Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/apnO3q7YXCPPqeMS_hMw3Oy_Amw.roa
File: apnO3q7YXCPPqeMS_hMw3Oy_Amw.roa (raw, json)
Hash identifier: sYMnB0kq3kKaTTgE1W2ZHPu5roB8ZA7uj7xNmSUaZaQ=
Subject key identifier: 6A:99:CE:DE:AE:D8:5C:23:CF:A9:E3:12:FE:13:30:DC:EC:BF:02:6C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0195275209934C1B21F0EF7E7A00D51829A3
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/apnO3q7YXCPPqeMS_hMw3Oy_Amw.roa
Signing time: Fri 21 Feb 2025 07:04:02 +0000
ROA not before: Fri 21 Feb 2025 07:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 07:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:52:09:93:4c:1b:21:f0:ef:7e:7a:00:d5:18:29:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 21 07:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a99cedeaed85c23cfa9e312fe1330dcecbf026c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:99:5c:5d:7c:12:ea:d9:f3:c4:66:5e:ae:5f:
e3:15:9d:1f:10:96:76:83:66:f3:8a:32:18:ae:35:
04:28:bc:22:aa:36:e5:cd:79:96:0f:a2:13:2f:98:
8f:76:fc:69:7b:e2:96:08:21:bf:06:58:c4:a6:07:
1e:70:99:3b:fb:2d:af:1a:64:a8:36:e1:b2:5b:a3:
83:f4:bb:5d:86:71:75:de:b4:fd:7f:c3:bb:d5:5b:
d5:f0:22:d4:83:b7:20:b8:ef:cc:1d:9a:fa:98:4a:
d1:0a:8d:3f:05:16:66:f0:c2:ea:aa:be:23:0a:ca:
41:a4:89:66:c0:07:84:04:2e:c5:ed:42:72:ba:9c:
78:70:ab:06:81:1e:f8:7f:23:30:92:42:9a:60:36:
88:56:bf:f8:98:1a:e2:18:5a:dd:4a:98:c8:43:4c:
72:ca:8d:c3:25:45:35:75:ca:1a:e2:76:df:fb:43:
02:41:bc:73:e9:74:05:13:09:c6:2b:24:84:08:14:
e0:d1:6a:fa:ad:ca:f3:9f:fa:8f:de:df:46:4f:87:
e8:2e:3b:c9:ed:cb:30:e5:18:9b:03:d8:ee:d6:56:
d7:15:33:f9:04:e2:9e:37:ce:35:3e:2b:c4:7e:f4:
88:76:4e:ec:1c:e5:0b:d8:a5:99:d5:c4:e5:08:e0:
d9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:99:CE:DE:AE:D8:5C:23:CF:A9:E3:12:FE:13:30:DC:EC:BF:02:6C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/apnO3q7YXCPPqeMS_hMw3Oy_Amw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:97:0f:51:80:89:f7:d0:ac:64:c8:11:28:78:7f:aa:74:67:
1b:47:13:af:eb:f0:2c:fa:9f:ab:e2:af:f1:f8:c4:65:8a:20:
e2:48:1b:97:ec:14:45:e5:62:3b:fd:df:6a:c9:83:6a:cd:bb:
1c:86:ce:20:25:f0:d4:86:64:00:48:34:fd:5b:db:ca:9b:9a:
87:31:e4:a3:6e:9e:47:60:1b:0b:b5:32:7f:c3:e3:34:cc:8b:
47:d6:1c:83:a2:1a:dc:c5:6c:e9:37:d2:a2:0b:0e:9c:b0:92:
03:94:06:99:b2:44:73:1c:d9:9e:3d:c2:f6:0b:7f:c9:52:b1:
26:a3:b3:c8:78:3e:a0:20:fb:57:2f:4a:e5:f2:81:be:e6:b0:
b7:fb:c7:e5:0e:23:4f:bd:9e:5f:d9:8e:35:af:eb:81:69:36:
9d:80:f8:54:63:bd:ab:bf:84:b4:52:e4:31:a5:b5:d4:ff:41:
48:65:e5:b9:bd:a0:d8:f7:69:08:e3:5d:57:b9:cb:82:19:67:
41:c2:58:b1:43:1c:38:fc:ee:56:48:22:96:30:61:9c:0f:a4:
c2:8b:58:e1:4a:77:8a:f7:29:06:ec:a3:8c:4e:0b:7c:04:a9:
6e:b2:c1:c5:97:5b:4a:8d:51:20:11:46:fc:32:5a:56:55:78:
11:08:08:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUnUgmTTBsh8O9+egDVGCmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMjIxMDcwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTk5Y2VkZWFlZDg1YzIzY2ZhOWUzMTJmZTEzMzBkY2VjYmYwMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJlcXXwS6tnzxGZerl/jFZ0fEJZ2
g2bzijIYrjUEKLwiqjblzXmWD6ITL5iPdvxpe+KWCCG/BljEpgcecJk7+y2vGmSo
NuGyW6OD9LtdhnF13rT9f8O71VvV8CLUg7cguO/MHZr6mErRCo0/BRZm8MLqqr4j
CspBpIlmwAeEBC7F7UJyupx4cKsGgR74fyMwkkKaYDaIVr/4mBriGFrdSpjIQ0xy
yo3DJUU1dcoa4nbf+0MCQbxz6XQFEwnGKySECBTg0Wr6rcrzn/qP3t9GT4foLjvJ
7csw5RibA9ju1lbXFTP5BOKeN841PivEfvSIdk7sHOUL2KWZ1cTlCODZJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGqZzt6u2Fwjz6njEv4TMNzsvwJsMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvYXBuTzNxN1lYQ1BQcWVNU19oTXczT3lfQW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWJc4AwQC
WNHoMA0GCSqGSIb3DQEBCwUAA4IBAQAOlw9RgIn30KxkyBEoeH+qdGcbRxOv6/As
+p+r4q/x+MRliiDiSBuX7BRF5WI7/d9qyYNqzbschs4gJfDUhmQASDT9W9vKm5qH
MeSjbp5HYBsLtTJ/w+M0zItH1hyDohrcxWzpN9KiCw6csJIDlAaZskRzHNmePcL2
C3/JUrEmo7PIeD6gIPtXL0rl8oG+5rC3+8flDiNPvZ5f2Y41r+uBaTadgPhUY72r
v4S0UuQxpbXU/0FIZeW5vaDY92kI411XucuCGWdBwlixQxw4/O5WSCKWMGGcD6TC
i1jhSneK9ykG7KOMTgt8BKlussHFl1tKjVEgEUb8MlpWVXgRCAhT
-----END CERTIFICATE-----
Generated at Fri May 2 15:00:06 2025 by rpki-client