Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/H86NQDgbICwnw-L0Oio2OOUwA44.roa
File: H86NQDgbICwnw-L0Oio2OOUwA44.roa (raw, json)
Hash identifier: KX/CCO6yu0UBW8Z1duf1LazFuQZSTkSAHzVMHzNhGEs=
Subject key identifier: 1F:CE:8D:40:38:1B:20:2C:27:C3:E2:F4:3A:2A:36:38:E5:30:03:8E
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 01856C780FE30D92F735F7D2057C8E1FC653
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/H86NQDgbICwnw-L0Oio2OOUwA44.roa
Signing time: Sun 01 Jan 2023 08:34:45 +0000
ROA not before: Sun 01 Jan 2023 08:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51765
IP address blocks: 88.214.2.0/23 maxlen: 23
88.214.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 04 Jan 2023 02:02:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:0f:e3:0d:92:f7:35:f7:d2:05:7c:8e:1f:c6:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Jan 1 08:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fce8d40381b202c27c3e2f43a2a3638e530038e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7f:bc:81:99:1b:3c:6c:75:93:92:07:bd:b0:
25:b6:6b:af:42:87:c0:64:7e:f7:f6:ee:d6:8d:9f:
2f:92:61:1a:3c:29:af:88:a8:5b:6a:5f:54:c4:ca:
4a:36:d3:37:57:3f:5b:fd:14:28:ad:9e:73:a7:32:
1e:04:bb:f4:a6:53:db:5f:8c:fc:43:e9:d1:20:fb:
bf:a1:ba:dd:51:25:78:ef:0f:a9:06:e8:d2:7e:f6:
e4:35:e6:bd:af:31:4d:87:df:6f:4b:3b:42:11:64:
2d:24:66:88:b8:3d:f2:06:d7:7e:06:23:60:ad:91:
ca:7a:c8:2a:f0:0a:22:3f:1d:74:09:f8:67:83:99:
f7:19:13:50:3a:c3:c1:15:d3:5f:14:c2:81:3e:e9:
91:9f:c8:7c:03:de:ba:e9:71:b7:b0:b1:8d:28:9b:
d3:3a:8d:85:ab:e3:61:f6:52:ee:95:4f:26:b3:d2:
d3:2b:4d:23:d3:cb:e4:80:02:0a:c1:3e:dc:f5:05:
b9:dd:84:67:8e:79:be:c7:11:ac:07:c1:39:bb:0c:
e1:6e:be:fd:e7:91:70:3f:75:d6:fd:27:e1:f4:11:
a6:c0:6f:ea:70:a5:4f:51:d2:6c:e0:3f:0e:0d:ae:
23:8a:70:e3:e2:f6:89:4c:9c:67:a4:d9:33:40:ee:
e2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:CE:8D:40:38:1B:20:2C:27:C3:E2:F4:3A:2A:36:38:E5:30:03:8E
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/H86NQDgbICwnw-L0Oio2OOUwA44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.0.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:09:3e:8a:08:95:74:85:21:9b:eb:bb:17:d3:fb:c2:11:e0:
b8:e3:3a:ae:e2:ad:02:f1:a6:75:8d:a5:3e:12:7d:0c:c2:19:
f9:68:aa:6c:d3:cc:78:37:2f:c3:6a:8e:2e:d8:1d:d5:90:91:
d6:b8:0f:58:33:71:db:6f:e7:22:4e:f3:35:a5:01:8d:31:6d:
75:c9:98:77:13:f0:61:55:9a:32:f6:44:88:b3:43:66:a7:fa:
fe:d0:37:58:9f:58:ad:ff:b1:79:7b:fe:a5:0b:ee:20:90:d7:
95:45:29:3c:5a:26:e6:79:3e:79:f8:82:29:ec:ab:db:73:ec:
3a:28:db:a9:8a:de:1c:16:52:e5:a1:60:80:32:b3:b8:ae:da:
2b:33:76:99:79:48:a1:1f:2d:09:ee:f6:90:a7:ef:99:be:be:
a2:a3:6a:18:da:aa:e5:83:2c:4d:a7:fb:3e:9b:60:98:38:a6:
70:be:b8:36:4a:0f:13:38:10:18:02:17:88:37:fb:83:02:6e:
b5:5d:7d:03:58:e8:d9:74:56:a7:7f:10:fd:9d:1f:26:b7:7a:
81:4b:9c:6d:c4:8f:cd:49:c0:c2:ef:0b:b3:14:8b:6d:b6:0c:
4f:10:c8:c9:1b:90:de:f6:4c:ff:bd:8d:11:5b:77:08:2e:4f:
35:e8:59:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseA/jDZL3NffSBXyOH8ZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMwMTAxMDgzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmNlOGQ0MDM4MWIyMDJjMjdjM2UyZjQzYTJhMzYzOGU1MzAwMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn+8gZkbPGx1k5IHvbAltmuvQofA
ZH739u7WjZ8vkmEaPCmviKhbal9UxMpKNtM3Vz9b/RQorZ5zpzIeBLv0plPbX4z8
Q+nRIPu/obrdUSV47w+pBujSfvbkNea9rzFNh99vSztCEWQtJGaIuD3yBtd+BiNg
rZHKesgq8AoiPx10Cfhng5n3GRNQOsPBFdNfFMKBPumRn8h8A9666XG3sLGNKJvT
Oo2Fq+Nh9lLulU8ms9LTK00j08vkgAIKwT7c9QW53YRnjnm+xxGsB8E5uwzhbr79
55FwP3XW/Sfh9BGmwG/qcKVPUdJs4D8ODa4jinDj4vaJTJxnpNkzQO7iWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/OjUA4GyAsJ8Pi9DoqNjjlMAOOMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvSDg2TlFEZ2JJQ3dudy1MME9pbzJPT1V3QTQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNYAMA0G
CSqGSIb3DQEBCwUAA4IBAQBaCT6KCJV0hSGb67sX0/vCEeC44zqu4q0C8aZ1jaU+
En0Mwhn5aKps08x4Ny/Dao4u2B3VkJHWuA9YM3Hbb+ciTvM1pQGNMW11yZh3E/Bh
VZoy9kSIs0Nmp/r+0DdYn1it/7F5e/6lC+4gkNeVRSk8WibmeT55+IIp7Kvbc+w6
KNupit4cFlLloWCAMrO4rtorM3aZeUihHy0J7vaQp++Zvr6io2oY2qrlgyxNp/s+
m2CYOKZwvrg2Sg8TOBAYAheIN/uDAm61XX0DWOjZdFanfxD9nR8mt3qBS5xtxI/N
ScDC7wuzFItttgxPEMjJG5De9kz/vY0RW3cILk816Fnj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:16 2024 by rpki-client on console-fra.rpki-client.org