Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IHuh7csSqP68id3D1qRcxHCFsZU.roa
File: IHuh7csSqP68id3D1qRcxHCFsZU.roa (raw, json)
Hash identifier: uFZXe9mol1oUMOID/UKeFaZetBDgD9SR+Zber5Y23v4=
Subject key identifier: 20:7B:A1:ED:CB:12:A8:FE:BC:89:DD:C3:D6:A4:5C:C4:70:85:B1:95
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018B9BB33A078BEACDBD7A7EF1B867825DCC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IHuh7csSqP68id3D1qRcxHCFsZU.roa
Signing time: Sat 04 Nov 2023 18:58:16 +0000
ROA not before: Sat 04 Nov 2023 18:58:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 88.216.129.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9b:b3:3a:07:8b:ea:cd:bd:7a:7e:f1:b8:67:82:5d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 4 18:58:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=207ba1edcb12a8febc89ddc3d6a45cc47085b195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:78:51:f0:1a:9f:00:a6:eb:ad:12:0a:16:76:
64:fa:dd:8b:c8:3a:de:53:e9:e6:69:b1:c3:a2:7e:
ca:44:6c:98:e3:64:79:be:85:8f:fc:a1:c6:1b:f9:
04:ca:5c:d5:9f:4f:9a:c6:7d:c1:56:98:bd:76:79:
11:2d:fc:89:89:d2:ba:e7:2d:7a:d5:16:f2:dc:03:
1f:b5:ab:ed:f9:d8:10:a9:a1:bd:b9:07:49:a6:c9:
02:92:37:72:84:2a:52:9b:30:29:5e:3b:a6:7d:b1:
73:80:5c:e5:1e:b9:ae:fe:ec:1d:4e:32:e3:01:cb:
10:f0:97:d9:83:95:82:52:0f:3e:f2:41:35:9e:fa:
7c:3a:ae:be:2d:11:52:1e:12:fb:ad:41:29:b2:5c:
f9:e0:54:65:ed:22:c7:5f:a3:7a:d7:81:31:69:49:
7b:e8:0c:ea:b8:21:e5:36:5f:8c:fb:fc:f7:91:9e:
75:3b:8a:a0:fd:71:ba:a4:69:79:74:a1:3a:bd:8a:
10:d7:5e:1b:59:07:29:41:82:e7:65:59:2a:57:da:
40:b1:a4:b4:b3:69:8b:09:6a:35:04:e2:bd:93:28:
a1:6a:f9:32:f1:2a:75:12:23:52:51:18:03:0d:60:
1c:44:a9:d2:c0:b6:05:bd:a6:6a:46:16:fe:f0:00:
10:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:7B:A1:ED:CB:12:A8:FE:BC:89:DD:C3:D6:A4:5C:C4:70:85:B1:95
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IHuh7csSqP68id3D1qRcxHCFsZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.129.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:20:34:00:b4:5e:0e:56:07:44:af:82:f7:ed:ce:37:1f:01:
59:07:7e:c0:9d:fc:af:0b:e7:68:7f:99:63:85:ec:1c:d2:08:
77:93:c6:57:c9:73:0c:ab:ed:91:9b:e3:68:64:18:ba:18:32:
ca:e6:e3:82:54:b0:a7:e8:e2:80:93:2e:6a:9b:bc:d3:d7:87:
a5:3c:05:71:3b:44:f0:d7:2b:3f:3b:5a:04:43:7f:44:d4:44:
ab:e7:42:f6:31:d4:ef:a6:cc:c3:75:27:57:6c:89:16:a8:a8:
b1:5a:a5:49:73:8f:c2:95:00:f1:8a:27:e3:ac:98:57:1c:ff:
f5:cb:d7:30:f4:67:75:b0:90:d1:79:b5:f3:a3:47:97:0f:20:
14:45:1f:d2:88:75:6a:a7:fa:97:8d:5d:88:13:d8:43:14:2f:
52:db:d7:83:f7:ca:ba:89:72:d7:c8:81:12:32:80:b5:38:5f:
d7:2c:b1:d2:8f:b9:a2:cf:e0:fb:e6:63:48:8c:4f:98:43:ad:
23:8a:e5:93:cb:d8:84:36:8b:a6:08:65:96:63:8a:da:5d:b7:
e6:f2:da:62:0e:32:3e:fb:00:53:8b:1e:8b:5a:f4:c6:54:cd:
0b:4d:2e:cc:6e:69:07:a1:33:ea:3e:a6:46:35:af:1d:3b:41:
d4:68:f2:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYubszoHi+rNvXp+8bhngl3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMTA0MTg1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDdiYTFlZGNiMTJhOGZlYmM4OWRkYzNkNmE0NWNjNDcwODViMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXhR8BqfAKbrrRIKFnZk+t2LyDre
U+nmabHDon7KRGyY42R5voWP/KHGG/kEylzVn0+axn3BVpi9dnkRLfyJidK65y16
1Rby3AMftavt+dgQqaG9uQdJpskCkjdyhCpSmzApXjumfbFzgFzlHrmu/uwdTjLj
AcsQ8JfZg5WCUg8+8kE1nvp8Oq6+LRFSHhL7rUEpslz54FRl7SLHX6N614ExaUl7
6AzquCHlNl+M+/z3kZ51O4qg/XG6pGl5dKE6vYoQ114bWQcpQYLnZVkqV9pAsaS0
s2mLCWo1BOK9kyihavky8Sp1EiNSURgDDWAcRKnSwLYFvaZqRhb+8AAQmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCB7oe3LEqj+vIndw9akXMRwhbGVMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSUh1aDdjc1NxUDY4aWQzRDFxUmN4SENGc1pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNiBMA0G
CSqGSIb3DQEBCwUAA4IBAQBdIDQAtF4OVgdEr4L37c43HwFZB37AnfyvC+dof5lj
hewc0gh3k8ZXyXMMq+2Rm+NoZBi6GDLK5uOCVLCn6OKAky5qm7zT14elPAVxO0Tw
1ys/O1oEQ39E1ESr50L2MdTvpszDdSdXbIkWqKixWqVJc4/ClQDxiifjrJhXHP/1
y9cw9Gd1sJDRebXzo0eXDyAURR/SiHVqp/qXjV2IE9hDFC9S29eD98q6iXLXyIES
MoC1OF/XLLHSj7miz+D75mNIjE+YQ60jiuWTy9iENoumCGWWY4raXbfm8tpiDjI+
+wBTix6LWvTGVM0LTS7MbmkHoTPqPqZGNa8dO0HUaPIj
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:49 2024 by rpki-client on console-fra.rpki-client.org