Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4KJwOJbc1eHLHTrVzfPMF9nnqJ0.roa
File: 4KJwOJbc1eHLHTrVzfPMF9nnqJ0.roa (raw, json)
Hash identifier: Qj/Ha9FJJP+d/n+iyk4I8CiNZB/oLKrrWv8z9qG78Uo=
Subject key identifier: E0:A2:70:38:96:DC:D5:E1:CB:1D:3A:D5:CD:F3:CC:17:D9:E7:A8:9D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CAF93A6A504F9A51ED79778F6EEE90C56
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4KJwOJbc1eHLHTrVzfPMF9nnqJ0.roa
Signing time: Thu 28 Dec 2023 08:38:58 +0000
ROA not before: Thu 28 Dec 2023 08:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201575
IP address blocks: 88.216.208.0/24 maxlen: 24
84.32.249.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:93:a6:a5:04:f9:a5:1e:d7:97:78:f6:ee:e9:0c:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 28 08:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0a2703896dcd5e1cb1d3ad5cdf3cc17d9e7a89d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1d:ea:11:b2:2c:96:e4:ae:1d:ab:6a:d5:1a:
16:15:9c:9a:7b:77:08:6d:c7:96:2a:14:59:ae:af:
3e:5d:59:ff:a3:ea:46:ae:06:ec:25:e2:62:92:46:
9f:e3:39:63:50:54:ae:60:5a:b2:43:da:f8:79:7f:
95:a7:09:59:1a:5b:72:6a:47:8b:b6:ab:88:e9:80:
44:e6:b6:a9:0a:75:e4:76:18:58:60:b9:4b:e7:be:
81:2f:cc:8f:18:7d:8b:03:f7:1d:7f:05:3c:ee:24:
1b:35:87:df:58:50:1c:0b:7e:12:88:e8:6c:22:27:
ca:02:f6:3f:4d:28:f8:fa:07:17:66:44:46:18:87:
1d:aa:09:44:c3:bb:08:1f:9d:cb:97:39:86:5b:92:
e0:05:52:a3:51:92:85:b0:0e:3e:6b:15:55:4b:1b:
86:5e:75:65:40:d1:d4:f1:91:8a:b8:5b:48:4a:82:
eb:cb:d8:47:2e:40:8a:fd:33:5d:7b:65:d7:06:b1:
ca:e1:5f:13:44:dd:8a:23:27:28:a8:de:9d:df:45:
c6:68:a2:b8:ca:36:0b:21:99:59:dc:37:fc:6b:7f:
e6:42:b0:da:31:60:3b:7f:fc:aa:07:e9:b2:2f:de:
8b:9b:7d:dd:0b:67:8b:2f:dd:ca:6b:e4:21:87:97:
80:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A2:70:38:96:DC:D5:E1:CB:1D:3A:D5:CD:F3:CC:17:D9:E7:A8:9D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4KJwOJbc1eHLHTrVzfPMF9nnqJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.249.0/24
88.216.208.0/24
Signature Algorithm: sha256WithRSAEncryption
88:df:e5:ff:ff:ff:94:4e:95:8d:bb:8a:d1:49:b1:86:12:3d:
b0:5a:cd:30:61:18:25:44:43:43:9f:be:f9:d2:be:58:84:56:
26:32:41:65:0e:5e:e1:94:8a:ec:70:bc:55:fb:68:d8:5a:93:
7a:38:17:f8:35:43:a6:20:d7:c4:b0:c7:d4:fd:73:f0:17:3a:
ef:2b:6d:aa:d1:84:aa:6f:16:64:68:f9:75:e0:4e:c0:cf:f1:
06:44:7b:7f:7d:58:67:fe:be:fa:e7:d0:8e:3f:87:ab:8b:43:
63:33:95:3c:db:4a:65:f9:67:0f:b4:c7:8c:99:dc:5d:08:fa:
a9:95:f2:3d:01:61:15:10:d3:0d:23:7a:4e:dc:33:68:6d:96:
49:5c:23:dc:82:eb:b9:03:7d:44:d0:f0:e4:a9:f2:96:7e:23:
c2:88:b0:7e:e5:f4:41:aa:f3:3f:5d:e1:f2:fc:41:48:c7:29:
b0:92:d5:38:e6:6a:de:62:8e:0b:c0:06:a4:29:aa:d0:4e:11:
40:d3:ca:e5:e2:bc:5e:2b:cb:21:6a:5c:6f:e6:13:eb:cc:8e:
b7:b8:18:ff:bb:c8:44:2e:18:39:c8:08:84:68:49:5f:ff:8c:
ba:8a:77:40:7a:e6:4f:7d:28:e1:a8:b1:ad:76:11:4e:89:fc:
63:b4:d0:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyvk6alBPmlHteXePbu6QxWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMjI4MDgzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGEyNzAzODk2ZGNkNWUxY2IxZDNhZDVjZGYzY2MxN2Q5ZTdhODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwB3qEbIsluSuHatq1RoWFZyae3cI
bceWKhRZrq8+XVn/o+pGrgbsJeJikkaf4zljUFSuYFqyQ9r4eX+VpwlZGltyakeL
tquI6YBE5rapCnXkdhhYYLlL576BL8yPGH2LA/cdfwU87iQbNYffWFAcC34SiOhs
IifKAvY/TSj4+gcXZkRGGIcdqglEw7sIH53LlzmGW5LgBVKjUZKFsA4+axVVSxuG
XnVlQNHU8ZGKuFtISoLry9hHLkCK/TNde2XXBrHK4V8TRN2KIycoqN6d30XGaKK4
yjYLIZlZ3Df8a3/mQrDaMWA7f/yqB+myL96Lm33dC2eLL93Ka+Qhh5eAZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOCicDiW3NXhyx061c3zzBfZ56idMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNEtKd09KYmMxZUhMSFRyVnpmUE1GOW5ucUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCD5AwQA
WNjQMA0GCSqGSIb3DQEBCwUAA4IBAQCI3+X///+UTpWNu4rRSbGGEj2wWs0wYRgl
RENDn7750r5YhFYmMkFlDl7hlIrscLxV+2jYWpN6OBf4NUOmINfEsMfU/XPwFzrv
K22q0YSqbxZkaPl14E7Az/EGRHt/fVhn/r7659COP4eri0NjM5U820pl+WcPtMeM
mdxdCPqplfI9AWEVENMNI3pO3DNobZZJXCPcguu5A31E0PDkqfKWfiPCiLB+5fRB
qvM/XeHy/EFIxymwktU45mreYo4LwAakKarQThFA08rl4rxeK8shalxv5hPrzI63
uBj/u8hELhg5yAiEaElf/4y6indAeuZPfSjhqLGtdhFOifxjtNAe
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:49 2024 by rpki-client on console-fra.rpki-client.org