Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RuMYl7tXQqBXrRtGGE9tSe5ilng.roa
File: RuMYl7tXQqBXrRtGGE9tSe5ilng.roa (raw, json)
Hash identifier: xrkwDsPyc+kfhhjdfajNYoHj8WTzuiXJttzlop73XeE=
Subject key identifier: 46:E3:18:97:BB:57:42:A0:57:AD:1B:46:18:4F:6D:49:EE:62:96:78
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01857B9249742CBDD327E3DDB95B23B700C7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RuMYl7tXQqBXrRtGGE9tSe5ilng.roa
Signing time: Wed 04 Jan 2023 06:57:42 +0000
ROA not before: Wed 04 Jan 2023 06:57:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211585
IP address blocks: 88.216.212.0/22 maxlen: 24
84.32.210.0/23 maxlen: 24
84.32.208.0/23 maxlen: 24
84.32.252.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7b:92:49:74:2c:bd:d3:27:e3:dd:b9:5b:23:b7:00:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 4 06:57:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46e31897bb5742a057ad1b46184f6d49ee629678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5a:b3:7f:91:13:cd:6c:cb:1d:a7:0f:12:ab:
26:94:a4:d5:91:a4:c5:80:26:2f:c3:84:0a:1c:f8:
5f:29:f9:48:92:e0:ec:4e:6e:af:c2:69:c0:48:ae:
74:e5:e9:87:72:29:8f:6e:ee:51:94:f2:29:58:90:
84:94:ec:b9:1b:e0:22:d8:59:f9:7e:4e:1f:21:d0:
43:a0:b9:a1:23:c0:7d:a2:87:7b:c8:01:e6:5b:90:
a3:8c:0e:45:f3:9a:01:c4:7b:ab:4a:d3:2d:0f:13:
fd:13:d8:6f:b3:e1:fc:af:73:e5:f0:d8:16:49:f6:
2d:32:cb:8b:84:c4:49:00:35:4a:af:6d:72:34:32:
57:5f:2d:4a:65:62:ce:af:e3:06:69:a9:bb:d6:85:
db:e4:14:c5:8a:ce:ca:3b:2d:59:d1:10:90:96:c4:
ab:93:99:b0:12:7a:78:74:3a:c4:58:a9:51:39:92:
a0:e8:85:d3:de:b0:ee:a7:d8:d4:8c:9f:b7:f5:dd:
57:64:55:cc:ce:0b:cd:dc:35:54:89:49:e0:bd:fd:
60:17:c0:2b:67:f4:5e:b2:05:4b:ce:9d:5a:31:2b:
b8:35:72:b0:b5:08:79:dd:28:79:1e:e2:eb:3e:29:
ea:48:d9:b8:d4:a2:5c:5b:12:36:ba:39:1f:bd:4c:
f1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E3:18:97:BB:57:42:A0:57:AD:1B:46:18:4F:6D:49:EE:62:96:78
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RuMYl7tXQqBXrRtGGE9tSe5ilng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.208.0/22
84.32.252.0/23
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
97:6c:0b:f9:e7:60:85:8f:98:8a:e2:be:81:e3:ae:b1:98:61:
5a:f8:47:21:90:da:30:fc:8d:57:59:a8:67:c1:f1:af:2a:09:
20:79:09:67:1a:51:98:0c:04:ae:a2:d9:44:73:4a:b0:9a:c2:
c0:ec:0d:8f:91:06:f9:e9:ee:b4:f0:ad:b8:22:2d:14:ec:e6:
0b:13:cf:29:2d:0a:9a:92:ac:f5:e0:3b:fa:ac:a6:f8:b6:f5:
e1:46:30:27:72:d0:04:94:86:2d:eb:26:90:d3:4d:d0:be:05:
f9:86:d0:39:aa:4f:f4:67:10:4f:ac:ff:e5:8a:57:ab:9c:bf:
84:c0:21:b2:ed:c4:9d:20:33:e5:e0:e1:3b:8c:39:d7:3d:68:
9b:4a:22:42:cf:f2:d4:85:f1:18:77:da:d0:6d:40:3f:dc:0d:
02:21:97:1d:d2:37:d3:77:7b:25:46:08:a3:91:c3:47:b0:84:
f2:ee:e6:f3:db:34:cf:a9:ab:34:61:4f:b6:95:1d:31:56:7e:
f9:0d:07:cb:68:1c:dd:be:7a:a3:b9:96:ce:cb:e6:71:e6:9a:
77:7e:8d:2b:d5:ee:30:96:c1:f2:63:4e:4c:f1:24:f4:ad:54:
75:51:81:72:b6:10:44:d0:45:37:26:ab:85:91:88:3b:6b:de:
b5:de:ac:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYV7kkl0LL3TJ+PduVsjtwDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTA0MDY1NzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmUzMTg5N2JiNTc0MmEwNTdhZDFiNDYxODRmNmQ0OWVlNjI5Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVqzf5ETzWzLHacPEqsmlKTVkaTF
gCYvw4QKHPhfKflIkuDsTm6vwmnASK505emHcimPbu5RlPIpWJCElOy5G+Ai2Fn5
fk4fIdBDoLmhI8B9ood7yAHmW5CjjA5F85oBxHurStMtDxP9E9hvs+H8r3Pl8NgW
SfYtMsuLhMRJADVKr21yNDJXXy1KZWLOr+MGaam71oXb5BTFis7KOy1Z0RCQlsSr
k5mwEnp4dDrEWKlROZKg6IXT3rDup9jUjJ+39d1XZFXMzgvN3DVUiUngvf1gF8Ar
Z/ResgVLzp1aMSu4NXKwtQh53Sh5HuLrPinqSNm41KJcWxI2ujkfvUzxFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEbjGJe7V0KgV60bRhhPbUnuYpZ4MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUnVNWWw3dFhRcUJYclJ0R0dFOXRTZTVpbG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVCDQAwQB
VCD8AwQCWNjUMA0GCSqGSIb3DQEBCwUAA4IBAQCXbAv552CFj5iK4r6B466xmGFa
+EchkNow/I1XWahnwfGvKgkgeQlnGlGYDASuotlEc0qwmsLA7A2PkQb56e608K24
Ii0U7OYLE88pLQqakqz14Dv6rKb4tvXhRjAnctAElIYt6yaQ003QvgX5htA5qk/0
ZxBPrP/lilernL+EwCGy7cSdIDPl4OE7jDnXPWibSiJCz/LUhfEYd9rQbUA/3A0C
IZcd0jfTd3slRgijkcNHsITy7ubz2zTPqas0YU+2lR0xVn75DQfLaBzdvnqjuZbO
y+Zx5pp3fo0r1e4wlsHyY05M8ST0rVR1UYFythBE0EU3JquFkYg7a9613qz8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:29 2023 by rpki-client on console-ams.rpki-client.org