Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5rKvHvIZBABK5UpU4ysKMSaZycg.roa
File: 5rKvHvIZBABK5UpU4ysKMSaZycg.roa (raw, json)
Hash identifier: ddoPs0lxxtttgN8qaHQqEucBfM6QKAAgZ2WhPsKSkW8=
Subject key identifier: E6:B2:AF:1E:F2:19:04:00:4A:E5:4A:54:E3:2B:0A:31:26:99:C9:C8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018D7D490C6F09C6F62D282D070D5058474E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5rKvHvIZBABK5UpU4ysKMSaZycg.roa
Signing time: Tue 06 Feb 2024 07:19:15 +0000
ROA not before: Tue 06 Feb 2024 07:19:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43289
IP address blocks: 88.216.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 17:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:49:0c:6f:09:c6:f6:2d:28:2d:07:0d:50:58:47:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 6 07:19:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6b2af1ef21904004ae54a54e32b0a312699c9c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ef:fa:34:29:34:9d:b9:4e:5a:f7:c5:bf:ac:
b6:3e:1e:77:5f:c2:38:67:82:e0:d0:55:44:cc:e1:
59:2d:15:90:91:c3:6a:a2:c3:5c:b1:2d:d5:c5:fd:
e3:c3:33:91:03:3c:21:a6:39:a1:10:86:34:bf:df:
02:44:bf:32:cd:67:59:e1:b6:7d:db:e3:d5:63:d6:
95:ba:d9:b1:81:af:93:80:4f:02:bb:63:f3:9e:ed:
ec:90:bd:4c:7b:d2:89:5a:d3:67:11:5d:fc:ba:0f:
25:67:7b:f9:08:45:8c:bb:10:f1:8d:32:64:81:8b:
5d:8c:f5:6f:e1:98:e3:66:23:50:3a:f3:de:7f:31:
bb:58:7f:2e:e2:7c:7e:d5:8f:93:b1:87:3e:69:cb:
64:15:c8:ac:fd:c7:b1:25:98:a8:54:36:74:b6:fd:
d3:ee:69:30:a3:3e:e4:aa:17:06:71:65:7f:15:42:
22:ff:d6:4f:39:b2:df:74:dd:33:ba:b1:e8:a4:65:
35:18:c9:dc:f0:8a:db:b5:31:90:cb:c7:ec:b1:22:
38:4f:28:59:9e:4f:e6:36:e3:16:f3:ba:58:c0:a6:
ec:70:0b:49:32:26:63:ef:2b:de:fe:ad:6b:a2:ab:
46:9d:ee:24:36:99:9f:6b:b8:50:da:e4:53:cf:98:
dc:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:B2:AF:1E:F2:19:04:00:4A:E5:4A:54:E3:2B:0A:31:26:99:C9:C8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5rKvHvIZBABK5UpU4ysKMSaZycg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.211.0/24
Signature Algorithm: sha256WithRSAEncryption
93:c4:f7:e8:2f:d0:a9:dd:9b:17:b9:64:dd:6f:09:c1:5a:4a:
49:2b:5b:f2:57:11:64:a2:48:04:89:fa:a7:62:85:e6:f7:a6:
1b:ed:13:a8:ac:55:6d:e9:73:e5:e1:c7:13:c6:65:65:18:32:
d8:24:5d:60:4c:9f:83:4c:09:c8:ee:09:ef:3d:1a:2b:4d:e6:
8f:aa:d1:72:0c:87:85:03:ec:70:e7:83:ea:a0:36:9f:f2:03:
f4:70:ed:a3:89:a4:b3:aa:a0:27:46:cd:29:01:7d:29:1c:d0:
b3:20:86:95:10:ac:3c:73:1f:d5:1c:f4:bf:04:d3:90:3a:32:
b4:3c:f1:3e:a0:7d:75:6c:c1:02:61:7c:58:c9:d3:dc:f2:97:
f2:04:50:4b:7d:cc:de:b9:45:fd:28:2a:91:86:85:ae:ad:64:
28:99:c3:22:89:06:2e:3d:85:10:69:48:88:43:0e:25:51:70:
51:2b:f4:af:f0:28:43:12:fa:d3:02:09:58:4a:8d:89:a4:df:
06:d2:53:75:c9:80:6e:4e:64:55:6b:71:1b:17:63:a7:39:6d:
db:82:b9:74:bf:cf:ce:28:be:75:f5:01:ed:ce:f0:83:32:f2:
bb:7a:b9:78:f6:f1:01:ad:43:b7:42:1b:ff:3b:7f:ae:1e:d3:
6f:8f:06:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY19SQxvCcb2LSgtBw1QWEdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMjA2MDcxOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmIyYWYxZWYyMTkwNDAwNGFlNTRhNTRlMzJiMGEzMTI2OTljOWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe/6NCk0nblOWvfFv6y2Ph53X8I4
Z4Lg0FVEzOFZLRWQkcNqosNcsS3Vxf3jwzORAzwhpjmhEIY0v98CRL8yzWdZ4bZ9
2+PVY9aVutmxga+TgE8Cu2Pznu3skL1Me9KJWtNnEV38ug8lZ3v5CEWMuxDxjTJk
gYtdjPVv4ZjjZiNQOvPefzG7WH8u4nx+1Y+TsYc+actkFcis/cexJZioVDZ0tv3T
7mkwoz7kqhcGcWV/FUIi/9ZPObLfdN0zurHopGU1GMnc8IrbtTGQy8fssSI4TyhZ
nk/mNuMW87pYwKbscAtJMiZj7yve/q1roqtGne4kNpmfa7hQ2uRTz5jcSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOayrx7yGQQASuVKVOMrCjEmmcnIMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNXJLdkh2SVpCQUJLNVVwVTR5c0tNU2FaeWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNjTMA0G
CSqGSIb3DQEBCwUAA4IBAQCTxPfoL9Cp3ZsXuWTdbwnBWkpJK1vyVxFkokgEifqn
YoXm96Yb7ROorFVt6XPl4ccTxmVlGDLYJF1gTJ+DTAnI7gnvPRorTeaPqtFyDIeF
A+xw54PqoDaf8gP0cO2jiaSzqqAnRs0pAX0pHNCzIIaVEKw8cx/VHPS/BNOQOjK0
PPE+oH11bMECYXxYydPc8pfyBFBLfczeuUX9KCqRhoWurWQomcMiiQYuPYUQaUiI
Qw4lUXBRK/Sv8ChDEvrTAglYSo2JpN8G0lN1yYBuTmRVa3EbF2OnOW3bgrl0v8/O
KL519QHtzvCDMvK7erl49vEBrUO3Qhv/O3+uHtNvjwYp
-----END CERTIFICATE-----
Generated at Thu Feb 29 21:33:10 2024 by rpki-client on console-fra.rpki-client.org