Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zWxMII0GWXV8bZa9PluaQ8bVaTE.roa
File: zWxMII0GWXV8bZa9PluaQ8bVaTE.roa (raw, json)
Hash identifier: IaxY3DRHiDy8QJWCH1XY2KYdc2mEXIvqSvU0cgJ3tr0=
Subject key identifier: CD:6C:4C:20:8D:06:59:75:7C:6D:96:BD:3E:5B:9A:43:C6:D5:69:31
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0194C0F320EA78F2A5E1B9F378DE6FB07D83
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zWxMII0GWXV8bZa9PluaQ8bVaTE.roa
Signing time: Sat 01 Feb 2025 09:59:06 +0000
ROA not before: Sat 01 Feb 2025 09:59:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 88.151.56.0/23 maxlen: 24
88.209.232.0/22 maxlen: 24
88.209.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Feb 2025 13:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c0:f3:20:ea:78:f2:a5:e1:b9:f3:78:de:6f:b0:7d:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 1 09:59:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd6c4c208d0659757c6d96bd3e5b9a43c6d56931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f9:59:79:04:85:17:fb:ef:d6:63:73:9f:3e:
0e:92:9c:2a:63:21:94:63:68:41:b7:38:fb:ea:80:
27:58:a6:0c:e5:36:76:63:b2:fa:5a:f0:e6:cd:87:
1c:f8:61:0f:55:99:b8:71:78:d4:86:a3:43:9f:1d:
d9:d0:82:e1:32:d1:d4:b7:2c:32:fa:92:85:d8:6a:
99:76:78:45:b6:df:71:a1:25:af:e2:86:5e:31:9f:
ea:09:a0:83:11:b6:f6:21:47:fa:01:f7:b6:ab:d4:
8b:3a:7e:f4:46:ad:ba:49:b9:ef:74:69:0e:1e:4c:
ea:aa:de:8b:b4:bb:7c:64:55:cb:ca:80:6f:d0:5f:
ef:38:2e:35:8d:f0:01:29:fa:93:5d:6c:52:b0:5c:
7f:e6:ee:d1:cf:01:63:32:52:be:bc:3c:d7:99:d9:
13:7e:c9:c6:c9:31:9a:65:20:af:c5:8c:13:0b:ff:
a9:22:ed:a4:f5:68:b7:08:e4:b8:45:df:db:a7:82:
92:7d:f9:5d:41:65:a3:9f:56:b8:e5:3c:41:fa:d6:
1e:c0:fa:60:1a:5d:45:8f:22:d9:29:b0:72:b3:12:
10:e8:48:c1:64:83:c2:0d:c0:b4:cb:50:19:e4:a9:
9c:b9:2b:3e:00:2c:72:82:64:05:14:da:21:f5:9e:
85:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:6C:4C:20:8D:06:59:75:7C:6D:96:BD:3E:5B:9A:43:C6:D5:69:31
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zWxMII0GWXV8bZa9PluaQ8bVaTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.232.0/22
88.209.244.0/24
Signature Algorithm: sha256WithRSAEncryption
87:dd:0b:41:15:3c:1d:d0:59:b5:0c:57:59:f2:e2:63:56:bb:
76:05:6b:fd:80:98:a7:77:4d:83:96:79:9a:3b:07:58:b7:03:
71:ff:db:25:56:5f:2d:6e:80:c9:8d:10:eb:15:76:aa:68:fb:
75:35:8d:9f:55:93:30:87:53:61:7c:5d:07:45:4c:f8:07:3b:
55:47:39:3b:e9:8c:9e:16:fc:67:80:2e:f8:98:59:3d:b6:ad:
5f:aa:44:af:ec:d9:cf:e9:ed:5e:76:b3:24:e5:27:06:76:41:
49:f7:8b:45:2d:e5:e2:65:bd:2d:a8:c9:1d:d2:45:7a:47:9f:
ba:01:6b:98:ff:a2:ce:04:97:fa:b1:1d:55:13:68:a8:62:55:
55:67:7e:8d:70:19:65:8c:99:c6:c1:6f:85:f5:7e:6e:34:97:
76:28:88:84:8d:ac:2a:96:d6:3a:11:9e:72:85:3d:d9:a8:15:
0b:5f:db:e6:d6:b7:c8:7e:c6:49:f1:e4:da:a9:f6:29:53:b0:
32:84:dd:fa:86:7c:c0:5b:66:fe:21:eb:9e:28:b1:ee:61:37:
bd:c1:70:46:69:29:2d:d9:3a:53:72:fb:7b:3d:54:e6:28:8c:
78:07:0d:07:f6:c5:01:97:65:75:aa:32:0d:c8:8f:bb:a0:ac:
12:65:53:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTA8yDqePKl4bnzeN5vsH2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMjAxMDk1OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDZjNGMyMDhkMDY1OTc1N2M2ZDk2YmQzZTViOWE0M2M2ZDU2OTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1flZeQSFF/vv1mNznz4OkpwqYyGU
Y2hBtzj76oAnWKYM5TZ2Y7L6WvDmzYcc+GEPVZm4cXjUhqNDnx3Z0ILhMtHUtywy
+pKF2GqZdnhFtt9xoSWv4oZeMZ/qCaCDEbb2IUf6Afe2q9SLOn70Rq26SbnvdGkO
Hkzqqt6LtLt8ZFXLyoBv0F/vOC41jfABKfqTXWxSsFx/5u7RzwFjMlK+vDzXmdkT
fsnGyTGaZSCvxYwTC/+pIu2k9Wi3COS4Rd/bp4KSffldQWWjn1a45TxB+tYewPpg
Gl1FjyLZKbBysxIQ6EjBZIPCDcC0y1AZ5KmcuSs+ACxygmQFFNoh9Z6FMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM1sTCCNBll1fG2WvT5bmkPG1WkxMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEveld4TUlJMEdXWFY4YlphOVBsdWFROGJWYVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWJc4AwQC
WNHoAwQAWNH0MA0GCSqGSIb3DQEBCwUAA4IBAQCH3QtBFTwd0Fm1DFdZ8uJjVrt2
BWv9gJind02DlnmaOwdYtwNx/9slVl8tboDJjRDrFXaqaPt1NY2fVZMwh1NhfF0H
RUz4BztVRzk76YyeFvxngC74mFk9tq1fqkSv7NnP6e1edrMk5ScGdkFJ94tFLeXi
Zb0tqMkd0kV6R5+6AWuY/6LOBJf6sR1VE2ioYlVVZ36NcBlljJnGwW+F9X5uNJd2
KIiEjawqltY6EZ5yhT3ZqBULX9vm1rfIfsZJ8eTaqfYpU7AyhN36hnzAW2b+Ieue
KLHuYTe9wXBGaSkt2TpTcvt7PVTmKIx4Bw0H9sUBl2V1qjINyI+7oKwSZVPm
-----END CERTIFICATE-----
Generated at Sun May 11 20:16:25 2025 by rpki-client