Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/O9bWBu66qQNnX5tHZLgDjPQ7qrU.roa
File: O9bWBu66qQNnX5tHZLgDjPQ7qrU.roa (raw, json)
Hash identifier: 4G3Ab2DT1tCHg6dRkvBamRlWUjw8DrPxlaBZZdFeGzM=
Subject key identifier: 3B:D6:D6:06:EE:BA:A9:03:67:5F:9B:47:64:B8:03:8C:F4:3B:AA:B5
Certificate issuer: /CN=9944f812a0e002c38e84e47628bdba038598090b
Certificate serial: 0193D8EEB3BBEA07788EA0506D25E0306D21
Authority key identifier: 99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/O9bWBu66qQNnX5tHZLgDjPQ7qrU.roa
Signing time: Wed 18 Dec 2024 08:42:22 +0000
ROA not before: Wed 18 Dec 2024 08:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61071
IP address blocks: 88.213.210.0/24 maxlen: 24
88.213.211.0/24 maxlen: 24
88.213.213.0/24 maxlen: 24
88.213.214.0/23 maxlen: 23
88.213.214.0/24 maxlen: 24
88.213.215.0/24 maxlen: 24
178.217.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 12:46:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d8:ee:b3:bb:ea:07:78:8e:a0:50:6d:25:e0:30:6d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9944f812a0e002c38e84e47628bdba038598090b
Validity
Not Before: Dec 18 08:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bd6d606eebaa903675f9b4764b8038cf43baab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ff:1f:65:7e:f8:75:14:c6:b3:37:44:25:7f:
5a:55:cc:11:fd:b9:9c:3f:28:14:9e:b7:15:41:1b:
e6:83:7c:c5:75:18:5e:3f:70:7b:f4:72:49:5d:09:
e2:8a:6c:ac:d0:b6:ef:f6:c9:54:af:ba:e8:17:11:
e7:ab:6b:9e:ac:2b:ee:ed:0a:13:92:6b:07:09:26:
fc:79:a2:4d:bb:24:1a:0a:7f:16:e3:09:29:bb:ee:
e3:93:d7:48:f3:c9:3b:33:18:53:0a:28:ba:90:c9:
36:7e:0d:34:ef:8d:27:72:53:e6:ca:b1:07:e5:60:
87:09:6e:02:69:80:a6:6c:e9:82:5c:d4:cb:e2:ad:
ba:77:3b:f0:d8:c1:f3:3c:02:00:20:bf:ae:a1:74:
f5:70:08:f5:fb:39:b5:04:c9:10:68:0a:aa:6c:a2:
6c:c8:8b:d0:f2:eb:41:63:5a:1b:1c:c5:95:4a:6f:
7e:8c:7d:89:f5:8e:64:18:22:a6:21:d0:94:be:2f:
0d:c7:a0:6c:7d:bd:af:a6:3f:cb:9c:b0:88:28:9c:
60:b6:fa:a8:e5:15:0f:7f:07:83:82:b5:3d:82:ac:
32:10:13:b4:0b:de:70:fa:fc:b4:c8:7b:8b:d7:b3:
c1:65:58:0d:05:ed:88:20:56:6d:38:80:57:56:9b:
21:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D6:D6:06:EE:BA:A9:03:67:5F:9B:47:64:B8:03:8C:F4:3B:AA:B5
X509v3 Authority Key Identifier:
keyid:99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/O9bWBu66qQNnX5tHZLgDjPQ7qrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.213.210.0/23
88.213.213.0-88.213.215.255
