Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Ra6C1sTkniTqI9pn5s9TPqsANVY.roa
File: Ra6C1sTkniTqI9pn5s9TPqsANVY.roa (raw, json)
Hash identifier: Jo0sEwEBSnUI5Zhj5kTKeU5DpVnE/J4xs15DjZDEVcY=
Subject key identifier: 45:AE:82:D6:C4:E4:9E:24:EA:23:DA:67:E6:CF:53:3E:AB:00:35:56
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFD037CB5809FDC9D47185FEE750CA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Ra6C1sTkniTqI9pn5s9TPqsANVY.roa
Signing time: Sun 01 Jan 2023 18:54:53 +0000
ROA not before: Sun 01 Jan 2023 18:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 88.216.221.0/24 maxlen: 24
84.32.29.0/24 maxlen: 24
84.32.241.0/24 maxlen: 24
84.32.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:d0:37:cb:58:09:fd:c9:d4:71:85:fe:e7:50:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45ae82d6c4e49e24ea23da67e6cf533eab003556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:08:ce:26:78:d4:6d:48:8a:27:0f:56:4e:9e:
88:35:f7:cf:dc:0e:db:70:a4:31:0c:2f:64:01:5e:
02:9f:5d:f4:1b:27:d7:7a:0f:12:99:25:b2:c5:cd:
96:42:54:88:d5:5d:64:75:2b:c2:c4:15:22:6b:96:
1a:c1:65:b3:d3:ff:7e:22:61:87:4a:f6:df:a6:0d:
ac:b8:15:a0:00:48:23:7a:de:eb:d1:1f:c3:88:d9:
1c:66:45:97:b5:c6:d0:72:02:a5:67:d5:aa:ea:d0:
7a:de:68:ce:ef:0b:72:a2:ec:ec:5f:82:d5:79:88:
38:9d:07:72:84:be:23:ee:03:d7:c9:f5:13:7b:61:
84:c1:c2:e7:73:e2:bd:b7:a8:70:85:41:03:d8:27:
42:47:8f:88:9e:5a:41:de:4b:f6:3f:d2:5c:a0:b4:
4b:8a:6e:24:ca:37:75:78:4c:aa:0b:c2:39:6b:c9:
c1:e3:81:1d:9b:d8:26:7a:eb:02:6f:fa:2a:e0:5d:
2e:15:77:80:16:e9:75:ae:38:e2:70:60:1c:23:6c:
6e:a4:c7:86:b7:53:ff:2b:65:97:f7:fc:63:72:72:
0f:93:e9:f6:a8:cd:10:1f:b0:8e:dd:f3:de:eb:81:
c9:17:4a:26:35:f6:71:9f:a8:68:d9:ac:e5:69:12:
54:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:AE:82:D6:C4:E4:9E:24:EA:23:DA:67:E6:CF:53:3E:AB:00:35:56
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Ra6C1sTkniTqI9pn5s9TPqsANVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.29.0/24
84.32.45.0/24
84.32.241.0/24
88.216.221.0/24
Signature Algorithm: sha256WithRSAEncryption
46:ff:87:0f:84:a4:40:e9:d6:c1:24:51:53:5b:82:d4:46:7d:
6d:32:3e:7e:1f:21:11:18:71:58:06:32:ec:90:93:61:d3:ee:
54:46:91:03:a7:f3:18:14:bc:a9:39:2d:a5:1c:c2:05:ac:95:
a6:bf:bc:5a:2b:86:f9:df:1f:d6:aa:2a:47:d7:58:bd:c0:b8:
58:75:7d:8f:83:c6:07:07:bf:26:f9:79:e3:6e:89:32:f1:88:
2a:29:77:13:66:f1:56:d1:a4:33:9a:5e:8b:96:53:8e:b6:e2:
ca:8b:84:50:00:fb:f8:f7:36:ba:30:2f:a4:23:4a:d1:33:90:
60:ad:59:4a:58:fc:6d:44:24:2b:b1:50:fc:1f:77:77:e0:b8:
07:36:80:ac:50:93:31:fe:95:b4:24:8b:f1:b3:20:b2:d7:21:
48:c4:a1:f1:c2:2e:95:db:3c:2e:d9:54:81:8d:f5:fb:7e:37:
e1:6f:86:ed:e3:8e:a9:bb:2a:86:b5:34:94:18:26:f2:9d:e7:
26:60:03:5e:0e:a0:2d:5c:e0:7b:64:58:13:6c:72:58:d6:58:
45:ef:3f:59:af:39:81:18:2d:2a:08:39:85:80:4e:e7:ad:d3:
72:6c:34:46:99:6d:a1:89:76:02:b8:1b:be:55:39:d1:e2:56:
9c:f6:16:c8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVur9A3y1gJ/cnUcYX+51DKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWFlODJkNmM0ZTQ5ZTI0ZWEyM2RhNjdlNmNmNTMzZWFiMDAzNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAjOJnjUbUiKJw9WTp6INffP3A7b
cKQxDC9kAV4Cn130GyfXeg8SmSWyxc2WQlSI1V1kdSvCxBUia5YawWWz0/9+ImGH
Svbfpg2suBWgAEgjet7r0R/DiNkcZkWXtcbQcgKlZ9Wq6tB63mjO7wtyouzsX4LV
eYg4nQdyhL4j7gPXyfUTe2GEwcLnc+K9t6hwhUED2CdCR4+InlpB3kv2P9JcoLRL
im4kyjd1eEyqC8I5a8nB44Edm9gmeusCb/oq4F0uFXeAFul1rjjicGAcI2xupMeG
t1P/K2WX9/xjcnIPk+n2qM0QH7CO3fPe64HJF0omNfZxn6ho2azlaRJU8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEWugtbE5J4k6iPaZ+bPUz6rADVWMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUmE2QzFzVGtuaVRxSTlwbjVzOVRQcXNBTlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCAdAwQA
VCAtAwQAVCDxAwQAWNjdMA0GCSqGSIb3DQEBCwUAA4IBAQBG/4cPhKRA6dbBJFFT
W4LURn1tMj5+HyERGHFYBjLskJNh0+5URpEDp/MYFLypOS2lHMIFrJWmv7xaK4b5
3x/WqipH11i9wLhYdX2Pg8YHB78m+Xnjboky8YgqKXcTZvFW0aQzml6LllOOtuLK
i4RQAPv49za6MC+kI0rRM5BgrVlKWPxtRCQrsVD8H3d34LgHNoCsUJMx/pW0JIvx
syCy1yFIxKHxwi6V2zwu2VSBjfX7fjfhb4bt446puyqGtTSUGCbynecmYANeDqAt
XOB7ZFgTbHJY1lhF7z9ZrzmBGC0qCDmFgE7nrdNybDRGmW2hiXYCuBu+VTnR4lac
9hbI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:29 2023 by rpki-client on console-ams.rpki-client.org