Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BlKBcXtW8opWMxhUupHWPK2D878.roa
File: BlKBcXtW8opWMxhUupHWPK2D878.roa (raw, json)
Hash identifier: vdx8IYFGYKCWe5kJxwumMBMf66VQwx/fOiF4IpsnUOU=
Subject key identifier: 06:52:81:71:7B:56:F2:8A:56:33:18:54:BA:91:D6:3C:AD:83:F3:BF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01889A43768A06F0A678DF38F55C4A7CCC9C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BlKBcXtW8opWMxhUupHWPK2D878.roa
Signing time: Thu 08 Jun 2023 09:08:12 +0000
ROA not before: Thu 08 Jun 2023 09:08:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 88.216.96.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:43:76:8a:06:f0:a6:78:df:38:f5:5c:4a:7c:cc:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 8 09:08:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=065281717b56f28a56331854ba91d63cad83f3bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c7:af:20:b4:06:7a:bc:e7:d2:08:a4:25:de:
1f:ed:2b:20:52:18:82:a9:1b:30:95:7e:ad:71:94:
b4:ba:08:f8:6d:7c:11:38:25:9b:e3:78:c9:70:fc:
26:0a:06:6f:61:a6:2e:01:21:df:5f:f1:ff:36:22:
55:7b:78:20:90:7d:00:5f:62:26:13:e6:ae:44:73:
29:55:1f:71:1a:0d:b2:5d:64:4c:8b:4e:00:ea:5d:
1b:7b:ad:13:98:3b:23:e9:6b:12:dd:6e:69:34:bf:
78:b8:fb:a9:13:42:ee:5f:f6:f4:05:b1:78:8b:00:
72:6a:c8:95:b5:2a:2b:45:bc:e1:3a:92:45:8c:42:
98:55:45:8f:e0:e8:8c:19:e3:29:ee:ca:3d:a6:b1:
81:02:df:ed:fb:1a:d9:d0:34:d7:1e:5d:d4:e8:f8:
ba:40:96:72:84:1d:c9:0d:f9:b2:a1:30:81:8c:01:
4b:3f:c6:77:21:b0:2d:12:50:6d:12:2b:38:24:4b:
99:e4:08:29:1d:33:23:00:7b:90:2f:f5:ac:d6:ce:
9c:f8:8a:88:8e:2f:ae:d3:7b:ad:7d:c8:c9:76:6c:
8c:50:53:ea:46:d5:db:9b:d6:ef:eb:06:07:2d:b5:
9e:f3:0f:22:d3:ef:27:b9:36:48:5a:c0:1c:0d:fb:
37:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:52:81:71:7B:56:F2:8A:56:33:18:54:BA:91:D6:3C:AD:83:F3:BF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BlKBcXtW8opWMxhUupHWPK2D878.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.96.0/24
Signature Algorithm: sha256WithRSAEncryption
86:e4:24:47:bc:23:65:57:3e:ac:6f:10:46:2c:b7:d6:ad:ce:
24:80:70:c7:03:9c:cc:d6:e1:c8:e2:ad:cc:98:0d:10:6d:98:
59:f6:ad:20:45:da:eb:85:69:87:1a:44:e7:1e:7f:b2:39:56:
9f:d8:ab:be:5a:a7:df:cb:e1:91:33:e7:08:3b:a4:0e:ff:52:
8f:74:52:a1:c3:f7:40:8e:ef:73:60:02:41:a0:28:99:c2:28:
62:36:eb:bb:cf:96:3a:17:35:f0:6e:a8:25:19:aa:43:11:88:
d1:ba:69:e2:9d:28:96:74:0f:72:df:f7:93:b6:75:84:67:86:
16:e9:96:ed:35:f5:d8:5b:53:0d:75:b5:4c:4e:d3:d5:36:83:
34:a6:0f:bc:69:c4:84:1a:ee:d4:ea:72:7b:d5:11:5e:60:fb:
77:a3:65:fd:f6:89:33:a9:53:77:7e:53:01:21:fb:9d:e3:76:
55:e6:6c:b1:d3:7e:9d:bd:36:ba:bb:98:bb:a0:2b:8a:d4:2e:
6e:38:45:a7:f5:fd:b5:b4:be:3e:e8:3b:06:80:90:0b:34:c2:
0f:33:82:bf:6e:f0:46:3c:cc:9a:a6:c8:98:6e:85:9f:41:01:
02:e0:7c:cb:cb:ed:98:87:bd:59:17:43:5f:4b:b2:f9:67:e8:
ec:77:56:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiaQ3aKBvCmeN849VxKfMycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjA4MDkwODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjUyODE3MTdiNTZmMjhhNTYzMzE4NTRiYTkxZDYzY2FkODNmM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcevILQGerzn0gikJd4f7SsgUhiC
qRswlX6tcZS0ugj4bXwROCWb43jJcPwmCgZvYaYuASHfX/H/NiJVe3ggkH0AX2Im
E+auRHMpVR9xGg2yXWRMi04A6l0be60TmDsj6WsS3W5pNL94uPupE0LuX/b0BbF4
iwByasiVtSorRbzhOpJFjEKYVUWP4OiMGeMp7so9prGBAt/t+xrZ0DTXHl3U6Pi6
QJZyhB3JDfmyoTCBjAFLP8Z3IbAtElBtEis4JEuZ5AgpHTMjAHuQL/Ws1s6c+IqI
ji+u03utfcjJdmyMUFPqRtXbm9bv6wYHLbWe8w8i0+8nuTZIWsAcDfs3mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAZSgXF7VvKKVjMYVLqR1jytg/O/MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQmxLQmNYdFc4b3BXTXhoVXVwSFdQSzJEODc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNhgMA0G
CSqGSIb3DQEBCwUAA4IBAQCG5CRHvCNlVz6sbxBGLLfWrc4kgHDHA5zM1uHI4q3M
mA0QbZhZ9q0gRdrrhWmHGkTnHn+yOVaf2Ku+Wqffy+GRM+cIO6QO/1KPdFKhw/dA
ju9zYAJBoCiZwihiNuu7z5Y6FzXwbqglGapDEYjRumninSiWdA9y3/eTtnWEZ4YW
6ZbtNfXYW1MNdbVMTtPVNoM0pg+8acSEGu7U6nJ71RFeYPt3o2X99okzqVN3flMB
Ifud43ZV5myx036dvTa6u5i7oCuK1C5uOEWn9f21tL4+6DsGgJALNMIPM4K/bvBG
PMyapsiYboWfQQEC4HzLy+2Yh71ZF0NfS7L5Z+jsd1ZU
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:49 2024 by rpki-client on console-fra.rpki-client.org