Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TK5FEvz-aopwwmiRAE4BZ_qzv84.roa
File: TK5FEvz-aopwwmiRAE4BZ_qzv84.roa (raw, json)
Hash identifier: UFy/gs/2oDnfuD24PIZvwcZpEk+TSgHBswtu8feZCmY=
Subject key identifier: 4C:AE:45:12:FC:FE:6A:8A:70:C2:68:91:00:4E:01:67:FA:B3:BF:CE
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018BA9689D42670A145653ED78D347EBA120
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TK5FEvz-aopwwmiRAE4BZ_qzv84.roa
Signing time: Tue 07 Nov 2023 10:51:27 +0000
ROA not before: Tue 07 Nov 2023 10:51:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216084
IP address blocks: 84.32.64.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:68:9d:42:67:0a:14:56:53:ed:78:d3:47:eb:a1:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 7 10:51:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cae4512fcfe6a8a70c26891004e0167fab3bfce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b7:7b:f6:3f:29:2b:33:da:d3:ae:5e:3c:80:
a3:dc:a2:11:12:34:4c:5c:b5:6a:fd:f4:81:11:f5:
db:66:cb:bc:92:f8:86:d1:30:d0:44:72:df:71:a3:
6c:00:a4:ea:5e:1b:32:3f:e4:6c:a2:5d:72:73:61:
ad:b5:c1:93:eb:c2:13:24:8b:71:cc:8b:71:19:c1:
fe:38:6b:ca:21:66:f8:82:f6:ed:87:79:5d:84:8c:
cb:ad:d8:5e:35:f8:76:a0:ea:bc:b6:ff:b2:27:f1:
54:88:cc:7a:17:a3:d6:c9:01:1f:77:b8:0d:41:e0:
5c:20:a2:4e:e6:da:6d:03:49:0f:85:48:60:06:16:
38:93:46:20:42:0d:a7:df:f5:8d:7a:c7:09:9a:40:
61:e5:97:38:49:a8:6c:df:cc:9c:c4:e2:1d:b1:ae:
03:5c:8d:ef:de:80:30:05:60:0e:26:43:40:32:4d:
a8:c5:77:00:bf:f2:e8:62:6f:67:35:70:f8:87:b7:
f3:c5:62:d3:1b:75:a8:a7:d6:fb:e7:07:1b:48:50:
e6:1e:4b:9f:fc:23:7b:50:63:5f:91:2b:1e:ae:4e:
d3:48:5e:36:56:6a:c1:59:2b:fe:6c:20:18:7f:9d:
61:3e:49:f0:57:7c:76:cf:c6:5f:4a:74:e5:78:39:
ac:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AE:45:12:FC:FE:6A:8A:70:C2:68:91:00:4E:01:67:FA:B3:BF:CE
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TK5FEvz-aopwwmiRAE4BZ_qzv84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.64.0/24
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ea:84:81:55:02:78:2d:fa:78:01:c2:a2:9b:bb:e8:08:b1:
0e:b5:85:c9:00:79:cf:5f:ec:02:8b:c3:aa:8e:3d:22:fb:60:
21:26:10:15:d7:67:1e:46:7c:9b:ab:eb:55:ba:07:eb:ce:56:
a2:2b:ef:e5:f8:9b:77:58:8a:67:ef:e9:fd:ab:a3:f0:55:81:
0c:db:a6:4d:01:34:22:da:b9:93:9d:99:37:3f:10:86:c0:78:
b0:b8:41:4d:e8:a4:19:3b:d0:05:70:c4:ae:fb:7e:c2:1b:7c:
34:b3:c6:59:03:b0:80:a1:9a:69:87:3d:a9:c6:c0:3a:99:0d:
38:ea:39:09:e2:6f:a3:6f:52:7f:54:61:42:18:a1:f4:7b:ba:
78:47:6b:47:63:0e:ca:97:bc:68:bf:be:52:37:51:98:ea:cd:
fe:58:81:6b:af:dd:44:c1:39:07:d6:c8:d7:f3:fb:4c:23:4f:
39:c5:0b:29:ab:af:91:53:6a:cb:32:64:a0:55:b8:4e:c8:08:
b8:13:86:22:aa:3b:ed:d1:c6:70:1b:94:c2:cc:68:ed:d8:8e:
c7:21:c3:27:3f:85:4f:46:ad:02:c4:bf:88:26:e5:52:27:f2:
93:6a:0f:f4:14:66:c5:37:36:d0:c4:73:ba:df:87:10:5d:e3:
97:19:e0:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYupaJ1CZwoUVlPteNNH66EgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMTA3MTA1MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2FlNDUxMmZjZmU2YThhNzBjMjY4OTEwMDRlMDE2N2ZhYjNiZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7d79j8pKzPa065ePICj3KIREjRM
XLVq/fSBEfXbZsu8kviG0TDQRHLfcaNsAKTqXhsyP+Rsol1yc2GttcGT68ITJItx
zItxGcH+OGvKIWb4gvbth3ldhIzLrdheNfh2oOq8tv+yJ/FUiMx6F6PWyQEfd7gN
QeBcIKJO5tptA0kPhUhgBhY4k0YgQg2n3/WNescJmkBh5Zc4Sahs38ycxOIdsa4D
XI3v3oAwBWAOJkNAMk2oxXcAv/LoYm9nNXD4h7fzxWLTG3Wop9b75wcbSFDmHkuf
/CN7UGNfkSserk7TSF42VmrBWSv+bCAYf51hPknwV3x2z8ZfSnTleDmsmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEyuRRL8/mqKcMJokQBOAWf6s7/OMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVEs1RkV2ei1hb3B3d21pUkFFNEJaX3F6djg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCBAAwQA
WNjcMA0GCSqGSIb3DQEBCwUAA4IBAQAK6oSBVQJ4Lfp4AcKim7voCLEOtYXJAHnP
X+wCi8Oqjj0i+2AhJhAV12ceRnybq+tVugfrzlaiK+/l+Jt3WIpn7+n9q6PwVYEM
26ZNATQi2rmTnZk3PxCGwHiwuEFN6KQZO9AFcMSu+37CG3w0s8ZZA7CAoZpphz2p
xsA6mQ046jkJ4m+jb1J/VGFCGKH0e7p4R2tHYw7Kl7xov75SN1GY6s3+WIFrr91E
wTkH1sjX8/tMI085xQspq6+RU2rLMmSgVbhOyAi4E4Yiqjvt0cZwG5TCzGjt2I7H
IcMnP4VPRq0CxL+IJuVSJ/KTag/0FGbFNzbQxHO634cQXeOXGeCd
-----END CERTIFICATE-----
Generated at Tue Nov 7 13:18:03 2023 by rpki-client on console-fra.rpki-client.org