178.217.88.0/22
Signature Algorithm: sha256WithRSAEncryption
44:94:c4:98:9a:be:f4:ed:64:a4:60:86:b8:28:3b:54:ee:8b:
5a:e0:1b:e9:37:7c:36:a5:1a:f7:d9:74:66:1c:fb:02:71:cc:
00:11:be:15:91:c7:8e:42:9b:ef:e9:fa:d6:58:74:03:81:59:
ad:89:23:9a:1e:51:7b:7f:58:d8:63:b7:57:64:a5:db:c4:1e:
6d:e1:61:ca:57:f0:fb:be:8f:3a:ec:44:d0:8c:de:2a:3a:6c:
a6:1a:dc:81:c6:48:63:24:88:fc:3a:38:e5:8d:96:7f:10:dd:
29:a2:2a:23:2c:e6:dc:4d:5c:c6:34:35:73:03:20:a2:0a:4f:
0e:32:81:5e:4d:d1:39:5b:f6:98:00:c6:9e:5f:e3:8c:28:16:
c8:42:e0:00:f9:87:9e:9b:8a:7b:87:48:c1:21:ab:3d:7d:9f:
81:da:8e:b5:8a:f3:85:b6:7a:3b:2f:73:ec:90:b9:48:48:37:
76:58:ed:e0:d4:ad:78:c3:02:0f:d5:f5:ff:f7:83:fd:d1:f7:
a7:6d:51:6f:b6:ad:7e:50:34:bc:c4:dd:fd:d4:a6:ae:ca:43:
75:32:1c:79:cb:ef:a0:9d:5c:ce:76:ad:16:83:f5:d3:ea:63:
9c:35:3a:f5:5b:77:f2:d7:7e:1f:bb:0c:6e:f7:69:1d:ac:98:
15:4a:14:9d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZPY7rO76gd4jqBQbSXgMG0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NDRmODEyYTBlMDAyYzM4ZTg0ZTQ3NjI4YmRiYTAzODU5
ODA5MGIwHhcNMjQxMjE4MDg0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ2ZDYwNmVlYmFhOTAzNjc1ZjliNDc2NGI4MDM4Y2Y0M2JhYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv8fZX74dRTGszdEJX9aVcwR/bmc
PygUnrcVQRvmg3zFdRheP3B79HJJXQniimys0Lbv9slUr7roFxHnq2uerCvu7QoT
kmsHCSb8eaJNuyQaCn8W4wkpu+7jk9dI88k7MxhTCii6kMk2fg00740nclPmyrEH
5WCHCW4CaYCmbOmCXNTL4q26dzvw2MHzPAIAIL+uoXT1cAj1+zm1BMkQaAqqbKJs
yIvQ8utBY1obHMWVSm9+jH2J9Y5kGCKmIdCUvi8Nx6Bsfb2vpj/LnLCIKJxgtvqo
5RUPfweDgrU9gqwyEBO0C95w+vy0yHuL17PBZVgNBe2IIFZtOIBXVpshNQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDvW1gbuuqkDZ1+bR2S4A4z0O6q1MB8GA1UdIwQY
MBaAFJlE+BKg4ALDjoTkdii9ugOFmAkLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMt
MzA2YzU2NTEzNDNlLzEvTzliV0J1NjZxUU5uWDV0SFpMZ0RqUFE3cXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMtMzA2YzU2NTEzNDNl
LzEvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBWNXSMAwD
BABY1dUDBANY1dADBAKy2VgwDQYJKoZIhvcNAQELBQADggEBAESUxJiavvTtZKRg
hrgoO1Tui1rgG+k3fDalGvfZdGYc+wJxzAARvhWRx45Cm+/p+tZYdAOBWa2JI5oe
UXt/WNhjt1dkpdvEHm3hYcpX8Pu+jzrsRNCM3io6bKYa3IHGSGMkiPw6OOWNln8Q
3SmiKiMs5txNXMY0NXMDIKIKTw4ygV5N0Tlb9pgAxp5f44woFshC4AD5h56binuH
SMEhqz19n4HajrWK84W2ejsvc+yQuUhIN3ZY7eDUrXjDAg/V9f/3g/3R96dtUW+2
rX5QNLzE3f3Upq7KQ3UyHHnL76CdXM52rRaD9dPqY5w1OvVbd/LXfh+7DG73aR2s
mBVKFJ0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:24:53 2025 by rpki-client