Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/G0abfdEFvKCDixr6IC_poyfPOnU.roa
File: G0abfdEFvKCDixr6IC_poyfPOnU.roa (raw, json)
Hash identifier: e4F7Epwk9osVEE6C/9qHTTws+80A2W3hHfTzTyHVR+U=
Subject key identifier: 1B:46:9B:7D:D1:05:BC:A0:83:8B:1A:FA:20:2F:E9:A3:27:CF:3A:75
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC50137F3589C3C7EF31CAAE1AFE81E29
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/G0abfdEFvKCDixr6IC_poyfPOnU.roa
Signing time: Mon 01 Jan 2024 12:30:40 +0000
ROA not before: Mon 01 Jan 2024 12:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 88.216.60.0/22 maxlen: 24
84.32.108.0/22 maxlen: 24
84.32.48.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 17:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:37:f3:58:9c:3c:7e:f3:1c:aa:e1:af:e8:1e:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b469b7dd105bca0838b1afa202fe9a327cf3a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ce:87:de:b7:61:2d:97:88:0b:63:63:c9:fe:
fa:e6:9b:10:f8:43:70:ec:30:d6:94:29:33:11:6c:
27:c6:9b:7e:f1:ba:54:6d:55:8c:b3:99:52:04:15:
00:14:6f:66:66:40:cd:20:8a:96:c5:23:84:ca:8b:
36:ac:e3:c9:e5:44:4c:25:10:cf:c2:6f:d5:90:3f:
8c:02:8a:05:81:53:50:1f:f6:b0:e9:ed:b3:57:2f:
81:68:11:59:2a:a6:3e:e8:f7:67:ae:9f:ac:4b:b7:
9c:20:94:60:e2:4a:eb:49:c7:dd:50:a7:14:0d:f4:
4b:02:b5:6a:81:e2:06:71:61:1f:ac:8a:5c:fc:8f:
46:e8:70:ee:ff:b9:79:cb:b6:93:c7:91:e8:aa:01:
a9:7d:ef:a5:ea:3c:c3:6f:fc:13:b9:f9:49:c3:dd:
0e:42:05:74:3d:56:f6:7a:f9:74:4e:5d:98:e8:59:
e5:a8:ee:b7:c9:b9:24:4f:90:39:c5:cd:90:09:9a:
06:b7:92:58:49:d5:73:d8:a1:70:3f:11:0a:99:70:
20:e1:2e:f8:ab:21:1f:74:b2:aa:6a:0e:9f:ca:4b:
40:84:f9:07:27:64:bc:d3:c8:0d:03:89:a5:02:a0:
3e:1c:1d:7f:cd:6c:e0:a8:e5:43:9f:63:d1:9c:06:
09:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:46:9B:7D:D1:05:BC:A0:83:8B:1A:FA:20:2F:E9:A3:27:CF:3A:75
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/G0abfdEFvKCDixr6IC_poyfPOnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.48.0/22
84.32.108.0/22
88.216.60.0/22
Signature Algorithm: sha256WithRSAEncryption
74:e9:9e:d0:d6:12:1b:65:cb:3d:8a:49:25:04:b8:89:5a:c4:
c0:46:04:fa:f1:b2:6e:27:6e:59:9b:8f:0c:c6:b3:31:92:19:
19:89:9e:70:40:24:9b:78:d7:64:74:4e:bb:56:4c:be:b1:88:
98:36:a3:10:40:e3:43:44:fd:5e:85:9b:35:f0:88:85:82:ce:
42:d0:ce:81:7c:f2:53:36:9b:a5:45:1f:fd:50:b5:5b:47:0d:
58:12:43:14:fd:37:61:52:42:92:04:d3:cf:4c:a4:64:76:0a:
d5:51:4c:b1:ee:a5:db:bd:b8:de:fe:b9:be:e7:c4:bf:9f:45:
83:90:f9:f4:80:dd:fd:d9:54:f4:33:53:1c:e3:6a:8c:78:f4:
43:c4:f9:0d:6f:48:58:bd:6a:72:4f:62:82:df:3f:fd:3b:31:
1c:4b:65:41:d3:6e:4b:e8:9e:d6:69:31:7a:bf:2c:40:74:dc:
51:d4:68:ea:16:aa:71:29:86:a4:02:c8:e1:f3:2f:bc:24:89:
0f:b0:3f:8b:40:f2:06:52:92:12:cf:ae:06:83:24:83:a8:58:
1a:62:84:62:17:34:9b:c1:19:01:2e:0a:57:af:b4:6f:ef:fa:
47:f3:a4:1c:96:ee:72:ff:71:07:a5:ad:25:d3:ac:d9:75:eb:
e4:f1:01:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFATfzWJw8fvMcquGv6B4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjQ2OWI3ZGQxMDViY2EwODM4YjFhZmEyMDJmZTlhMzI3Y2YzYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhs6H3rdhLZeIC2Njyf765psQ+ENw
7DDWlCkzEWwnxpt+8bpUbVWMs5lSBBUAFG9mZkDNIIqWxSOEyos2rOPJ5URMJRDP
wm/VkD+MAooFgVNQH/aw6e2zVy+BaBFZKqY+6Pdnrp+sS7ecIJRg4krrScfdUKcU
DfRLArVqgeIGcWEfrIpc/I9G6HDu/7l5y7aTx5HoqgGpfe+l6jzDb/wTuflJw90O
QgV0PVb2evl0Tl2Y6FnlqO63ybkkT5A5xc2QCZoGt5JYSdVz2KFwPxEKmXAg4S74
qyEfdLKqag6fyktAhPkHJ2S808gNA4mlAqA+HB1/zWzgqOVDn2PRnAYJHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBtGm33RBbygg4sa+iAv6aMnzzp1MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRzBhYmZkRUZ2S0NEaXhyNklDX3BveWZQT25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVCAwAwQC
VCBsAwQCWNg8MA0GCSqGSIb3DQEBCwUAA4IBAQB06Z7Q1hIbZcs9ikklBLiJWsTA
RgT68bJuJ25Zm48MxrMxkhkZiZ5wQCSbeNdkdE67Vky+sYiYNqMQQONDRP1ehZs1
8IiFgs5C0M6BfPJTNpulRR/9ULVbRw1YEkMU/TdhUkKSBNPPTKRkdgrVUUyx7qXb
vbje/rm+58S/n0WDkPn0gN392VT0M1Mc42qMePRDxPkNb0hYvWpyT2KC3z/9OzEc
S2VB025L6J7WaTF6vyxAdNxR1GjqFqpxKYakAsjh8y+8JIkPsD+LQPIGUpISz64G
gySDqFgaYoRiFzSbwRkBLgpXr7Rv7/pH86Qclu5y/3EHpa0l06zZdevk8QHK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org