Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/oJQbmNa7y-RyXTYVbSCsivF2sD0.roa
File: oJQbmNa7y-RyXTYVbSCsivF2sD0.roa (raw, json)
Hash identifier: BoAsq8n9bpnZ/t9lLqrIvPtNTzGQrFRvUBf8YEGjVns=
Subject key identifier: A0:94:1B:98:D6:BB:CB:E4:72:5D:36:15:6D:20:AC:8A:F1:76:B0:3D
Certificate issuer: /CN=a2e606c7e93fed36ef90d42ce4a97260bb8aa9c1
Certificate serial: 01856CE60AC42E3D89E1A5485E9E3694C722
Authority key identifier: A2:E6:06:C7:E9:3F:ED:36:EF:90:D4:2C:E4:A9:72:60:BB:8A:A9:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ouYGx-k_7TbvkNQs5KlyYLuKqcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/oJQbmNa7y-RyXTYVbSCsivF2sD0.roa
Signing time: Sun 01 Jan 2023 10:34:53 +0000
ROA not before: Sun 01 Jan 2023 10:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60733
IP address blocks: 88.218.136.0/22 maxlen: 24
2a09:ab80::/29 maxlen: 60
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:0a:c4:2e:3d:89:e1:a5:48:5e:9e:36:94:c7:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2e606c7e93fed36ef90d42ce4a97260bb8aa9c1
Validity
Not Before: Jan 1 10:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0941b98d6bbcbe4725d36156d20ac8af176b03d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c6:9a:8c:1b:ff:ce:5f:6f:c2:7c:27:10:24:
fe:5a:58:fb:b2:1c:5c:ad:6c:4e:68:f2:fe:8c:73:
46:34:87:e6:13:65:c9:bd:8a:f9:aa:9d:c2:6a:a2:
5f:f5:79:5a:09:05:2d:95:e8:f7:38:04:36:06:df:
27:f4:72:d5:91:92:13:8d:c3:b4:8d:0e:54:3d:79:
f3:5a:87:5d:c7:ce:54:96:5f:e9:ee:b7:36:5a:18:
47:de:88:2a:e4:52:81:68:50:e7:f7:d0:ef:ff:06:
29:68:21:14:34:57:ff:86:12:29:33:9b:d8:3e:48:
aa:08:a6:c4:93:d6:34:49:b5:3d:2e:2b:fe:56:51:
fa:ec:07:a4:b6:da:12:4b:9a:a8:aa:16:92:e0:2c:
3c:f1:1e:a9:c2:06:f6:2d:ee:0e:46:65:1d:4d:e4:
e0:e2:27:16:82:91:07:a7:d2:8d:12:5b:3d:49:a6:
26:9f:0b:1f:a5:7f:8c:36:0d:65:ca:98:3a:7d:40:
c5:2b:0a:e8:1f:51:e9:f5:8e:c4:08:2b:86:04:ed:
9a:48:fd:eb:ae:87:66:49:52:40:4f:a3:f3:16:17:
3a:b3:6b:32:e8:91:f8:1b:18:88:4e:a7:3c:c8:1d:
a9:c3:50:72:8c:ca:14:8c:66:b6:18:09:21:b7:ce:
79:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:94:1B:98:D6:BB:CB:E4:72:5D:36:15:6D:20:AC:8A:F1:76:B0:3D
X509v3 Authority Key Identifier:
keyid:A2:E6:06:C7:E9:3F:ED:36:EF:90:D4:2C:E4:A9:72:60:BB:8A:A9:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ouYGx-k_7TbvkNQs5KlyYLuKqcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/oJQbmNa7y-RyXTYVbSCsivF2sD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/ouYGx-k_7TbvkNQs5KlyYLuKqcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.136.0/22
IPv6:
2a09:ab80::/29
