Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/J1oDnFANd5yb1WcAk646Jrp6GqM.roa
File: J1oDnFANd5yb1WcAk646Jrp6GqM.roa (raw, json)
Hash identifier: JjtnGsjNwng/b1lYsDqlCGEAjoPMtnJang5CcLTiW3w=
Subject key identifier: 27:5A:03:9C:50:0D:77:9C:9B:D5:67:00:93:AE:3A:26:BA:7A:1A:A3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01888FEBC15A862253F524D9D413A2D37B6E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/J1oDnFANd5yb1WcAk646Jrp6GqM.roa
Signing time: Tue 06 Jun 2023 08:56:12 +0000
ROA not before: Tue 06 Jun 2023 08:56:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 88.216.101.0/24 maxlen: 24
84.32.105.0/24 maxlen: 24
84.32.104.0/24 maxlen: 24
84.32.228.0/24 maxlen: 24
84.32.252.0/24 maxlen: 24
84.32.253.0/24 maxlen: 24
84.32.249.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
84.32.254.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.42.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8f:eb:c1:5a:86:22:53:f5:24:d9:d4:13:a2:d3:7b:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 6 08:56:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=275a039c500d779c9bd5670093ae3a26ba7a1aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1b:68:e7:06:d3:ca:c6:29:1a:77:bc:29:ab:
de:1e:79:0b:27:bf:7e:4c:7c:b8:bd:10:0b:da:13:
a8:a5:6e:fa:e3:82:3d:62:80:be:bd:4f:74:c6:6b:
cc:0c:4b:ba:7c:5c:31:08:ed:17:2a:70:dc:d9:a1:
92:fd:75:95:76:05:d5:2e:ce:27:5c:da:eb:fb:f6:
df:14:f6:93:0b:a8:e5:ba:c2:96:27:fe:cd:a5:1f:
e2:5d:13:0a:92:3e:87:a0:2f:90:5f:47:ea:87:84:
51:3b:b0:74:4c:d4:71:fb:cc:bb:f2:a4:da:af:f2:
91:d2:dd:48:b5:0b:18:b9:9e:d4:f6:2e:97:0c:55:
23:ba:f1:5f:21:68:ef:81:5d:8c:15:7f:cd:fb:a6:
61:37:2e:9f:3d:6c:63:bc:b4:e3:ea:fe:e0:54:7d:
cd:64:28:1d:d0:1c:8f:90:8e:7e:dd:ef:50:3e:1d:
8c:e7:bf:9e:eb:63:67:71:91:78:2d:e1:44:03:57:
03:20:85:d7:f3:5c:1c:c9:24:37:bd:d5:9b:b4:f9:
80:09:f1:b3:fc:32:8b:22:74:b0:d2:2a:1b:f5:d6:
34:9e:32:a6:8e:97:9f:2f:11:4d:57:be:95:2d:41:
db:df:52:53:d9:1b:29:d0:7b:69:61:3a:8b:f5:c5:
19:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:5A:03:9C:50:0D:77:9C:9B:D5:67:00:93:AE:3A:26:BA:7A:1A:A3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/J1oDnFANd5yb1WcAk646Jrp6GqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.104.0/23
84.32.228.0/24
84.32.249.0/24
84.32.252.0-84.32.254.255
88.216.38.0/23
88.216.42.0/24
88.216.101.0/24
Signature Algorithm: sha256WithRSAEncryption
70:df:12:72:c9:e7:c3:c9:67:6d:18:4c:76:42:42:30:33:93:
46:63:3a:b9:5a:50:c4:4e:7e:01:aa:b7:b1:06:a4:d1:c5:70:
e2:f0:44:10:2d:56:77:c3:1f:73:e6:b0:a6:46:54:c3:bd:4c:
0a:b4:7e:45:1f:2a:a8:29:7b:77:9b:a6:bc:8b:d3:17:c0:dc:
47:2a:20:5f:a8:da:f5:bd:4f:ec:ec:2f:1f:45:5f:f0:05:37:
68:da:a9:1e:e4:40:c7:0a:d6:62:af:43:44:4f:f2:65:60:5a:
23:4b:06:ee:f6:65:0b:80:e4:e0:75:26:ef:2d:f1:65:f7:e4:
6b:c1:0e:f2:dd:32:4d:5a:d7:97:76:da:d2:11:53:24:17:c4:
7d:1c:d7:9f:04:41:b6:48:be:5b:34:21:9a:8a:99:a4:ba:9c:
d8:e0:2d:d4:54:0a:91:05:4f:70:d7:0d:96:7e:e3:5e:0c:b2:
b3:ef:64:9f:f8:a5:d6:b2:c5:63:cf:07:43:c1:16:1a:14:5e:
61:a3:9b:9a:11:fd:15:58:69:e1:3c:3b:e2:98:5f:72:62:14:
20:43:f1:f1:3c:41:75:95:c9:f2:36:07:62:dc:bc:06:65:88:
10:57:22:2c:e5:8f:f2:42:78:68:d0:4a:e0:e2:8e:c3:68:2a:
6c:72:be:68
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYiP68FahiJT9STZ1BOi03tuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjA2MDg1NjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzVhMDM5YzUwMGQ3NzljOWJkNTY3MDA5M2FlM2EyNmJhN2ExYWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBto5wbTysYpGne8KaveHnkLJ79+
THy4vRAL2hOopW7644I9YoC+vU90xmvMDEu6fFwxCO0XKnDc2aGS/XWVdgXVLs4n
XNrr+/bfFPaTC6jlusKWJ/7NpR/iXRMKkj6HoC+QX0fqh4RRO7B0TNRx+8y78qTa
r/KR0t1ItQsYuZ7U9i6XDFUjuvFfIWjvgV2MFX/N+6ZhNy6fPWxjvLTj6v7gVH3N
ZCgd0ByPkI5+3e9QPh2M57+e62NncZF4LeFEA1cDIIXX81wcySQ3vdWbtPmACfGz
/DKLInSw0iob9dY0njKmjpefLxFNV76VLUHb31JT2Rsp0HtpYTqL9cUZTwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFCdaA5xQDXecm9VnAJOuOia6ehqjMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSjFvRG5GQU5kNXliMVdjQWs2NDZKcnA2R3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBVCBoAwQA
VCDkAwQAVCD5MAwDBAJUIPwDBABUIP4DBAFY2CYDBABY2CoDBABY2GUwDQYJKoZI
hvcNAQELBQADggEBAHDfEnLJ58PJZ20YTHZCQjAzk0ZjOrlaUMROfgGqt7EGpNHF
cOLwRBAtVnfDH3PmsKZGVMO9TAq0fkUfKqgpe3ebpryL0xfA3EcqIF+o2vW9T+zs
Lx9FX/AFN2jaqR7kQMcK1mKvQ0RP8mVgWiNLBu72ZQuA5OB1Ju8t8WX35GvBDvLd
Mk1a15d22tIRUyQXxH0c158EQbZIvls0IZqKmaS6nNjgLdRUCpEFT3DXDZZ+414M
srPvZJ/4pdayxWPPB0PBFhoUXmGjm5oR/RVYaeE8O+KYX3JiFCBD8fE8QXWVyfI2
B2LcvAZliBBXIizlj/JCeGjQSuDijsNoKmxyvmg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org