Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/7XHKn57SULX9rkPed-1Rfqw04gc.roa
File: 7XHKn57SULX9rkPed-1Rfqw04gc.roa (raw, json)
Hash identifier: 4zD8i0A7LBeRYFzVj76RppUJMmyMY0BCS7lM32akQnk=
Subject key identifier: ED:71:CA:9F:9E:D2:50:B5:FD:AE:43:DE:77:ED:51:7E:AC:34:E2:07
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01875D4300C06579778EB273A77DC01824C2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/7XHKn57SULX9rkPed-1Rfqw04gc.roa
Signing time: Fri 07 Apr 2023 19:48:04 +0000
ROA not before: Fri 07 Apr 2023 19:48:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200017
IP address blocks: 88.216.92.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 21:14:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5d:43:00:c0:65:79:77:8e:b2:73:a7:7d:c0:18:24:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 7 19:48:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed71ca9f9ed250b5fdae43de77ed517eac34e207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2b:b8:5a:d1:4c:9b:5e:be:9b:d4:27:9b:c2:
13:ae:60:7e:21:5c:92:aa:46:28:00:84:7f:4d:46:
8c:fd:4f:39:a5:42:1b:34:e6:1c:a7:b5:d7:e4:78:
bc:1f:40:d1:53:2d:f1:00:5e:a5:c6:63:66:44:be:
a1:52:22:4b:8a:2a:b1:27:49:49:9d:a2:56:c5:d4:
10:22:84:37:54:39:d8:ef:4f:b9:3a:cd:39:0d:d3:
f0:2e:ad:13:bf:c0:9d:bc:84:16:a9:1a:56:99:61:
f4:44:12:e3:88:d1:88:1d:c6:97:66:cf:1a:df:78:
ac:7a:ed:c4:78:ca:09:7c:cf:5c:59:08:54:8d:ea:
0f:c9:b2:0e:c1:c3:c3:02:18:5f:20:5c:66:a5:7c:
30:ad:a6:86:4b:b3:69:af:1f:ce:1b:73:56:57:db:
b2:30:66:2c:86:95:2c:fb:a7:3f:9c:9c:f5:f2:bc:
8b:0e:72:17:a3:8b:5f:bc:37:86:0a:88:a2:69:45:
f0:cd:24:58:de:c8:41:a3:d4:76:9b:81:11:87:e1:
6d:2e:86:fe:a6:b9:dc:8b:af:7a:44:20:73:c5:ab:
bc:e8:a1:c4:99:f5:67:52:94:3d:57:c8:b7:d7:d1:
e6:93:43:b9:7c:50:da:5b:1d:21:4f:8a:03:5a:d5:
16:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:71:CA:9F:9E:D2:50:B5:FD:AE:43:DE:77:ED:51:7E:AC:34:E2:07
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/7XHKn57SULX9rkPed-1Rfqw04gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.36.0/24
88.216.92.0/24
Signature Algorithm: sha256WithRSAEncryption
52:60:61:26:bc:14:ac:f9:80:eb:92:b2:c0:86:06:68:4a:3e:
4c:85:70:0e:3f:ff:4d:a7:38:a6:70:05:c0:91:cc:a0:ca:d9:
11:42:9f:f5:12:11:12:ae:ca:a6:cc:c1:84:ab:ee:4e:65:06:
d5:3d:9f:e8:ee:58:f9:37:18:40:a7:bd:07:61:56:cb:40:a9:
0a:5d:72:58:a3:99:69:7d:94:53:f3:0b:bf:8c:ae:7f:88:d1:
b5:ce:e5:e0:7b:0c:eb:f7:dc:57:0c:7c:9b:0e:9f:29:4c:d0:
d5:aa:70:6e:e8:66:f7:85:33:d1:ba:3b:76:b0:b6:dc:15:f6:
d8:21:f2:2c:80:2d:46:6d:77:8c:d6:33:f1:c6:03:d8:37:65:
e4:53:6c:bb:d3:44:f5:f0:e3:7b:55:ef:97:a8:05:c4:09:ed:
2e:e6:cc:91:0b:78:fe:ab:56:58:c2:73:f8:0e:2e:6e:f0:5f:
99:10:9f:0a:15:94:c6:54:a9:04:4d:8e:b7:99:ba:e8:7d:0a:
09:33:05:38:01:38:d1:97:59:79:4e:08:ff:95:46:b9:07:4a:
aa:44:05:c2:8f:a9:c7:99:39:58:58:0d:d9:51:85:5a:4d:0a:
a5:1b:b2:ad:4d:18:26:06:84:ce:53:30:4c:e7:6b:3a:9c:1b:
74:90:a0:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYddQwDAZXl3jrJzp33AGCTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDA3MTk0ODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDcxY2E5ZjllZDI1MGI1ZmRhZTQzZGU3N2VkNTE3ZWFjMzRlMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyu4WtFMm16+m9Qnm8ITrmB+IVyS
qkYoAIR/TUaM/U85pUIbNOYcp7XX5Hi8H0DRUy3xAF6lxmNmRL6hUiJLiiqxJ0lJ
naJWxdQQIoQ3VDnY70+5Os05DdPwLq0Tv8CdvIQWqRpWmWH0RBLjiNGIHcaXZs8a
33iseu3EeMoJfM9cWQhUjeoPybIOwcPDAhhfIFxmpXwwraaGS7Nprx/OG3NWV9uy
MGYshpUs+6c/nJz18ryLDnIXo4tfvDeGCoiiaUXwzSRY3shBo9R2m4ERh+FtLob+
prnci696RCBzxau86KHEmfVnUpQ9V8i319Hmk0O5fFDaWx0hT4oDWtUWLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO1xyp+e0lC1/a5D3nftUX6sNOIHMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvN1hIS241N1NVTFg5cmtQZWQtMVJmcXcwNGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNgkAwQA
WNhcMA0GCSqGSIb3DQEBCwUAA4IBAQBSYGEmvBSs+YDrkrLAhgZoSj5MhXAOP/9N
pzimcAXAkcygytkRQp/1EhESrsqmzMGEq+5OZQbVPZ/o7lj5NxhAp70HYVbLQKkK
XXJYo5lpfZRT8wu/jK5/iNG1zuXgewzr99xXDHybDp8pTNDVqnBu6Gb3hTPRujt2
sLbcFfbYIfIsgC1GbXeM1jPxxgPYN2XkU2y700T18ON7Ve+XqAXECe0u5syRC3j+
q1ZYwnP4Di5u8F+ZEJ8KFZTGVKkETY63mbrofQoJMwU4ATjRl1l5Tgj/lUa5B0qq
RAXCj6nHmTlYWA3ZUYVaTQqlG7KtTRgmBoTOUzBM52s6nBt0kKAQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org