Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8WIajlP6CG9rXKUf0NVvmUOgl7E.roa
File: 8WIajlP6CG9rXKUf0NVvmUOgl7E.roa (raw, json)
Hash identifier: f/B2RrnOWY1+3Xj7fWrsg60z+SNNrvh1Lhhg1keoMms=
Subject key identifier: F1:62:1A:8E:53:FA:08:6F:6B:5C:A5:1F:D0:D5:6F:99:43:A0:97:B1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018C880A80953EDBF0B82C5672E3A54771C8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8WIajlP6CG9rXKUf0NVvmUOgl7E.roa
Signing time: Wed 20 Dec 2023 16:23:58 +0000
ROA not before: Wed 20 Dec 2023 16:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 84.32.106.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:88:0a:80:95:3e:db:f0:b8:2c:56:72:e3:a5:47:71:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 20 16:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1621a8e53fa086f6b5ca51fd0d56f9943a097b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:66:05:07:2a:7a:5d:f6:f8:84:24:9d:96:91:
3e:b2:ba:30:78:e5:14:d1:64:19:a9:10:e9:0e:a7:
a9:58:1e:d4:a8:f3:6c:3e:0e:d1:88:88:96:5f:9e:
5c:0c:55:ef:27:38:31:af:0e:5f:7e:f8:a0:01:c3:
ac:91:1d:f6:8a:55:f3:db:cc:69:5a:39:f3:89:c2:
b5:76:91:8d:32:b7:05:9d:1a:71:03:03:b3:cf:20:
42:04:67:cd:db:e9:02:d0:96:5e:35:82:f3:a5:f7:
c6:4a:fc:5e:57:34:9b:b7:07:90:b9:53:a8:a2:b3:
e0:ec:dc:67:c8:20:bb:e1:80:2f:98:31:68:da:40:
76:56:94:3a:d4:fc:b3:80:9d:d8:49:41:3b:e3:f8:
07:70:cf:cc:9a:66:e6:ad:8c:f6:8d:98:14:68:c6:
31:1c:6f:f9:7a:c9:13:bf:85:74:c5:2d:ae:9d:46:
43:64:d9:56:ec:56:0c:67:2f:16:e7:e6:9e:40:76:
54:f9:d6:65:a4:94:e8:13:bf:47:98:ba:4f:1e:ea:
8d:0e:98:1a:38:bf:fb:28:62:bc:6a:61:cc:d6:4d:
b3:31:b2:b7:4a:2c:bf:b9:0e:4a:1f:7f:6f:fb:46:
b6:a5:94:27:2d:42:8f:11:da:01:24:1b:34:5d:d9:
03:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:62:1A:8E:53:FA:08:6F:6B:5C:A5:1F:D0:D5:6F:99:43:A0:97:B1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8WIajlP6CG9rXKUf0NVvmUOgl7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.106.0/24
88.216.43.0/24
Signature Algorithm: sha256WithRSAEncryption
47:06:9b:ce:08:4b:f1:01:97:d1:b3:0c:c9:19:59:e4:d1:90:
27:b5:ce:c1:62:b7:10:5d:d1:02:58:97:78:e0:8f:ac:76:67:
f4:78:28:6b:fa:e9:55:a7:77:30:17:5e:c1:77:9b:98:17:e8:
07:44:35:1a:04:1d:64:db:32:38:b7:d9:fc:b6:e5:75:55:56:
77:48:c6:6d:00:e9:4b:6b:d5:32:42:67:75:1a:e5:68:90:f3:
12:7f:72:72:9b:18:0a:85:2c:29:5d:57:11:b0:94:58:82:8c:
e5:59:4e:51:15:e7:4e:0c:45:bf:96:f5:8a:f3:cc:66:41:c7:
63:f4:15:5c:b3:b1:6c:21:97:8d:a0:c5:6e:e7:3b:d9:5b:fa:
2c:7f:20:aa:9a:73:5e:60:78:ab:c7:5d:1b:a5:9d:b7:e7:6b:
a6:8f:f5:fd:67:a3:0e:8e:e8:82:a8:87:bf:95:c5:5f:80:ad:
b1:45:b0:a0:08:8f:28:30:f3:15:60:e6:26:be:8d:f7:54:b8:
b0:ae:05:48:0c:5e:5b:a2:59:55:80:ec:e9:ee:8e:d4:c6:bd:
70:80:d7:30:8f:ce:7c:4c:ce:cb:6d:0a:a5:a9:f3:f1:0d:59:
3d:fc:d5:85:3b:7d:18:e5:2c:3c:c4:a7:9f:57:38:5a:58:04:
0f:7a:32:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyICoCVPtvwuCxWcuOlR3HIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMjIwMTYyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTYyMWE4ZTUzZmEwODZmNmI1Y2E1MWZkMGQ1NmY5OTQzYTA5N2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymYFByp6Xfb4hCSdlpE+sroweOUU
0WQZqRDpDqepWB7UqPNsPg7RiIiWX55cDFXvJzgxrw5ffvigAcOskR32ilXz28xp
WjnzicK1dpGNMrcFnRpxAwOzzyBCBGfN2+kC0JZeNYLzpffGSvxeVzSbtweQuVOo
orPg7NxnyCC74YAvmDFo2kB2VpQ61PyzgJ3YSUE74/gHcM/MmmbmrYz2jZgUaMYx
HG/5eskTv4V0xS2unUZDZNlW7FYMZy8W5+aeQHZU+dZlpJToE79HmLpPHuqNDpga
OL/7KGK8amHM1k2zMbK3Siy/uQ5KH39v+0a2pZQnLUKPEdoBJBs0XdkDRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPFiGo5T+ghva1ylH9DVb5lDoJexMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOFdJYWpsUDZDRzlyWEtVZjBOVnZtVU9nbDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCBqAwQA
WNgrMA0GCSqGSIb3DQEBCwUAA4IBAQBHBpvOCEvxAZfRswzJGVnk0ZAntc7BYrcQ
XdECWJd44I+sdmf0eChr+ulVp3cwF17Bd5uYF+gHRDUaBB1k2zI4t9n8tuV1VVZ3
SMZtAOlLa9UyQmd1GuVokPMSf3JymxgKhSwpXVcRsJRYgozlWU5RFedODEW/lvWK
88xmQcdj9BVcs7FsIZeNoMVu5zvZW/osfyCqmnNeYHirx10bpZ2352umj/X9Z6MO
juiCqIe/lcVfgK2xRbCgCI8oMPMVYOYmvo33VLiwrgVIDF5bollVgOzp7o7Uxr1w
gNcwj858TM7LbQqlqfPxDVk9/NWFO30Y5Sw8xKefVzhaWAQPejL9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org