Signature Algorithm: sha256WithRSAEncryption
60:f1:a3:c5:93:6d:b6:46:38:a9:58:ec:fd:6b:04:a1:d5:ea:
f6:05:bd:e5:fc:dc:ed:69:c0:c6:b5:7a:b7:0b:59:b5:54:d7:
1a:41:a7:59:14:e9:20:dc:88:07:38:a1:07:64:7e:9f:a5:a3:
86:f6:ef:ff:06:0b:43:35:3b:64:f4:a4:23:73:1b:b9:49:df:
cd:2b:d4:c6:65:c1:9c:4c:5b:ce:37:dd:2d:01:ef:f5:a9:2e:
a4:55:23:74:84:86:58:1e:45:80:39:60:b0:26:ff:a4:6b:be:
c7:34:a8:f7:95:72:36:81:93:82:d5:ac:2d:0e:8e:79:49:1d:
11:b0:80:98:75:e4:79:a3:48:91:dc:96:9e:47:40:2a:c0:6c:
f4:73:6a:d9:2d:74:22:ca:e5:ce:22:23:86:69:be:0c:0b:d7:
a5:8f:55:2c:d8:91:73:da:49:67:a4:77:7b:7a:ef:fb:cc:7b:
c3:4d:55:f2:f3:ae:39:ba:fe:8a:90:f1:c3:32:91:5f:80:3b:
2a:df:6e:19:f1:bf:80:69:06:8e:05:32:15:1d:a6:a8:e9:30:
bd:a4:b2:06:07:35:99:46:ad:05:5a:bd:dc:5f:d0:18:81:8c:
85:bd:e8:bb:b2:a8:43:15:a9:b2:67:a4:62:be:fc:25:fa:5d:
14:69:5b:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs5grELj2J4aVIXp42lMciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZTYwNmM3ZTkzZmVkMzZlZjkwZDQyY2U0YTk3MjYwYmI4
YWE5YzEwHhcNMjMwMTAxMTAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDk0MWI5OGQ2YmJjYmU0NzI1ZDM2MTU2ZDIwYWM4YWYxNzZiMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcaajBv/zl9vwnwnECT+Wlj7shxc
rWxOaPL+jHNGNIfmE2XJvYr5qp3CaqJf9XlaCQUtlej3OAQ2Bt8n9HLVkZITjcO0
jQ5UPXnzWoddx85Ull/p7rc2WhhH3ogq5FKBaFDn99Dv/wYpaCEUNFf/hhIpM5vY
PkiqCKbEk9Y0SbU9Liv+VlH67AekttoSS5qoqhaS4Cw88R6pwgb2Le4ORmUdTeTg
4icWgpEHp9KNEls9SaYmnwsfpX+MNg1lypg6fUDFKwroH1Hp9Y7ECCuGBO2aSP3r
rodmSVJAT6PzFhc6s2sy6JH4GxiITqc8yB2pw1ByjMoUjGa2GAkht855BwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKCUG5jWu8vkcl02FW0grIrxdrA9MB8GA1UdIwQY
MBaAFKLmBsfpP+0275DULOSpcmC7iqnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3VZR3gta183VGJ2a05RczVLbHlZTHVLcWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9kM2UyM2YtMGU1YS00OTIzLWFiMmYt
YTllYTIwNTcwNDJiLzEvb0pRYm1OYTd5LVJ5WFRZVmJTQ3NpdkYyc0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9kM2UyM2YtMGU1YS00OTIzLWFiMmYtYTllYTIwNTcwNDJi
LzEvb3VZR3gta183VGJ2a05RczVLbHlZTHVLcWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCWNqIMA0E
AgACMAcDBQMqCauAMA0GCSqGSIb3DQEBCwUAA4IBAQBg8aPFk222RjipWOz9awSh
1er2Bb3l/NztacDGtXq3C1m1VNcaQadZFOkg3IgHOKEHZH6fpaOG9u//BgtDNTtk
9KQjcxu5Sd/NK9TGZcGcTFvON90tAe/1qS6kVSN0hIZYHkWAOWCwJv+ka77HNKj3
lXI2gZOC1awtDo55SR0RsICYdeR5o0iR3JaeR0AqwGz0c2rZLXQiyuXOIiOGab4M
C9elj1Us2JFz2klnpHd7eu/7zHvDTVXy8645uv6KkPHDMpFfgDsq324Z8b+AaQaO
BTIVHaao6TC9pLIGBzWZRq0FWr3cX9AYgYyFvei7sqhDFamyZ6Rivvwl+l0UaVsY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:41 2024 by rpki-client on console-fra.rpki-client.org