Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OISpTxA503yChc9pXerSgLNNmvY.roa
File: OISpTxA503yChc9pXerSgLNNmvY.roa (raw, json)
Hash identifier: RiHC4c3ZshrmWQR23xoBGxAKGJhkKDc9fpSk0GP7TRU=
Subject key identifier: 38:84:A9:4F:10:39:D3:7C:82:85:CF:69:5D:EA:D2:80:B3:4D:9A:F6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFB1391D50591BC21F1A68827A2770
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OISpTxA503yChc9pXerSgLNNmvY.roa
Signing time: Sun 01 Jan 2023 18:54:46 +0000
ROA not before: Sun 01 Jan 2023 18:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 88.216.208.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jan 2023 06:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:b1:39:1d:50:59:1b:c2:1f:1a:68:82:7a:27:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3884a94f1039d37c8285cf695dead280b34d9af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d8:f2:50:7d:53:08:3a:ee:d5:3c:09:ca:99:
4d:ed:90:fc:df:9b:49:54:65:9f:63:84:51:a5:4d:
35:b6:98:89:56:9e:cc:60:4f:18:e7:bd:e5:8a:7a:
31:be:14:be:6b:87:e9:06:0e:72:bc:d3:38:e8:38:
b0:00:77:c9:33:25:5b:2b:1d:1c:aa:34:54:37:42:
57:6a:12:5b:98:a6:45:25:24:18:45:d2:38:b3:61:
2a:1e:f8:97:94:95:b2:a2:2f:3b:72:43:ea:ed:66:
43:af:1d:5d:d7:3d:c1:3d:4f:28:67:78:fe:4a:a5:
ad:cd:db:47:69:7e:fc:18:d3:f1:7a:6c:dd:b4:66:
c7:5b:69:5c:ae:d5:7c:db:2e:16:36:23:6a:a1:4b:
70:2a:ec:f8:e2:1e:62:9e:e9:21:e7:21:0a:8a:57:
69:aa:03:70:7f:53:1e:99:a9:f6:9b:65:0e:94:a1:
7f:88:d6:f6:b3:17:25:fd:9c:69:f6:d1:65:64:f3:
2a:48:88:8e:28:46:7f:7e:15:8d:31:6c:cb:45:c5:
6f:d6:88:d8:c3:2a:5f:7a:d8:15:1f:76:95:f1:1f:
6a:76:d6:0b:75:2c:c8:05:32:68:46:13:f9:58:a7:
79:fc:b2:8c:14:53:bd:b2:24:03:c1:23:a1:f9:bc:
83:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:84:A9:4F:10:39:D3:7C:82:85:CF:69:5D:EA:D2:80:B3:4D:9A:F6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OISpTxA503yChc9pXerSgLNNmvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/22
88.216.208.0/24
Signature Algorithm: sha256WithRSAEncryption
14:9f:54:79:2d:ac:f8:b9:c2:a5:a2:57:5f:1e:87:ff:71:ff:
fb:39:9f:18:3a:3d:6b:f5:a5:43:01:f5:0a:86:f3:e8:58:f0:
a6:8e:09:b1:0f:c8:40:62:3d:36:65:61:33:71:51:15:5f:a8:
89:da:1d:73:11:b4:6f:25:29:f3:6e:aa:3f:1f:9b:cc:1b:57:
74:f4:25:74:96:aa:86:9a:5a:29:9d:1e:09:e6:a0:77:9d:1f:
6a:36:f4:e5:ff:3d:04:94:25:36:de:4f:13:3f:a6:cc:49:19:
24:8c:bc:3e:8e:c1:9d:24:59:c8:12:48:76:b5:de:67:42:48:
e1:48:03:5d:f6:63:34:28:23:19:cd:e1:e3:7b:13:29:e5:7d:
11:a7:7b:1e:e9:ef:52:ad:e1:cd:35:c3:a9:a9:41:a1:18:b2:
0f:a6:6f:21:ad:f2:f8:dd:9f:2f:5d:95:c8:71:87:09:2e:85:
05:9e:d4:4f:0f:ca:b6:cb:a5:42:96:62:23:f7:6d:3e:ef:81:
8e:34:40:bd:c9:2c:d0:64:1c:73:95:cf:a3:c9:8c:16:fa:24:
f4:4e:86:8c:da:e2:47:bb:5b:f4:7d:76:16:48:e7:08:36:da:
c6:a0:fb:e4:a1:a2:8a:ec:73:10:06:18:90:61:fc:d1:4e:28:
5c:e0:da:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVur7E5HVBZG8IfGmiCeidwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODg0YTk0ZjEwMzlkMzdjODI4NWNmNjk1ZGVhZDI4MGIzNGQ5YWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNjyUH1TCDru1TwJyplN7ZD835tJ
VGWfY4RRpU01tpiJVp7MYE8Y573linoxvhS+a4fpBg5yvNM46DiwAHfJMyVbKx0c
qjRUN0JXahJbmKZFJSQYRdI4s2EqHviXlJWyoi87ckPq7WZDrx1d1z3BPU8oZ3j+
SqWtzdtHaX78GNPxemzdtGbHW2lcrtV82y4WNiNqoUtwKuz44h5inukh5yEKildp
qgNwf1Meman2m2UOlKF/iNb2sxcl/Zxp9tFlZPMqSIiOKEZ/fhWNMWzLRcVv1ojY
wypfetgVH3aV8R9qdtYLdSzIBTJoRhP5WKd5/LKMFFO9siQDwSOh+byD0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDiEqU8QOdN8goXPaV3q0oCzTZr2MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvT0lTcFR4QTUwM3lDaGM5cFhlclNnTE5ObXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVCAUAwQA
WNjQMA0GCSqGSIb3DQEBCwUAA4IBAQAUn1R5Laz4ucKloldfHof/cf/7OZ8YOj1r
9aVDAfUKhvPoWPCmjgmxD8hAYj02ZWEzcVEVX6iJ2h1zEbRvJSnzbqo/H5vMG1d0
9CV0lqqGmlopnR4J5qB3nR9qNvTl/z0ElCU23k8TP6bMSRkkjLw+jsGdJFnIEkh2
td5nQkjhSANd9mM0KCMZzeHjexMp5X0Rp3se6e9SreHNNcOpqUGhGLIPpm8hrfL4
3Z8vXZXIcYcJLoUFntRPD8q2y6VClmIj920+74GONEC9ySzQZBxzlc+jyYwW+iT0
ToaM2uJHu1v0fXYWSOcINtrGoPvkoaKK7HMQBhiQYfzRTihc4NpL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org