Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-QCOE3t0IwjKW2AEJp5grmyq-GA.roa
File: 1-QCOE3t0IwjKW2AEJp5grmyq-GA.roa (raw, json)
Hash identifier: yeuY26A+hhWKV2inKY+7oobyhAxgcIdwbxRQhjtLGRE=
Subject key identifier: F9:00:8E:13:7B:74:23:08:CA:5B:60:04:26:9E:60:AE:6C:AA:F8:60
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFBF707C38926AA01A75F3424372BE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-QCOE3t0IwjKW2AEJp5grmyq-GA.roa
Signing time: Sun 01 Jan 2023 18:54:49 +0000
ROA not before: Sun 01 Jan 2023 18:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53356
IP address blocks: 88.216.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Feb 2023 14:44:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:bf:70:7c:38:92:6a:a0:1a:75:f3:42:43:72:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9008e137b742308ca5b6004269e60ae6caaf860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:10:5a:1c:04:bc:45:f6:9c:a5:29:0f:1b:17:
03:01:14:db:63:57:53:1c:22:ca:ad:cb:bc:b5:64:
ae:4c:ab:b9:5b:17:2b:64:24:b5:57:2c:6e:03:4d:
a7:f0:9a:8e:ce:ae:78:09:cb:48:96:1c:1b:fb:d8:
41:77:db:2a:db:76:81:b2:4d:0b:23:4c:a3:3a:d8:
58:d9:05:ad:bc:67:1c:3d:fc:ea:aa:aa:af:3b:5d:
31:01:49:f7:4b:ba:40:f1:74:ec:35:0d:fc:cd:1e:
4e:2b:7c:15:a0:a1:d5:f7:98:35:7a:88:c2:43:42:
5a:24:93:8f:f2:63:a3:1c:37:8e:a3:02:56:d7:1d:
f5:c8:db:ff:08:b2:ff:d1:31:4f:29:f7:85:4f:18:
42:41:72:9f:70:af:33:8a:13:16:ab:6b:51:1f:11:
28:1a:b2:5f:7e:7a:49:ae:9b:41:f2:6b:9a:66:02:
1f:14:a0:f5:3f:8b:96:bf:b2:9c:28:5c:3c:3f:9f:
ad:17:6d:52:a1:37:d9:67:23:79:6b:7d:ba:be:1e:
6f:93:38:d1:09:f6:6a:84:0c:b5:94:e1:38:99:6c:
c5:8e:e0:90:d7:7b:9d:bb:da:e6:ab:08:91:aa:aa:
96:81:b7:26:b9:c7:91:35:6b:04:ab:ec:63:bd:59:
8f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:00:8E:13:7B:74:23:08:CA:5B:60:04:26:9E:60:AE:6C:AA:F8:60
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-QCOE3t0IwjKW2AEJp5grmyq-GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.94.0/24
Signature Algorithm: sha256WithRSAEncryption
28:95:c0:b3:b4:3f:1e:af:9e:21:07:6f:06:d2:46:a2:5a:3c:
f8:3c:0c:a5:f1:82:13:a1:d2:0d:0f:0e:be:85:c2:95:d6:87:
f0:89:97:81:74:9f:ae:6d:ac:72:f0:d6:66:a9:63:ad:8f:9c:
4d:29:6e:3f:10:58:b1:78:db:64:99:7a:dd:b4:4b:93:41:a2:
2f:4a:44:00:d8:f6:e5:74:87:62:17:bf:93:f5:ad:a5:b5:35:
5e:27:59:d4:6d:2b:30:73:a8:ad:63:e5:79:30:5a:5e:11:4f:
29:0f:6c:f9:83:cf:91:4a:d5:98:5b:55:03:c1:c9:9b:60:59:
dc:bb:c6:9a:06:fb:57:5d:eb:4b:c8:22:38:98:3e:b9:d4:ce:
39:aa:bb:87:21:18:1b:9d:0b:7f:54:29:e1:71:2c:b5:77:e8:
51:dc:9d:90:8c:24:79:c6:8c:11:83:67:c3:8e:ee:f8:82:20:
78:b9:49:9d:dc:11:31:69:05:ed:a3:bd:12:51:c9:33:2f:fb:
fc:7a:66:1e:88:17:27:59:f5:73:2e:f4:7e:9e:a2:d5:3f:22:
16:bd:30:c5:e8:25:2b:8a:0e:b9:af:a9:0a:31:87:a0:41:7b:
30:8f:f6:cd:b9:19:00:12:87:bc:fe:cb:db:a3:01:7f:f5:d9:
0b:51:64:44
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVur79wfDiSaqAadfNCQ3K+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTAwOGUxMzdiNzQyMzA4Y2E1YjYwMDQyNjllNjBhZTZjYWFmODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBBaHAS8RfacpSkPGxcDARTbY1dT
HCLKrcu8tWSuTKu5WxcrZCS1VyxuA02n8JqOzq54CctIlhwb+9hBd9sq23aBsk0L
I0yjOthY2QWtvGccPfzqqqqvO10xAUn3S7pA8XTsNQ38zR5OK3wVoKHV95g1eojC
Q0JaJJOP8mOjHDeOowJW1x31yNv/CLL/0TFPKfeFTxhCQXKfcK8zihMWq2tRHxEo
GrJffnpJrptB8muaZgIfFKD1P4uWv7KcKFw8P5+tF21SoTfZZyN5a326vh5vkzjR
CfZqhAy1lOE4mWzFjuCQ13udu9rmqwiRqqqWgbcmuceRNWsEq+xjvVmPZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkAjhN7dCMIyltgBCaeYK5sqvhgMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS1RQ09FM3QwSXdqS1cyQUVKcDVncm15cS1HQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFjYXjAN
BgkqhkiG9w0BAQsFAAOCAQEAKJXAs7Q/Hq+eIQdvBtJGolo8+DwMpfGCE6HSDQ8O
voXCldaH8ImXgXSfrm2scvDWZqljrY+cTSluPxBYsXjbZJl63bRLk0GiL0pEANj2
5XSHYhe/k/WtpbU1XidZ1G0rMHOorWPleTBaXhFPKQ9s+YPPkUrVmFtVA8HJm2BZ
3LvGmgb7V13rS8giOJg+udTOOaq7hyEYG50Lf1Qp4XEstXfoUdydkIwkecaMEYNn
w47u+IIgeLlJndwRMWkF7aO9ElHJMy/7/HpmHogXJ1n1cy70fp6i1T8iFr0wxegl
K4oOua+pCjGHoEF7MI/2zbkZABKHvP7L26MBf/XZC1FkRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:23 2024 by rpki-client on console-ams.rpki-client.org