a9:ec:e9:fe:d1:1f:70:73:33:e9:aa:aa:77:89:69:
63:5f:19:52
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY7McHj/aJ68YXYWYjbIyAJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZWEzYTNhNGEzNjA2YzczOTZmMTVmNTAxYWM1YzY0MTc4
NTc1MGMwHhcNMjQwNDExMDkxNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2U3ZTgxMTlhODgzOWE0M2I4ZmIxY2ZjMzY2YzZmZjc4MmUzMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAGxywWTUXl3JIjlTbO2drairYqR
MVMyEpOdqey76AiFOkjRFdAqtiJgSeiUCx0Yl7UjhfMbLIVgSjfHcH3i7zGMm2HP
JfTTNWy4QqyKovxvmxfqWG6Iv8gl+jS+24yB23uCsjx6PZi7FH3M2xVwMrDbFX/9
EMWnRfos36pQxdxP2lyTBBMla3zJPZbmP2/zAW5drflryqhRIoijDWgCx3Yb6/dz
E+B0vusZMx16+FGKkR8mA5c6gMagQ2hbhkPJcV6tvjN8KaciRNVIlV5ymxwuX3nr
xUPAGnhQtYyK26kB+i3LKOccw+7fFvmuJHZUttTl2DtWF2uXteuxQmu9cQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFCPn6BGaiDmkO4+xz8Nmxv94LjAfMB8GA1UdIwQY
MBaAFJvqOjpKNgbHOW8V9QGsXGQXhXUMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS1vNk9rbzJCc2M1YnhYMUFheGNaQmVGZFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84OWFiYjgtNjM2ZC00MDg0LTgxYTAt
YzYzYWRiNmVlNWQ5LzEvSS1mb0VacUlPYVE3ajdIUHcyYkdfM2d1TUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84OWFiYjgtNjM2ZC00MDg0LTgxYTAtYzYzYWRiNmVlNWQ5
LzEvbS1vNk9rbzJCc2M1YnhYMUFheGNaQmVGZFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwQDBRbwMAsD
AwBYhQMEBFiFgAMEAliFnAMEBW3HoAMEArkJQDANBAIAAjAHAwUDKgGpgDANBgkq
hkiG9w0BAQsFAAOCAQEAkAkNM+W60ORhEy+q0CNGpoYdMV7wciwOG+AEojPQkMt9
4GwDJlLn+A3YvyvYgIWb4yFE5WR2wrvTdrFpzNXDvM8ljdeOXdOhgufbKmN3nu/T
KmGHBzc+4ioTHyNm2I0DfC6ctDIoxjpBWDNbDWlD4VrkKzGehK7lIPODLKhQO7cY
QqQHYJ3XHyRy9flTzKGiuH9CB8Zl5OtIpU7eB6BdHfsreZMiDVs+L7rxv9iDqxsL
rum9I2ElkhmwbWQppG2OdT1bJe+Mb+jn9dWvx+m4KrtAny7/7lEty974aSeL/sY3
iKAJVjj5Rqm/dTIkqezp/tEfcHMz6aqqd4lpY18ZUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:00 2024 by rpki-client on console-fra.rpki-client.org