Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GDgPbVnQrnpoBHmQEv1FbMqJ2HQ.roa
File: GDgPbVnQrnpoBHmQEv1FbMqJ2HQ.roa (raw, json)
Hash identifier: Qt/0/PdZW7xs4h2pxisJzPWPBNI3MT/J4D0xUMvuxlQ=
Subject key identifier: 18:38:0F:6D:59:D0:AE:7A:68:04:79:90:12:FD:45:6C:CA:89:D8:74
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018D5147DA71C1F9C08BC16BC822D6CD50E9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GDgPbVnQrnpoBHmQEv1FbMqJ2HQ.roa
Signing time: Sun 28 Jan 2024 18:14:39 +0000
ROA not before: Sun 28 Jan 2024 18:14:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43289
IP address blocks: 88.216.198.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 07:19:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:51:47:da:71:c1:f9:c0:8b:c1:6b:c8:22:d6:cd:50:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 28 18:14:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18380f6d59d0ae7a6804799012fd456cca89d874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6e:1a:cd:3d:81:df:29:81:c9:8c:2c:ab:3f:
15:a2:fe:7c:1e:75:f7:65:da:dc:f1:ee:85:3b:61:
99:29:c8:f8:c6:48:17:83:45:f8:fe:0a:db:8f:4a:
94:74:8a:13:a2:34:1f:3f:93:df:6b:d8:71:2d:3f:
45:e9:60:ba:b0:14:89:59:c4:24:af:e8:fe:43:fe:
6d:80:94:aa:6f:39:1a:54:9c:2e:ea:af:f4:c3:72:
93:d0:8d:95:b8:12:47:3d:97:fc:54:6a:e8:7c:3d:
1e:23:cc:57:b5:65:f1:7c:a3:e2:57:a7:c7:ae:43:
ea:2e:df:61:a8:2e:2a:c5:cf:f6:5d:78:cb:9c:e8:
ea:ce:27:5e:fe:cd:6f:b0:2a:92:83:c7:e4:dd:ae:
37:70:60:14:e6:9e:ff:76:87:30:19:fa:53:81:42:
54:cf:ee:38:ad:72:5b:83:91:d2:10:12:3f:de:2d:
a4:c3:98:61:84:17:7b:64:e9:36:37:d7:c2:d6:83:
01:1e:35:21:f1:4e:a6:1b:ab:13:78:08:57:f0:76:
4a:44:37:9d:30:f7:da:f4:85:c0:30:2a:83:f1:7c:
0f:7e:62:8d:40:57:c8:17:d6:9d:e1:4d:a5:22:60:
32:a0:99:f2:18:d1:6d:73:af:00:3b:f6:7b:70:c2:
60:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:38:0F:6D:59:D0:AE:7A:68:04:79:90:12:FD:45:6C:CA:89:D8:74
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GDgPbVnQrnpoBHmQEv1FbMqJ2HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.198.0/24
88.216.211.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:c7:94:e9:12:c1:c4:c6:9d:d1:ef:44:f2:86:b4:ca:7f:f7:
95:52:91:78:09:52:a9:02:56:8d:95:06:ba:77:d0:91:56:c4:
b2:82:54:cd:dd:2e:5b:dc:8f:69:8a:50:16:ec:b5:24:cc:ef:
fc:20:18:43:9a:2c:6f:ad:b1:0b:2d:39:ec:23:25:b3:3b:6e:
38:ca:d8:67:89:c7:a3:11:56:73:df:f4:bc:85:9d:f7:6a:bf:
d4:db:01:d4:c5:d6:c3:83:5c:7d:09:e6:3e:a7:7a:f5:cb:bd:
fa:e2:5c:1b:5e:80:bd:f9:7f:2a:71:f0:87:e4:a7:fb:f0:c9:
23:d5:d5:1e:f7:29:33:e2:94:18:8c:51:ae:92:a9:4a:0b:e4:
9e:2d:f6:f6:68:d3:1d:14:5d:23:0a:7c:bf:52:0e:03:17:86:
66:30:ba:a2:81:20:c9:8c:4b:c8:05:4e:9d:83:44:c7:ab:4a:
4f:8b:ea:c6:ce:ba:ba:b8:0b:c8:88:ec:96:b8:04:3c:c4:79:
00:4a:50:cb:63:51:44:c6:e2:a1:94:e6:6d:8c:b5:2d:68:41:
ba:d8:be:25:ee:a8:3f:2c:12:7c:7a:11:8b:31:89:98:91:dd:
25:75:7b:1f:9f:fd:f3:3d:40:08:87:69:b2:a9:bf:ff:f0:d7:
09:8d:07:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1RR9pxwfnAi8FryCLWzVDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTI4MTgxNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODM4MGY2ZDU5ZDBhZTdhNjgwNDc5OTAxMmZkNDU2Y2NhODlkODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG4azT2B3ymByYwsqz8Vov58HnX3
Zdrc8e6FO2GZKcj4xkgXg0X4/grbj0qUdIoTojQfP5Pfa9hxLT9F6WC6sBSJWcQk
r+j+Q/5tgJSqbzkaVJwu6q/0w3KT0I2VuBJHPZf8VGrofD0eI8xXtWXxfKPiV6fH
rkPqLt9hqC4qxc/2XXjLnOjqzide/s1vsCqSg8fk3a43cGAU5p7/docwGfpTgUJU
z+44rXJbg5HSEBI/3i2kw5hhhBd7ZOk2N9fC1oMBHjUh8U6mG6sTeAhX8HZKRDed
MPfa9IXAMCqD8XwPfmKNQFfIF9ad4U2lImAyoJnyGNFtc68AO/Z7cMJgbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBg4D21Z0K56aAR5kBL9RWzKidh0MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvR0RnUGJWblFybnBvQkhtUUV2MUZiTXFKMkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNjGAwQA
WNjTMA0GCSqGSIb3DQEBCwUAA4IBAQA8x5TpEsHExp3R70TyhrTKf/eVUpF4CVKp
AlaNlQa6d9CRVsSyglTN3S5b3I9pilAW7LUkzO/8IBhDmixvrbELLTnsIyWzO244
ythnicejEVZz3/S8hZ33ar/U2wHUxdbDg1x9CeY+p3r1y7364lwbXoC9+X8qcfCH
5Kf78Mkj1dUe9ykz4pQYjFGukqlKC+SeLfb2aNMdFF0jCny/Ug4DF4ZmMLqigSDJ
jEvIBU6dg0THq0pPi+rGzrq6uAvIiOyWuAQ8xHkASlDLY1FExuKhlOZtjLUtaEG6
2L4l7qg/LBJ8ehGLMYmYkd0ldXsfn/3zPUAIh2myqb//8NcJjQee
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org