Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/553aqLhlm2vBG8PavVTHqXMfL6I.roa
File: 553aqLhlm2vBG8PavVTHqXMfL6I.roa (raw, json)
Hash identifier: E+AkBl4NCJZwdCKRkm4mloa3m6tk+coIJnW1s3z8QJE=
Subject key identifier: E7:9D:DA:A8:B8:65:9B:6B:C1:1B:C3:DA:BD:54:C7:A9:73:1F:2F:A2
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018640E7A54DD1ED838D0B275E593C7BD557
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/553aqLhlm2vBG8PavVTHqXMfL6I.roa
Signing time: Sat 11 Feb 2023 14:36:08 +0000
ROA not before: Sat 11 Feb 2023 14:36:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135752
IP address blocks: 88.216.17.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
84.32.27.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 07:36:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:40:e7:a5:4d:d1:ed:83:8d:0b:27:5e:59:3c:7b:d5:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 11 14:36:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e79ddaa8b8659b6bc11bc3dabd54c7a9731f2fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8c:3c:90:a9:2b:09:cd:de:c0:82:ec:7e:bc:
d7:c0:9a:6e:5e:07:67:d1:43:97:a3:00:79:0e:83:
39:ea:5c:3d:c1:dc:a9:c6:ad:64:d6:3c:b9:27:16:
52:b2:8f:40:a3:b1:08:0b:6d:c1:bc:ae:2c:5e:ec:
a2:2b:00:87:d5:82:66:6b:25:c5:1f:7c:9c:cf:91:
0a:b8:75:72:5b:9d:6c:e3:70:86:65:e0:a8:34:e1:
89:ff:76:7d:61:00:70:df:c3:39:73:af:4e:42:6a:
6e:c5:02:5f:fc:e8:68:13:70:ad:78:c3:36:8b:3a:
b2:2d:4a:3b:b4:5a:c2:62:b5:20:c1:d6:47:70:d9:
76:ed:23:db:2e:cf:b5:b4:bb:4e:c2:af:bd:d7:9c:
f4:db:81:f8:41:ee:1d:20:27:e2:94:b4:2b:57:c2:
1e:98:26:89:6e:4f:64:4f:a4:41:73:21:f8:70:ff:
f7:20:06:fe:a7:7e:6b:33:4e:72:e7:30:bd:7f:e5:
d7:6e:ca:e2:6b:13:ed:1b:c5:0c:9d:3d:d7:79:0d:
74:b2:64:98:f9:d8:ae:73:46:b9:75:30:34:1f:61:
dd:65:49:12:12:9e:78:2e:41:8e:38:97:5d:54:fd:
6f:7f:2e:34:9a:b2:dc:8d:b1:e8:bd:69:99:1c:56:
9c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:9D:DA:A8:B8:65:9B:6B:C1:1B:C3:DA:BD:54:C7:A9:73:1F:2F:A2
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/553aqLhlm2vBG8PavVTHqXMfL6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.27.0/24
88.216.16.0/23
88.216.133.0/24
Signature Algorithm: sha256WithRSAEncryption
28:02:1e:b8:49:dd:72:f3:80:e2:a4:c9:04:16:95:75:35:e9:
cd:fc:2d:97:ee:22:a1:30:1e:31:7c:e4:12:04:41:fc:50:61:
33:a4:9d:34:d9:96:a4:f0:e4:b5:e9:44:91:44:8d:f3:ca:db:
b3:d9:f9:40:0e:dc:c1:69:55:5c:37:40:2d:22:26:fd:d0:49:
06:3d:92:5f:86:4a:b3:90:d5:16:94:f6:f1:30:8d:b7:dc:08:
a4:b3:09:e6:42:71:78:a6:76:c4:ba:22:bc:23:27:a8:91:43:
43:b3:61:5c:a0:89:fe:db:9f:d5:c6:30:a5:78:e3:d8:96:6c:
09:cb:b2:f8:cc:10:8a:53:c0:b2:87:d5:22:b4:6c:5f:df:4f:
0b:b4:c7:e2:e3:18:75:2e:b5:4f:4c:67:7c:34:b8:22:48:9b:
f8:db:00:b4:63:e3:56:02:a1:ca:ac:c1:9b:16:01:47:85:1a:
bd:1c:37:c5:b1:65:12:d5:1a:40:ec:b4:7f:0f:ea:59:14:f0:
92:65:11:01:73:92:4e:ae:52:38:84:9d:d8:d7:04:af:be:5b:
ee:b2:b0:9d:5e:48:2a:5b:94:33:65:31:97:46:6d:f1:2e:f8:
b2:9b:f8:f6:89:da:0c:13:6a:02:b5:34:37:50:c4:32:99:ab:
42:4e:1b:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZA56VN0e2DjQsnXlk8e9VXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjExMTQzNjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzlkZGFhOGI4NjU5YjZiYzExYmMzZGFiZDU0YzdhOTczMWYyZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYw8kKkrCc3ewILsfrzXwJpuXgdn
0UOXowB5DoM56lw9wdypxq1k1jy5JxZSso9Ao7EIC23BvK4sXuyiKwCH1YJmayXF
H3ycz5EKuHVyW51s43CGZeCoNOGJ/3Z9YQBw38M5c69OQmpuxQJf/OhoE3CteMM2
izqyLUo7tFrCYrUgwdZHcNl27SPbLs+1tLtOwq+915z024H4Qe4dICfilLQrV8Ie
mCaJbk9kT6RBcyH4cP/3IAb+p35rM05y5zC9f+XXbsriaxPtG8UMnT3XeQ10smSY
+diuc0a5dTA0H2HdZUkSEp54LkGOOJddVP1vfy40mrLcjbHovWmZHFacOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOed2qi4ZZtrwRvD2r1Ux6lzHy+iMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNTUzYXFMaGxtMnZCRzhQYXZWVEhxWE1mTDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAbAwQB
WNgQAwQAWNiFMA0GCSqGSIb3DQEBCwUAA4IBAQAoAh64Sd1y84DipMkEFpV1NenN
/C2X7iKhMB4xfOQSBEH8UGEzpJ002Zak8OS16USRRI3zytuz2flADtzBaVVcN0At
Iib90EkGPZJfhkqzkNUWlPbxMI233AikswnmQnF4pnbEuiK8IyeokUNDs2FcoIn+
25/VxjCleOPYlmwJy7L4zBCKU8Cyh9UitGxf308LtMfi4xh1LrVPTGd8NLgiSJv4
2wC0Y+NWAqHKrMGbFgFHhRq9HDfFsWUS1RpA7LR/D+pZFPCSZREBc5JOrlI4hJ3Y
1wSvvlvusrCdXkgqW5QzZTGXRm3xLviym/j2idoME2oCtTQ3UMQymatCThtM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org