Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2WoQZheuMaYPbLqN8GMFZwYI3Ls.roa
File: 2WoQZheuMaYPbLqN8GMFZwYI3Ls.roa (raw, json)
Hash identifier: k/iLjwXjUWyQYtoSrRkawjATzEN+Nn8BeEA+F7Re+Oo=
Subject key identifier: D9:6A:10:66:17:AE:31:A6:0F:6C:BA:8D:F0:63:05:67:06:08:DC:BB
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188263796C4C5019E50A66B22701A6204F3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2WoQZheuMaYPbLqN8GMFZwYI3Ls.roa
Signing time: Tue 16 May 2023 20:19:17 +0000
ROA not before: Tue 16 May 2023 20:19:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200017
IP address blocks: 88.216.92.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 May 2023 07:40:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:26:37:96:c4:c5:01:9e:50:a6:6b:22:70:1a:62:04:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 16 20:19:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d96a106617ae31a60f6cba8df06305670608dcbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a6:a8:03:18:38:ea:a6:3e:87:a4:1b:9f:39:
b1:5c:3d:dd:bc:e6:38:ee:88:41:80:1e:23:2b:f3:
37:63:28:23:82:c2:91:bd:26:e8:fb:39:18:d0:75:
7f:cd:7a:cf:27:3f:19:c6:7d:ed:bb:d5:f0:ea:d5:
55:47:95:94:9d:6c:82:a4:80:b1:6c:53:36:9a:f6:
ae:47:f7:c3:57:f6:c2:96:f5:79:ec:0e:c8:20:cb:
52:c3:0b:9e:f3:36:ab:0b:be:66:01:7a:0a:39:9a:
44:51:1e:c9:74:98:e2:ef:02:22:32:9c:b9:78:3a:
4c:db:0b:26:7c:1c:d3:82:eb:55:4f:93:51:36:24:
04:36:d1:b3:d1:e7:a9:c7:82:75:72:fa:15:61:58:
26:6c:af:3c:e3:fb:6b:82:3f:a3:3e:cd:bc:3e:5e:
c4:3e:73:bb:66:bd:5d:40:9e:97:44:8d:60:fa:13:
3e:86:ae:6c:b5:d3:04:db:f2:ea:8f:f3:c1:21:7f:
b0:dd:67:0a:8b:42:9f:72:20:cf:10:98:4b:f6:6d:
0f:e0:98:96:70:5c:7f:4f:ea:6d:40:4e:59:56:c5:
31:de:a5:97:6c:a3:d5:f4:10:f3:88:fa:32:7b:15:
d7:05:bd:0e:a6:b7:18:83:6f:e3:c5:5b:81:21:88:
d5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:6A:10:66:17:AE:31:A6:0F:6C:BA:8D:F0:63:05:67:06:08:DC:BB
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2WoQZheuMaYPbLqN8GMFZwYI3Ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.148.0/24
84.32.156.0/24
88.216.36.0/24
88.216.92.0/24
Signature Algorithm: sha256WithRSAEncryption
93:82:d6:56:30:b3:73:4d:c3:11:a6:ba:15:45:2c:d8:54:75:
a4:d0:83:d4:5d:9f:4d:43:c8:e6:ef:69:9e:55:8c:60:21:a2:
dd:03:71:4f:64:30:85:b7:90:fe:de:83:f9:58:db:7f:02:36:
23:54:aa:f0:5f:77:ad:86:b8:6f:f8:fb:1c:a2:b5:71:b4:eb:
66:e5:ee:ae:92:a1:89:0f:2e:97:51:db:39:84:bb:d8:5f:0b:
bb:d5:33:f1:4b:9b:3e:c9:97:46:f6:38:a3:a2:53:62:87:0b:
71:a6:d7:ab:31:f5:7b:e9:b1:35:a3:5c:12:39:b4:33:c5:61:
57:da:52:87:de:49:45:35:b1:a7:62:49:d8:d4:cb:64:8f:52:
e9:b4:c5:f7:a0:40:76:33:36:34:c1:7f:23:72:4e:ba:5b:b0:
02:0a:9a:8d:be:67:63:89:26:37:db:42:bc:b5:e9:f5:97:83:
ba:66:e4:90:7c:8f:64:83:49:4b:c6:20:03:92:7e:a5:70:97:
2e:ce:ff:78:59:8b:a4:03:63:3a:63:cf:bf:b1:3b:fc:05:a3:
53:94:26:58:83:8d:6b:42:aa:01:37:9c:b4:d3:68:d6:48:0a:
cb:37:99:75:74:7f:0e:30:8c:bb:c5:55:9f:e6:1d:f8:56:3e:
31:8e:76:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgmN5bExQGeUKZrInAaYgTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTE2MjAxOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTZhMTA2NjE3YWUzMWE2MGY2Y2JhOGRmMDYzMDU2NzA2MDhkY2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaaoAxg46qY+h6QbnzmxXD3dvOY4
7ohBgB4jK/M3YygjgsKRvSbo+zkY0HV/zXrPJz8Zxn3tu9Xw6tVVR5WUnWyCpICx
bFM2mvauR/fDV/bClvV57A7IIMtSwwue8zarC75mAXoKOZpEUR7JdJji7wIiMpy5
eDpM2wsmfBzTgutVT5NRNiQENtGz0eepx4J1cvoVYVgmbK884/trgj+jPs28Pl7E
PnO7Zr1dQJ6XRI1g+hM+hq5stdME2/Lqj/PBIX+w3WcKi0KfciDPEJhL9m0P4JiW
cFx/T+ptQE5ZVsUx3qWXbKPV9BDziPoyexXXBb0OprcYg2/jxVuBIYjVcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNlqEGYXrjGmD2y6jfBjBWcGCNy7MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMldvUVpoZXVNYVlQYkxxTjhHTUZad1lJM0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCCUAwQA
VCCcAwQAWNgkAwQAWNhcMA0GCSqGSIb3DQEBCwUAA4IBAQCTgtZWMLNzTcMRproV
RSzYVHWk0IPUXZ9NQ8jm72meVYxgIaLdA3FPZDCFt5D+3oP5WNt/AjYjVKrwX3et
hrhv+PscorVxtOtm5e6ukqGJDy6XUds5hLvYXwu71TPxS5s+yZdG9jijolNihwtx
pterMfV76bE1o1wSObQzxWFX2lKH3klFNbGnYknY1Mtkj1LptMX3oEB2MzY0wX8j
ck66W7ACCpqNvmdjiSY320K8ten1l4O6ZuSQfI9kg0lLxiADkn6lcJcuzv94WYuk
A2M6Y8+/sTv8BaNTlCZYg41rQqoBN5y002jWSArLN5l1dH8OMIy7xVWf5h34Vj4x
jnbe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:23 2024 by rpki-client on console-ams.rpki-client.org