Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SsROZbPo1YdFjB2Qc-D5b2t3pLU.roa
File: SsROZbPo1YdFjB2Qc-D5b2t3pLU.roa (raw, json)
Hash identifier: grA5wAKBekdd+RonlBKMNK3HVUVOVJVdrwvTI+e4KK4=
Subject key identifier: 4A:C4:4E:65:B3:E8:D5:87:45:8C:1D:90:73:E0:F9:6F:6B:77:A4:B5
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826C9CC6696464FDA3605E19EF0B061
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SsROZbPo1YdFjB2Qc-D5b2t3pLU.roa
Signing time: Thu 02 Jan 2025 17:53:38 +0000
ROA not before: Thu 02 Jan 2025 17:53:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215539
IP address blocks: 88.216.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 18:45:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:c9:cc:66:96:46:4f:da:36:05:e1:9e:f0:b0:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ac44e65b3e8d587458c1d9073e0f96f6b77a4b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:76:20:e7:67:c6:c3:3c:41:bf:3f:a5:40:c4:
d1:f5:95:9e:a3:fa:c3:9d:79:2c:d7:ae:23:03:14:
12:c5:4a:94:d9:ed:3f:ff:57:03:5d:ac:de:45:11:
ef:d9:64:42:d0:0a:b6:f7:92:a3:87:f2:03:eb:93:
17:2d:d4:6c:ea:36:e6:41:f8:5f:43:a7:5e:91:90:
54:fc:60:65:a1:d4:59:9f:28:9c:68:2f:88:cc:0c:
da:a6:d6:0d:41:d9:4b:62:4a:f3:d5:28:5f:e8:43:
99:65:64:27:6b:1a:5c:c8:ba:57:3d:24:2b:28:74:
12:c8:22:e5:9a:7d:a5:7f:10:90:37:75:7a:c6:46:
b4:d5:45:dd:d3:2a:a3:4a:23:f0:94:1e:dc:c0:27:
55:37:81:f0:4f:94:9c:26:7d:17:3d:13:2a:ba:19:
5b:cd:e6:33:5d:66:08:95:27:ac:1a:14:52:cb:cb:
92:dd:af:58:4e:de:0d:5f:28:08:c9:64:c0:a4:7a:
6a:32:a0:5d:bc:d1:94:b2:49:b9:ea:20:6a:3b:a8:
94:9f:c8:4d:67:e5:d9:dd:1a:b8:52:27:1b:67:1d:
ed:7e:0c:e8:44:b4:ca:0a:7f:44:86:e2:ab:01:99:
f4:5a:dc:08:f7:8c:2e:69:c8:fd:c4:d3:c5:dc:d3:
00:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C4:4E:65:B3:E8:D5:87:45:8C:1D:90:73:E0:F9:6F:6B:77:A4:B5
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SsROZbPo1YdFjB2Qc-D5b2t3pLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.187.0/24
Signature Algorithm: sha256WithRSAEncryption
61:40:4a:94:a2:db:d0:26:75:fb:ff:5c:8e:8e:80:7e:68:43:
7b:d4:0b:9c:de:c3:dd:8a:fd:1b:34:47:6c:6e:57:f5:7a:d8:
a7:31:0e:86:36:55:83:a8:83:5b:99:43:53:89:7a:62:ee:f5:
ae:9b:ac:8b:1d:6b:f5:2a:3a:58:19:94:38:93:40:e3:a6:60:
8e:05:14:c4:68:ac:3e:85:dc:7b:a6:28:f8:c5:02:51:1d:4f:
ca:29:84:56:3c:19:5c:07:2d:99:04:da:2a:a3:35:eb:f4:ef:
b4:c1:07:16:cb:48:8d:e8:46:36:bc:74:b2:40:be:f7:58:f8:
e0:a9:6d:12:f6:f6:79:ce:05:39:17:41:99:ba:a1:e5:71:7b:
71:32:64:49:11:3b:61:e3:d0:ec:ff:d7:cf:bd:43:04:04:72:
60:5e:bd:d5:bd:42:db:86:b1:01:62:d5:8a:3a:97:cb:67:40:
25:88:29:22:ad:32:5b:64:16:12:cc:d2:07:94:1b:0f:20:f2:
83:e6:fc:30:e2:79:69:a3:90:82:e8:95:6f:0c:6c:2e:99:3a:
94:06:00:d8:86:36:5c:44:5b:14:c5:e3:8e:f2:e5:27:16:c5:
9e:7f:10:53:30:90:98:82:04:64:3b:46:57:e9:3e:1b:9c:01:
93:a1:bc:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJsnMZpZGT9o2BeGe8LBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWM0NGU2NWIzZThkNTg3NDU4YzFkOTA3M2UwZjk2ZjZiNzdhNGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXYg52fGwzxBvz+lQMTR9ZWeo/rD
nXks164jAxQSxUqU2e0//1cDXazeRRHv2WRC0Aq295Kjh/ID65MXLdRs6jbmQfhf
Q6dekZBU/GBlodRZnyicaC+IzAzaptYNQdlLYkrz1Shf6EOZZWQnaxpcyLpXPSQr
KHQSyCLlmn2lfxCQN3V6xka01UXd0yqjSiPwlB7cwCdVN4HwT5ScJn0XPRMquhlb
zeYzXWYIlSesGhRSy8uS3a9YTt4NXygIyWTApHpqMqBdvNGUskm56iBqO6iUn8hN
Z+XZ3Rq4UicbZx3tfgzoRLTKCn9EhuKrAZn0WtwI94wuacj9xNPF3NMAtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFErETmWz6NWHRYwdkHPg+W9rd6S1MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvU3NST1piUG8xWWRGakIyUWMtRDViMnQzcExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNi7MA0G
CSqGSIb3DQEBCwUAA4IBAQBhQEqUotvQJnX7/1yOjoB+aEN71Auc3sPdiv0bNEds
blf1etinMQ6GNlWDqINbmUNTiXpi7vWum6yLHWv1KjpYGZQ4k0DjpmCOBRTEaKw+
hdx7pij4xQJRHU/KKYRWPBlcBy2ZBNoqozXr9O+0wQcWy0iN6EY2vHSyQL73WPjg
qW0S9vZ5zgU5F0GZuqHlcXtxMmRJETth49Ds/9fPvUMEBHJgXr3VvULbhrEBYtWK
OpfLZ0AliCkirTJbZBYSzNIHlBsPIPKD5vww4nlpo5CC6JVvDGwumTqUBgDYhjZc
RFsUxeOO8uUnFsWefxBTMJCYggRkO0ZX6T4bnAGTobwN
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:47:00 2025 by rpki-client