Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OKt7e16NzOwq7czZlyAB2s9m1Ug.roa
File: OKt7e16NzOwq7czZlyAB2s9m1Ug.roa (raw, json)
Hash identifier: HU3Sred5pI5q6gqZ8cix1/Gpwjz/aScw6iZqXOa/630=
Subject key identifier: 38:AB:7B:7B:5E:8D:CC:EC:2A:ED:CC:D9:97:20:01:DA:CF:66:D5:48
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0189F5455270A601BFA20531E092AA55E717
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OKt7e16NzOwq7czZlyAB2s9m1Ug.roa
Signing time: Mon 14 Aug 2023 18:18:28 +0000
ROA not before: Mon 14 Aug 2023 18:18:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 88.216.240.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f5:45:52:70:a6:01:bf:a2:05:31:e0:92:aa:55:e7:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 14 18:18:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38ab7b7b5e8dccec2aedccd9972001dacf66d548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e1:40:de:97:7d:01:17:98:4a:98:d2:06:1f:
80:88:6d:f1:cf:d5:ee:d7:e6:09:34:cc:5e:fd:fb:
c3:ec:9a:6b:17:9b:a9:f7:a9:cd:9c:93:b5:06:cc:
12:7e:6a:24:77:2c:e3:86:f5:ba:a7:f7:22:0b:c8:
c8:06:86:8f:30:d2:cb:41:fb:fb:9c:d7:72:be:34:
80:f3:06:ca:eb:1c:a8:df:e0:c7:82:f4:80:28:3c:
a6:9e:cd:7d:a2:b9:7f:a1:8a:75:19:ca:bf:a1:e0:
79:25:2d:3d:0e:8f:bd:00:06:07:2b:f5:aa:42:18:
57:35:43:18:ce:b5:f5:54:e6:f4:e6:87:e6:61:76:
52:05:64:2e:29:08:01:05:2c:d2:3a:30:cc:56:cf:
bb:4e:ec:ac:dc:32:60:00:08:33:07:aa:32:ab:ab:
a7:84:cf:8b:41:21:b6:8c:64:41:3d:68:f9:85:31:
bd:e1:9d:a2:85:6b:b4:f8:3a:6d:bc:b9:79:ab:1f:
41:e3:0d:9a:dd:97:df:fa:d3:54:e3:c6:e1:ac:a0:
70:a7:da:58:17:b3:61:7f:83:f3:16:18:d4:28:e3:
80:c4:3e:4d:4e:2d:ba:14:de:92:e0:a2:eb:c7:42:
26:e1:e0:33:05:7b:3b:40:60:d8:e7:f3:50:23:14:
73:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AB:7B:7B:5E:8D:CC:EC:2A:ED:CC:D9:97:20:01:DA:CF:66:D5:48
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OKt7e16NzOwq7czZlyAB2s9m1Ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.240.0/21
Signature Algorithm: sha256WithRSAEncryption
a0:01:0c:f2:d1:7f:9d:12:09:84:98:d2:a2:56:46:fd:ed:08:
ec:7c:48:d8:8b:b0:69:3e:85:25:7e:01:cc:c4:5e:48:a9:12:
00:75:65:f9:40:0d:f5:22:99:ba:cc:85:49:8b:83:5b:b7:bc:
20:37:11:31:ac:b2:d1:a3:b6:52:ea:d9:78:a4:9a:a1:a3:cc:
16:54:56:ee:f2:eb:e1:73:47:16:96:8a:c1:6f:bb:10:bd:04:
26:c2:67:4f:80:b8:34:9a:7f:b0:e1:2d:88:24:dc:c1:17:e3:
24:f0:aa:b3:96:cd:2f:f3:bd:88:16:52:35:b6:d2:09:e7:f3:
a1:5c:6c:27:32:16:eb:79:c4:63:d5:0c:c5:24:f0:c3:ed:e1:
1a:d1:80:7a:70:f4:91:69:c6:a1:85:41:51:12:02:34:83:90:
b1:0e:8a:b5:3c:5e:7c:2b:b3:17:ab:43:4c:43:f3:73:99:d6:
29:2e:39:fb:a8:8a:3c:12:a5:d6:a4:9b:e6:16:19:23:92:e1:
73:91:4c:30:d1:dd:d8:80:7c:f0:98:b0:0f:d6:44:49:b2:5d:
9a:da:74:eb:b0:66:18:75:05:28:a4:5b:6c:57:e7:83:1a:0a:
2c:94:5f:59:85:27:ad:9d:b0:df:c4:8c:83:af:b3:3d:ef:64:
fc:81:95:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn1RVJwpgG/ogUx4JKqVecXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwODE0MTgxODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGFiN2I3YjVlOGRjY2VjMmFlZGNjZDk5NzIwMDFkYWNmNjZkNTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeFA3pd9AReYSpjSBh+AiG3xz9Xu
1+YJNMxe/fvD7JprF5up96nNnJO1BswSfmokdyzjhvW6p/ciC8jIBoaPMNLLQfv7
nNdyvjSA8wbK6xyo3+DHgvSAKDymns19orl/oYp1Gcq/oeB5JS09Do+9AAYHK/Wq
QhhXNUMYzrX1VOb05ofmYXZSBWQuKQgBBSzSOjDMVs+7Tuys3DJgAAgzB6oyq6un
hM+LQSG2jGRBPWj5hTG94Z2ihWu0+DptvLl5qx9B4w2a3Zff+tNU48bhrKBwp9pY
F7Nhf4PzFhjUKOOAxD5NTi26FN6S4KLrx0Im4eAzBXs7QGDY5/NQIxRz2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDire3tejczsKu3M2ZcgAdrPZtVIMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvT0t0N2UxNk56T3dxN2N6Wmx5QUIyczltMVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWNjwMA0G
CSqGSIb3DQEBCwUAA4IBAQCgAQzy0X+dEgmEmNKiVkb97QjsfEjYi7BpPoUlfgHM
xF5IqRIAdWX5QA31Ipm6zIVJi4Nbt7wgNxExrLLRo7ZS6tl4pJqho8wWVFbu8uvh
c0cWlorBb7sQvQQmwmdPgLg0mn+w4S2IJNzBF+Mk8Kqzls0v872IFlI1ttIJ5/Oh
XGwnMhbrecRj1QzFJPDD7eEa0YB6cPSRacahhUFREgI0g5CxDoq1PF58K7MXq0NM
Q/NzmdYpLjn7qIo8EqXWpJvmFhkjkuFzkUww0d3YgHzwmLAP1kRJsl2a2nTrsGYY
dQUopFtsV+eDGgoslF9ZhSetnbDfxIyDr7M972T8gZU6
-----END CERTIFICATE-----
Generated at Tue Sep 12 14:16:59 2023 by rpki-client on console-ams.rpki-client.org