Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Qei_Lu4iQ8CpA75-hWVvJaOzHFw.roa
File: Qei_Lu4iQ8CpA75-hWVvJaOzHFw.roa (raw, json)
Hash identifier: yzoOSTc7bXhaIImuMUtOe1SCKmDhH8JqozHnRJ9xLkI=
Subject key identifier: 41:E8:BF:2E:EE:22:43:C0:A9:03:BE:7E:85:65:6F:25:A3:B3:1C:5C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC501389A3F13E78ADF5D03799BDA23B8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Qei_Lu4iQ8CpA75-hWVvJaOzHFw.roa
Signing time: Mon 01 Jan 2024 12:30:40 +0000
ROA not before: Mon 01 Jan 2024 12:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 88.216.224.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 27 Feb 2024 09:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:38:9a:3f:13:e7:8a:df:5d:03:79:9b:da:23:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41e8bf2eee2243c0a903be7e85656f25a3b31c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c7:45:30:36:14:fb:6f:67:60:46:45:f0:6c:
51:68:4a:c3:75:5d:0f:6c:5b:0e:ec:2d:7b:34:f1:
b4:ce:c5:cc:ad:2e:b4:c4:97:25:55:54:80:7d:c9:
c9:25:87:5a:61:d3:79:4a:4a:09:ba:20:ba:21:5e:
41:23:b1:9e:ce:d5:87:42:84:da:03:50:54:a9:fe:
03:c0:bb:a3:69:78:5b:6e:e1:7f:50:32:e0:60:54:
55:43:ff:30:54:8a:94:b4:15:9c:9a:bd:ad:18:0e:
8d:e3:99:3a:ac:e9:26:82:34:35:6e:cd:32:3b:86:
ef:df:fa:e0:99:fe:b0:46:dd:72:58:07:e6:58:d9:
6c:1a:98:a8:ff:be:d9:c6:12:04:42:c6:3e:5e:a2:
54:ff:1e:47:9b:f0:35:6f:fc:d3:56:78:a0:8a:32:
c3:95:54:89:ba:d3:2d:b5:64:ea:58:6f:6c:8b:bd:
90:19:27:2b:4e:22:49:9e:35:3f:54:4a:79:cd:9f:
1b:d0:ca:29:0d:6a:52:f9:52:5a:29:36:87:69:6a:
99:39:f6:de:63:1c:21:65:b7:67:e5:42:66:97:ab:
1d:f3:e3:c8:9f:5f:ec:39:69:65:7d:2b:df:cf:14:
ea:58:49:05:a4:47:bc:ec:2c:ce:77:b5:cf:c2:fd:
f9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E8:BF:2E:EE:22:43:C0:A9:03:BE:7E:85:65:6F:25:A3:B3:1C:5C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Qei_Lu4iQ8CpA75-hWVvJaOzHFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.224.0/22
Signature Algorithm: sha256WithRSAEncryption
29:cb:c5:c7:6a:9b:8f:41:f3:02:07:15:50:c4:d1:67:14:b2:
97:25:4e:58:cb:3b:d4:7e:5d:db:bc:75:a0:84:ca:b6:65:5a:
87:48:74:1c:df:35:ad:dd:4f:5c:58:a9:64:53:b6:ea:21:f0:
f3:3d:27:d6:c8:84:3b:f4:54:e7:95:41:e0:46:22:7b:e7:8d:
2e:b9:c5:a7:26:39:f9:17:55:db:8c:0a:20:cf:4c:d3:e6:97:
bc:81:28:84:69:c9:fa:48:78:f4:55:6f:7a:08:05:cc:fb:0b:
cb:0b:5a:ef:ae:92:b9:95:82:76:7d:03:88:6e:a0:35:8e:d4:
15:74:c1:f2:6f:b5:57:1f:65:bc:aa:7e:12:82:0d:7b:23:c5:
8f:f8:0b:e9:6b:77:bf:86:73:40:24:07:e0:ad:18:90:9c:83:
68:ef:d2:8f:09:7d:01:53:ca:d7:b6:d7:c2:d4:22:3c:5c:3e:
69:bb:77:4d:f1:98:06:d8:0a:0e:fd:75:2f:84:f7:39:5c:10:
48:a5:51:ac:7f:9c:4b:b1:3f:8f:cb:3f:a5:4b:06:5f:2d:21:
d4:6d:82:ac:56:74:d1:61:dc:eb:29:f4:82:2d:cb:d4:f0:79:
a3:87:91:90:4c:ef:db:85:b0:a3:11:c0:30:1b:59:5a:55:dd:
25:0b:7a:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFATiaPxPnit9dA3mb2iO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWU4YmYyZWVlMjI0M2MwYTkwM2JlN2U4NTY1NmYyNWEzYjMxYzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cdFMDYU+29nYEZF8GxRaErDdV0P
bFsO7C17NPG0zsXMrS60xJclVVSAfcnJJYdaYdN5SkoJuiC6IV5BI7GeztWHQoTa
A1BUqf4DwLujaXhbbuF/UDLgYFRVQ/8wVIqUtBWcmr2tGA6N45k6rOkmgjQ1bs0y
O4bv3/rgmf6wRt1yWAfmWNlsGpio/77ZxhIEQsY+XqJU/x5Hm/A1b/zTVnigijLD
lVSJutMttWTqWG9si72QGScrTiJJnjU/VEp5zZ8b0MopDWpS+VJaKTaHaWqZOfbe
YxwhZbdn5UJml6sd8+PIn1/sOWllfSvfzxTqWEkFpEe87CzOd7XPwv35MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHovy7uIkPAqQO+foVlbyWjsxxcMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUWVpX0x1NGlROENwQTc1LWhXVnZKYU96SEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNjgMA0G
CSqGSIb3DQEBCwUAA4IBAQApy8XHapuPQfMCBxVQxNFnFLKXJU5YyzvUfl3bvHWg
hMq2ZVqHSHQc3zWt3U9cWKlkU7bqIfDzPSfWyIQ79FTnlUHgRiJ7540uucWnJjn5
F1XbjAogz0zT5pe8gSiEacn6SHj0VW96CAXM+wvLC1rvrpK5lYJ2fQOIbqA1jtQV
dMHyb7VXH2W8qn4Sgg17I8WP+Avpa3e/hnNAJAfgrRiQnINo79KPCX0BU8rXttfC
1CI8XD5pu3dN8ZgG2AoO/XUvhPc5XBBIpVGsf5xLsT+Pyz+lSwZfLSHUbYKsVnTR
YdzrKfSCLcvU8Hmjh5GQTO/bhbCjEcAwG1laVd0lC3qz
-----END CERTIFICATE-----
Generated at Tue Feb 27 13:19:36 2024 by rpki-client on console-ams.rpki-client.org