Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/d9x_mQ_zTiPZKfBSZ4fht6iCZWg.roa
File: d9x_mQ_zTiPZKfBSZ4fht6iCZWg.roa (raw, json)
Hash identifier: gdbMJubWhLHduDa/RvfrnpSLt1wJXBzmlFCqJJ122L4=
Subject key identifier: 77:DC:7F:99:0F:F3:4E:23:D9:29:F0:52:67:87:E1:B7:A8:82:65:68
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01929AA01D5F52C8D9CB2A0AF7A17C8824A6
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/d9x_mQ_zTiPZKfBSZ4fht6iCZWg.roa
Signing time: Thu 17 Oct 2024 13:17:17 +0000
ROA not before: Thu 17 Oct 2024 13:17:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6134
IP address blocks: 88.218.192.0/24 maxlen: 24
88.218.195.0/24 maxlen: 24
176.113.68.0/22 maxlen: 24
176.113.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Oct 2024 13:18:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9a:a0:1d:5f:52:c8:d9:cb:2a:0a:f7:a1:7c:88:24:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Oct 17 13:17:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77dc7f990ff34e23d929f0526787e1b7a8826568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6d:e1:e3:c3:5f:97:49:60:04:aa:ae:0c:e0:
65:13:99:ad:27:8c:d7:c2:1c:08:e3:7b:82:f8:a8:
78:f1:00:3d:b5:4c:cc:ea:ee:aa:e9:ce:52:49:15:
8b:5a:09:b7:c6:2c:ae:69:62:a0:94:c6:2a:12:b2:
d7:52:bb:23:7c:ba:18:34:a4:ee:b4:5e:0a:a7:e1:
57:0f:44:3b:da:c6:28:a9:dd:b3:b8:2a:ae:19:a3:
48:30:c4:73:4d:9c:26:c8:4e:bc:16:3c:8f:4e:af:
d0:1b:f6:77:b9:14:60:7f:85:32:dd:73:2f:18:6a:
58:01:17:46:a7:3d:cc:b8:41:ee:8f:17:69:db:34:
75:bf:78:96:9f:ab:e9:88:69:1a:53:5c:9f:00:6c:
53:75:48:07:68:6c:6c:8a:43:fa:34:20:61:ad:50:
6d:88:b7:88:87:51:db:27:62:7e:cc:a9:12:80:ee:
be:93:ba:7b:90:95:0d:ba:a5:0c:af:6d:1d:4e:bc:
b7:d8:b3:71:fc:14:94:c6:b4:6e:8e:a8:49:32:a0:
1d:52:1b:9f:40:f8:ce:f2:d4:c0:7f:d3:c4:d4:9e:
00:91:ec:ea:5b:4d:69:ea:35:bc:aa:d2:49:31:66:
65:da:2c:de:7a:1c:3d:66:f5:86:0c:95:19:6e:74:
49:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DC:7F:99:0F:F3:4E:23:D9:29:F0:52:67:87:E1:B7:A8:82:65:68
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/d9x_mQ_zTiPZKfBSZ4fht6iCZWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.192.0/24
88.218.195.0/24
176.113.68.0/22
Signature Algorithm: sha256WithRSAEncryption
75:3f:0d:10:9a:70:a9:9a:1d:76:8d:5d:fe:1b:29:3c:35:d5:
4e:70:ea:c2:fd:ef:a5:7b:98:cd:f3:25:1f:29:e0:5f:fa:72:
dc:c5:88:86:cc:00:07:bd:14:17:de:90:d6:ef:e9:0a:ed:e9:
e1:da:0a:33:9b:aa:44:d3:12:6f:57:d9:0b:47:d1:06:2b:22:
cc:da:56:f8:05:94:61:9e:5b:66:61:ef:6d:ff:6e:8f:cc:92:
bf:00:d1:c4:17:98:61:35:f6:95:3e:ad:39:80:56:b0:e6:fd:
36:39:67:1f:3f:d6:a5:97:f8:e5:07:59:76:16:38:0e:09:63:
19:0f:77:48:5b:ac:a1:d8:33:dd:e2:50:17:a3:48:99:bc:2b:
fc:ac:98:7d:49:3a:e5:1a:2a:a7:91:22:15:71:76:b4:ff:78:
e8:81:82:3e:a2:9f:d6:28:03:2a:84:bd:03:b3:9a:a0:a1:48:
ad:51:50:93:68:61:26:ad:2e:e8:e6:e3:9f:0f:fc:9e:48:73:
77:63:9c:71:19:78:c5:af:fc:a1:91:f7:55:31:55:ef:c7:2e:
70:e2:03:16:5a:ba:28:79:be:c2:1c:ca:44:4a:21:e7:c0:05:
e6:c4:13:1e:08:79:4b:10:09:f0:fe:19:dc:e4:ff:29:70:e1:
a9:b8:7c:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKaoB1fUsjZyyoK96F8iCSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQxMDE3MTMxNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2RjN2Y5OTBmZjM0ZTIzZDkyOWYwNTI2Nzg3ZTFiN2E4ODI2NTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr23h48Nfl0lgBKquDOBlE5mtJ4zX
whwI43uC+Kh48QA9tUzM6u6q6c5SSRWLWgm3xiyuaWKglMYqErLXUrsjfLoYNKTu
tF4Kp+FXD0Q72sYoqd2zuCquGaNIMMRzTZwmyE68FjyPTq/QG/Z3uRRgf4Uy3XMv
GGpYARdGpz3MuEHujxdp2zR1v3iWn6vpiGkaU1yfAGxTdUgHaGxsikP6NCBhrVBt
iLeIh1HbJ2J+zKkSgO6+k7p7kJUNuqUMr20dTry32LNx/BSUxrRujqhJMqAdUhuf
QPjO8tTAf9PE1J4AkezqW01p6jW8qtJJMWZl2izeehw9ZvWGDJUZbnRJ+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHfcf5kP804j2SnwUmeH4beogmVoMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvZDl4X21RX3pUaVBaS2ZCU1o0Zmh0NmlDWldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNrAAwQA
WNrDAwQCsHFEMA0GCSqGSIb3DQEBCwUAA4IBAQB1Pw0QmnCpmh12jV3+Gyk8NdVO
cOrC/e+le5jN8yUfKeBf+nLcxYiGzAAHvRQX3pDW7+kK7enh2gozm6pE0xJvV9kL
R9EGKyLM2lb4BZRhnltmYe9t/26PzJK/ANHEF5hhNfaVPq05gFaw5v02OWcfP9al
l/jlB1l2FjgOCWMZD3dIW6yh2DPd4lAXo0iZvCv8rJh9STrlGiqnkSIVcXa0/3jo
gYI+op/WKAMqhL0Ds5qgoUitUVCTaGEmrS7o5uOfD/yeSHN3Y5xxGXjFr/yhkfdV
MVXvxy5w4gMWWrooeb7CHMpESiHnwAXmxBMeCHlLEAnw/hnc5P8pcOGpuHwv
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:30:05 2025 by rpki-client