Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LmlshHKkZpmLG2AAyQ-xm8goeO8.roa
File: LmlshHKkZpmLG2AAyQ-xm8goeO8.roa (raw, json)
Hash identifier: w1iM7G+/c/DBeiI+OiqDuDjBynWC/3fGyYsY98UCH9U=
Subject key identifier: 2E:69:6C:84:72:A4:66:99:8B:1B:60:00:C9:0F:B1:9B:C8:28:78:EF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019310F21982CA31B7ECB5F209463D15CFCA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LmlshHKkZpmLG2AAyQ-xm8goeO8.roa
Signing time: Sat 09 Nov 2024 12:42:01 +0000
ROA not before: Sat 09 Nov 2024 12:42:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 88.216.57.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:10:f2:19:82:ca:31:b7:ec:b5:f2:09:46:3d:15:cf:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 9 12:42:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e696c8472a466998b1b6000c90fb19bc82878ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:97:49:af:51:d0:c7:74:2e:16:8b:83:66:a5:
00:64:72:82:fe:82:7d:1e:53:9f:a7:2a:d4:00:3e:
af:f8:e1:69:39:de:6e:d6:2d:9e:44:1a:e8:d2:ae:
4d:48:88:48:bc:8b:8e:a0:fe:ab:b3:1e:d4:39:d3:
59:26:33:89:fa:5d:75:8a:a2:a0:9d:09:d1:45:5d:
b8:44:47:af:06:88:68:b0:c3:85:c9:13:20:1f:33:
f1:00:ac:3d:60:02:30:be:85:62:ae:c2:af:90:39:
45:c0:f6:02:58:e8:4c:4f:2f:be:5b:a0:b2:f0:cf:
cb:fb:b8:27:cc:01:24:3c:e4:11:88:87:ad:37:96:
f7:da:26:86:7a:ab:87:b2:2d:f9:d8:ad:64:c1:f6:
67:cc:7c:f7:5d:2a:9d:c3:30:e6:b2:be:78:2a:59:
05:9b:20:50:f0:c6:7a:b3:09:a0:55:0a:3c:a1:9d:
88:4f:05:61:93:8f:21:5e:5b:54:78:30:a9:08:39:
18:64:c0:e9:12:55:f6:ed:f4:b2:2c:f9:47:c7:f8:
a4:11:58:e0:66:4a:8f:eb:60:f6:67:1f:30:57:98:
95:cf:a3:d9:22:15:2a:3d:b2:a3:a3:5a:96:25:25:
f5:e8:f0:f5:a5:0f:27:bd:9e:45:dd:b8:d1:11:93:
56:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:69:6C:84:72:A4:66:99:8B:1B:60:00:C9:0F:B1:9B:C8:28:78:EF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LmlshHKkZpmLG2AAyQ-xm8goeO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.57.0/24
88.216.181.0/24
88.216.228.0/22
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
32:00:e7:f8:b9:b7:a5:64:dd:c8:9c:b8:67:98:82:67:00:1e:
69:c4:35:7b:67:c8:70:d3:15:52:b7:62:75:82:71:bb:99:f4:
7f:3c:0f:e0:77:2a:12:b3:09:29:bb:5d:48:5b:06:b2:2b:98:
da:72:e6:4e:1b:e2:66:c1:d1:89:e1:3f:23:7d:48:27:d9:2f:
98:00:a2:4d:31:61:b6:6e:5e:a8:d7:bb:a3:4c:c7:7f:d4:cb:
8f:ab:f1:44:ee:e5:e5:b0:8d:90:bb:48:14:54:99:9c:d4:56:
53:af:16:dc:6a:cb:d1:15:68:fa:c7:7c:77:8f:be:68:d9:ce:
03:8e:08:6e:e7:c4:08:4b:1a:45:55:77:dd:ed:2b:6d:89:98:
b9:f7:a9:7b:2c:32:ff:a9:a0:f1:0e:30:08:2b:fa:b2:92:bc:
4b:17:a0:2f:5b:52:a2:e0:c9:b2:76:7e:ae:30:98:94:d0:4b:
ee:ad:c9:4f:b7:d9:7a:54:6c:11:78:bc:92:72:00:85:f1:99:
95:8a:32:c3:d3:ea:47:40:40:32:e2:68:5d:4f:70:24:a2:42:
fb:7f:65:38:c5:e2:32:18:25:80:cc:7a:dc:b9:5a:b7:5b:e2:
a4:db:ac:98:75:80:6a:7a:f0:e8:d9:44:cf:4f:40:d2:66:6a:
6d:94:b7:79
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMQ8hmCyjG37LXyCUY9Fc/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQxMTA5MTI0MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTY5NmM4NDcyYTQ2Njk5OGIxYjYwMDBjOTBmYjE5YmM4Mjg3OGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpdJr1HQx3QuFouDZqUAZHKC/oJ9
HlOfpyrUAD6v+OFpOd5u1i2eRBro0q5NSIhIvIuOoP6rsx7UOdNZJjOJ+l11iqKg
nQnRRV24REevBohosMOFyRMgHzPxAKw9YAIwvoVirsKvkDlFwPYCWOhMTy++W6Cy
8M/L+7gnzAEkPOQRiIetN5b32iaGequHsi352K1kwfZnzHz3XSqdwzDmsr54KlkF
myBQ8MZ6swmgVQo8oZ2ITwVhk48hXltUeDCpCDkYZMDpElX27fSyLPlHx/ikEVjg
ZkqP62D2Zx8wV5iVz6PZIhUqPbKjo1qWJSX16PD1pQ8nvZ5F3bjREZNW8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC5pbIRypGaZixtgAMkPsZvIKHjvMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTG1sc2hIS2tacG1MRzJBQXlRLXhtOGdvZU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWNg5AwQA
WNi1AwQCWNjkAwQCWNjsMA0GCSqGSIb3DQEBCwUAA4IBAQAyAOf4ubelZN3InLhn
mIJnAB5pxDV7Z8hw0xVSt2J1gnG7mfR/PA/gdyoSswkpu11IWwayK5jacuZOG+Jm
wdGJ4T8jfUgn2S+YAKJNMWG2bl6o17ujTMd/1MuPq/FE7uXlsI2Qu0gUVJmc1FZT
rxbcasvRFWj6x3x3j75o2c4Djghu58QISxpFVXfd7SttiZi596l7LDL/qaDxDjAI
K/qykrxLF6AvW1Ki4Mmydn6uMJiU0EvurclPt9l6VGwReLyScgCF8ZmVijLD0+pH
QEAy4mhdT3AkokL7f2U4xeIyGCWAzHrcuVq3W+Kk26yYdYBqevDo2UTPT0DSZmpt
lLd5
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:51:45 2025 by rpki-client