Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/DJ_iJ-JybK1oZyzahr-ah08iRaY.roa
File: DJ_iJ-JybK1oZyzahr-ah08iRaY.roa (raw, json)
Hash identifier: cCjFmxQKz/8ieuF1UB9cRuLVwSZ8XvgLGSkYJphkUYQ=
Subject key identifier: 0C:9F:E2:27:E2:72:6C:AD:68:67:2C:DA:86:BF:9A:87:4F:22:45:A6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0187BA344A86BDB52451C3117AC690EF6DF5
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/DJ_iJ-JybK1oZyzahr-ah08iRaY.roa
Signing time: Tue 25 Apr 2023 20:56:41 +0000
ROA not before: Tue 25 Apr 2023 20:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ba:34:4a:86:bd:b5:24:51:c3:11:7a:c6:90:ef:6d:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 25 20:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c9fe227e2726cad68672cda86bf9a874f2245a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:11:5b:ab:13:47:ac:4b:50:f1:43:ea:6e:d3:
89:6e:03:ef:5f:38:cb:2f:5f:b2:e0:47:1a:c2:79:
5c:ee:a1:13:32:ed:00:85:dc:eb:63:2f:ac:ca:67:
1c:d7:95:1a:38:f3:26:95:1c:2e:3d:47:27:00:3a:
0e:22:0f:ed:c3:17:19:43:bd:f3:fd:d5:98:ab:70:
7d:65:98:83:ed:15:73:1e:34:d1:c6:93:a5:07:b1:
e7:8a:37:fd:03:39:31:af:c6:52:7e:b7:b2:91:76:
91:6a:a4:a6:d1:04:0d:2f:7f:53:ac:a6:72:64:1b:
8a:cc:9c:da:02:5a:01:f1:05:a5:4d:b4:93:de:68:
9c:fa:8f:c7:c7:3b:34:86:c0:f7:fb:60:e6:13:57:
ee:8e:3c:9d:41:af:8d:a0:8f:45:71:eb:53:2e:c5:
79:e7:2d:34:af:12:e9:6b:2b:5b:fb:c0:d0:ac:94:
c0:9d:82:f3:bf:fb:9d:aa:dd:70:9f:10:51:ae:68:
65:bd:09:6c:0d:01:65:cb:27:0b:65:4e:85:8a:86:
f1:71:24:d1:f0:eb:69:69:a0:2a:3c:1b:da:b1:db:
d0:b5:61:ca:82:83:19:00:4c:21:1d:5b:ca:db:29:
ec:68:bc:37:1c:92:bb:9b:30:9c:3a:ac:d9:e5:9f:
7e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:9F:E2:27:E2:72:6C:AD:68:67:2C:DA:86:BF:9A:87:4F:22:45:A6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/DJ_iJ-JybK1oZyzahr-ah08iRaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.20.0/23
88.216.103.0/24
88.216.185.0/24
88.216.212.0/23
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:52:3f:9f:64:c5:17:7e:fe:4c:38:d2:81:9c:12:75:ae:02:
f8:07:bb:8c:a8:c7:62:5f:31:83:b8:d6:5e:81:c2:87:99:61:
62:75:96:16:28:c2:1f:18:c5:91:36:fb:8f:d8:ab:c1:5e:2d:
31:34:9f:20:0f:a7:01:62:cb:12:8b:ec:27:9f:99:fc:f7:52:
fa:25:e8:7c:b6:14:6b:54:4a:21:b2:00:fc:f5:d9:7d:3e:85:
1d:ce:5c:cc:12:b6:91:ff:a2:13:cb:9a:33:df:1d:b3:83:cc:
3c:7d:aa:92:3e:c1:1e:82:54:28:ee:d3:61:63:84:27:b2:5f:
d0:c6:cf:67:fe:13:91:06:9f:f3:f6:ca:a7:35:73:9b:7d:13:
1b:aa:0e:c7:40:34:50:0b:96:fb:18:ec:c2:1f:ba:4e:38:22:
43:9e:fb:00:fd:34:3d:78:0c:6f:b6:01:62:0c:f9:6b:b1:52:
16:ce:d5:4b:03:bd:07:c8:6f:27:2d:f9:e9:af:08:c7:5b:0e:
61:16:64:9d:6c:e5:21:d3:db:9b:47:9a:c4:b6:e3:f4:3c:b8:
02:9b:b9:f4:70:cc:c2:5c:d5:56:51:af:d2:a0:2c:f3:a3:c3:
ea:43:bc:03:01:b8:86:82:82:bf:aa:46:42:95:5c:b1:9a:0d:
89:10:49:3c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYe6NEqGvbUkUcMResaQ7231MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDI1MjA1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzlmZTIyN2UyNzI2Y2FkNjg2NzJjZGE4NmJmOWE4NzRmMjI0NWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxFbqxNHrEtQ8UPqbtOJbgPvXzjL
L1+y4Ecawnlc7qETMu0AhdzrYy+symcc15UaOPMmlRwuPUcnADoOIg/twxcZQ73z
/dWYq3B9ZZiD7RVzHjTRxpOlB7Hnijf9Azkxr8ZSfreykXaRaqSm0QQNL39TrKZy
ZBuKzJzaAloB8QWlTbST3mic+o/Hxzs0hsD3+2DmE1fujjydQa+NoI9FcetTLsV5
5y00rxLpaytb+8DQrJTAnYLzv/udqt1wnxBRrmhlvQlsDQFlyycLZU6FiobxcSTR
8OtpaaAqPBvasdvQtWHKgoMZAEwhHVvK2ynsaLw3HJK7mzCcOqzZ5Z9+uwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAyf4ificmytaGcs2oa/modPIkWmMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvREpfaUotSnliSzFvWnl6YWhyLWFoMDhpUmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWNgUAwQA
WNhnAwQAWNi5AwQBWNjUAwQAWNjXMA0GCSqGSIb3DQEBCwUAA4IBAQAbUj+fZMUX
fv5MONKBnBJ1rgL4B7uMqMdiXzGDuNZegcKHmWFidZYWKMIfGMWRNvuP2KvBXi0x
NJ8gD6cBYssSi+wnn5n891L6Jeh8thRrVEohsgD89dl9PoUdzlzMEraR/6ITy5oz
3x2zg8w8faqSPsEeglQo7tNhY4Qnsl/Qxs9n/hORBp/z9sqnNXObfRMbqg7HQDRQ
C5b7GOzCH7pOOCJDnvsA/TQ9eAxvtgFiDPlrsVIWztVLA70HyG8nLfnprwjHWw5h
FmSdbOUh09ubR5rEtuP0PLgCm7n0cMzCXNVWUa/SoCzzo8PqQ7wDAbiGgoK/qkZC
lVyxmg2JEEk8
-----END CERTIFICATE-----
Generated at Thu Sep 28 07:05:05 2023 by rpki-client on console-fra.rpki-client.org