Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/99AUOolFlaRTh6Ual5gfm-tx2mU.roa
File: 99AUOolFlaRTh6Ual5gfm-tx2mU.roa (raw, json)
Hash identifier: COwaCivbRR6w+9sCCOPfxg2SBujVuls0XFa6t4tI43U=
Subject key identifier: F7:D0:14:3A:89:45:95:A4:53:87:A5:1A:97:98:1F:9B:EB:71:DA:65
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01894B4F40FCA3256C570567849722FFB668
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/99AUOolFlaRTh6Ual5gfm-tx2mU.roa
Signing time: Wed 12 Jul 2023 18:13:52 +0000
ROA not before: Wed 12 Jul 2023 18:13:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200017
IP address blocks: 88.216.108.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jul 2023 05:55:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4b:4f:40:fc:a3:25:6c:57:05:67:84:97:22:ff:b6:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 12 18:13:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7d0143a894595a45387a51a97981f9beb71da65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:44:d6:aa:35:5a:a0:22:1c:bd:06:20:f9:5e:
db:54:9e:9f:dc:ca:f5:67:f7:b9:c6:e5:9e:5a:84:
d0:c5:30:97:0a:af:b6:7f:02:24:28:72:2c:2b:5f:
da:75:b2:3e:b7:96:3e:fd:19:c3:9e:91:f1:09:29:
c7:69:96:f9:a5:88:19:a0:ce:c2:2b:c3:5c:58:5b:
d5:fc:cc:a4:f7:f0:7d:ec:0c:57:d7:3b:c8:11:74:
e4:ea:11:a2:78:c3:c8:c5:ce:9b:22:a3:fb:ed:ca:
b3:c5:a4:9c:7a:c7:14:46:11:a9:1e:ea:c1:cd:15:
26:3f:14:4c:f0:97:a3:ff:73:01:0c:df:bb:dc:f3:
a2:71:96:d2:f2:fb:40:98:2a:0f:de:36:2a:00:96:
97:6d:e6:4e:28:6c:d0:e0:8b:12:a9:ef:75:41:21:
c3:1b:9d:d9:33:ad:a1:5c:c4:ac:8f:21:9d:81:94:
39:f1:e6:25:9b:3c:51:9b:2c:26:7f:70:42:c9:90:
b6:e2:9f:14:16:03:09:f1:ca:af:a2:ef:38:ad:e1:
de:9e:90:26:27:ca:26:f1:be:4b:c5:2e:f6:1a:d5:
19:0d:9f:e1:a7:61:72:ee:5f:e8:77:a8:e5:ea:79:
a0:77:99:8a:6e:64:30:4d:13:f2:6f:05:5a:39:cd:
13:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D0:14:3A:89:45:95:A4:53:87:A5:1A:97:98:1F:9B:EB:71:DA:65
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/99AUOolFlaRTh6Ual5gfm-tx2mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.148.0/24
88.216.36.0/24
88.216.108.0/24
Signature Algorithm: sha256WithRSAEncryption
57:2a:ff:bf:8e:ff:0f:df:5d:6c:12:95:fa:16:90:a7:e9:4d:
ce:c8:18:3b:89:72:80:c4:d3:8e:a7:c4:1f:d3:b4:4a:6e:31:
19:c0:ef:7f:f7:ff:f8:22:7a:dd:f7:35:98:2d:d5:87:a5:f3:
15:c5:ad:6c:80:75:c5:13:0e:1e:c9:dc:c9:8c:78:48:46:51:
40:f1:8d:b4:06:69:05:f1:37:95:7b:3a:e9:f3:2e:00:01:e7:
43:79:18:6e:ca:b0:b7:10:92:b8:84:42:c8:65:95:d1:bb:13:
fd:56:74:a7:44:a8:d2:c0:e1:1d:a9:68:69:ef:2d:c8:93:80:
b2:0f:75:44:2c:ac:71:7d:f6:de:f6:32:93:d0:eb:0b:d2:0e:
15:47:88:df:02:ab:65:5e:5f:23:77:b1:70:45:e1:62:54:83:
64:45:36:f0:d6:92:0e:f1:24:ff:1e:77:e4:22:ef:d8:a9:9a:
8f:de:1a:df:03:c8:62:76:6d:97:4f:c8:3b:d2:a1:a2:29:03:
57:6e:66:3d:ac:a5:da:3c:7d:87:0b:42:64:bf:3b:0f:38:36:
75:eb:32:77:62:94:a2:b7:a8:8e:18:11:43:66:d5:b9:44:d6:
ff:4a:f5:ba:7e:bc:c0:d9:e4:7d:2a:da:80:84:af:c4:73:4d:
34:95:9a:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlLT0D8oyVsVwVnhJci/7ZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNzEyMTgxMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2QwMTQzYTg5NDU5NWE0NTM4N2E1MWE5Nzk4MWY5YmViNzFkYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUTWqjVaoCIcvQYg+V7bVJ6f3Mr1
Z/e5xuWeWoTQxTCXCq+2fwIkKHIsK1/adbI+t5Y+/RnDnpHxCSnHaZb5pYgZoM7C
K8NcWFvV/Myk9/B97AxX1zvIEXTk6hGieMPIxc6bIqP77cqzxaScescURhGpHurB
zRUmPxRM8Jej/3MBDN+73POicZbS8vtAmCoP3jYqAJaXbeZOKGzQ4IsSqe91QSHD
G53ZM62hXMSsjyGdgZQ58eYlmzxRmywmf3BCyZC24p8UFgMJ8cqvou84reHenpAm
J8om8b5LxS72GtUZDZ/hp2Fy7l/od6jl6nmgd5mKbmQwTRPybwVaOc0T3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPfQFDqJRZWkU4elGpeYH5vrcdplMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOTlBVU9vbEZsYVJUaDZVYWw1Z2ZtLXR4Mm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCCUAwQA
WNgkAwQAWNhsMA0GCSqGSIb3DQEBCwUAA4IBAQBXKv+/jv8P311sEpX6FpCn6U3O
yBg7iXKAxNOOp8Qf07RKbjEZwO9/9//4Inrd9zWYLdWHpfMVxa1sgHXFEw4eydzJ
jHhIRlFA8Y20BmkF8TeVezrp8y4AAedDeRhuyrC3EJK4hELIZZXRuxP9VnSnRKjS
wOEdqWhp7y3Ik4CyD3VELKxxffbe9jKT0OsL0g4VR4jfAqtlXl8jd7FwReFiVINk
RTbw1pIO8ST/HnfkIu/YqZqP3hrfA8hidm2XT8g70qGiKQNXbmY9rKXaPH2HC0Jk
vzsPODZ16zJ3YpSit6iOGBFDZtW5RNb/SvW6frzA2eR9KtqAhK/Ec000lZqw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org