Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/A5ftxm7j0QKY5xktue6jXwg1Lm0.roa
File: A5ftxm7j0QKY5xktue6jXwg1Lm0.roa (raw, json)
Hash identifier: SgZIYovxE0qLbdS5cEVgzFjmaLpqN1UPwlyegoJpq0A=
Subject key identifier: 03:97:ED:C6:6E:E3:D1:02:98:E7:19:2D:B9:EE:A3:5F:08:35:2E:6D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826BFB97049B1B41AD6EB13A054378C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/A5ftxm7j0QKY5xktue6jXwg1Lm0.roa
Signing time: Thu 02 Jan 2025 17:53:35 +0000
ROA not before: Thu 02 Jan 2025 17:53:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200344
IP address blocks: 88.216.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 08:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:bf:b9:70:49:b1:b4:1a:d6:eb:13:a0:54:37:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0397edc66ee3d10298e7192db9eea35f08352e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:40:73:34:b7:47:f8:00:03:fd:e1:a1:3d:aa:
5c:e9:19:71:ca:5f:af:8b:c2:e1:25:9c:7b:3e:bc:
00:3e:68:4c:32:fc:e2:4d:4e:d0:24:c0:3c:54:a1:
ca:0e:27:c3:70:0a:7c:62:dc:bc:73:66:5e:9e:cd:
f4:c3:5b:f2:e7:4a:2a:72:f7:cc:98:3b:23:11:d6:
c8:67:20:cf:41:af:8c:13:4e:dc:4a:7a:1f:a0:86:
f7:8f:bf:3d:8e:1f:29:5b:0d:be:ac:52:a6:d6:53:
ab:ed:8e:8b:fb:d9:c3:dc:19:6b:1f:e4:76:fe:d6:
b9:83:22:ec:9b:0b:c3:ab:ec:41:8e:46:9d:3d:69:
35:1d:a5:39:36:8a:80:e0:f5:cc:8d:2b:b2:93:a0:
a1:a8:11:9e:91:14:e5:2c:6c:f5:a5:f9:de:40:15:
67:e4:56:d2:17:ed:3b:87:1b:d5:97:59:ef:33:fb:
83:90:74:52:89:6d:94:e2:74:1e:1d:9e:f0:75:8d:
51:b0:50:f3:67:36:db:18:85:f7:96:f6:08:76:80:
ae:03:01:f7:f6:55:af:7d:f3:64:7d:3a:38:cd:7c:
3c:4e:b9:32:c3:06:86:0e:94:99:c4:09:8b:55:0d:
b6:e4:dc:4f:ab:8f:a5:51:91:0b:3a:29:dc:35:8e:
37:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:97:ED:C6:6E:E3:D1:02:98:E7:19:2D:B9:EE:A3:5F:08:35:2E:6D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/A5ftxm7j0QKY5xktue6jXwg1Lm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.144.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:60:e3:34:ab:5c:c2:38:30:38:07:f2:3b:da:41:a8:22:a1:
95:42:c0:df:23:78:8e:a9:f1:06:c0:75:29:9a:09:96:97:01:
63:52:bd:d3:b2:97:e5:43:e6:74:9e:c7:b9:ce:08:47:bd:39:
60:33:6e:d9:1b:ab:5f:c2:ef:08:0a:9b:01:39:cd:2d:b6:5d:
12:8b:7a:46:99:35:5c:1c:92:13:68:b8:24:87:48:44:4c:83:
05:b3:52:79:d2:a9:0f:30:4b:82:cd:54:63:0c:d7:7e:15:33:
23:ee:f7:f8:5b:25:46:05:d6:04:15:16:4e:d2:27:a8:7f:30:
01:85:f0:b1:fa:a8:3c:f9:58:dc:69:8b:09:3e:2a:8a:de:9a:
30:8a:b0:1d:44:17:84:a4:09:fc:03:87:ed:2f:39:32:b4:d9:
8a:7c:5b:e3:14:00:28:03:70:55:81:45:15:0a:d2:ba:0b:62:
32:d9:a3:3c:54:d7:34:46:17:ea:d4:e6:8a:45:af:94:ac:a1:
fc:64:3f:87:80:97:6c:b7:28:36:e8:86:13:d6:2f:ba:c1:14:
12:fc:8f:3f:c5:c5:66:39:a7:44:7c:9f:36:43:76:5d:e4:44:
8b:78:15:d5:a0:27:02:35:25:16:b6:e6:16:71:20:ca:fa:65:
61:aa:9a:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJr+5cEmxtBrW6xOgVDeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzk3ZWRjNjZlZTNkMTAyOThlNzE5MmRiOWVlYTM1ZjA4MzUyZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0BzNLdH+AAD/eGhPapc6Rlxyl+v
i8LhJZx7PrwAPmhMMvziTU7QJMA8VKHKDifDcAp8Yty8c2Zens30w1vy50oqcvfM
mDsjEdbIZyDPQa+ME07cSnofoIb3j789jh8pWw2+rFKm1lOr7Y6L+9nD3BlrH+R2
/ta5gyLsmwvDq+xBjkadPWk1HaU5NoqA4PXMjSuyk6ChqBGekRTlLGz1pfneQBVn
5FbSF+07hxvVl1nvM/uDkHRSiW2U4nQeHZ7wdY1RsFDzZzbbGIX3lvYIdoCuAwH3
9lWvffNkfTo4zXw8TrkywwaGDpSZxAmLVQ225NxPq4+lUZELOincNY430wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAOX7cZu49ECmOcZLbnuo18INS5tMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQTVmdHhtN2owUUtZNXhrdHVlNmpYd2cxTG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNiQMA0G
CSqGSIb3DQEBCwUAA4IBAQCfYOM0q1zCODA4B/I72kGoIqGVQsDfI3iOqfEGwHUp
mgmWlwFjUr3TspflQ+Z0nse5zghHvTlgM27ZG6tfwu8ICpsBOc0ttl0Si3pGmTVc
HJITaLgkh0hETIMFs1J50qkPMEuCzVRjDNd+FTMj7vf4WyVGBdYEFRZO0ieofzAB
hfCx+qg8+VjcaYsJPiqK3powirAdRBeEpAn8A4ftLzkytNmKfFvjFAAoA3BVgUUV
CtK6C2Iy2aM8VNc0Rhfq1OaKRa+UrKH8ZD+HgJdstyg26IYT1i+6wRQS/I8/xcVm
OadEfJ82Q3Zd5ESLeBXVoCcCNSUWtuYWcSDK+mVhqpru
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:30:03 2025 by rpki-client