Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TTjqcDZuYaNFnl7mrd4NFvJ85bU.roa
File: TTjqcDZuYaNFnl7mrd4NFvJ85bU.roa (raw, json)
Hash identifier: RVzxOHGt3RrmdXa4f7hhTcp4OAyZRaaLtePiE003zmU=
Subject key identifier: 4D:38:EA:70:36:6E:61:A3:45:9E:5E:E6:AD:DE:0D:16:F2:7C:E5:B5
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018742D6EFB9708D5D6632BDFE19A08F044E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TTjqcDZuYaNFnl7mrd4NFvJ85bU.roa
Signing time: Sun 02 Apr 2023 16:39:54 +0000
ROA not before: Sun 02 Apr 2023 16:39:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209371
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Apr 2023 10:42:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:42:d6:ef:b9:70:8d:5d:66:32:bd:fe:19:a0:8f:04:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 2 16:39:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d38ea70366e61a3459e5ee6adde0d16f27ce5b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:08:c9:22:af:78:81:b7:95:21:9c:f3:17:33:
08:fc:67:59:91:4b:05:9c:6a:37:56:f5:2a:e8:f7:
8d:f5:4e:2a:bc:9a:99:38:ea:eb:45:2c:53:6c:cb:
75:14:81:15:ff:54:f9:b0:d9:54:16:f1:92:19:da:
e6:80:dd:58:b7:cb:b8:9e:28:fe:c9:a7:af:d6:b5:
2b:22:b0:09:01:0e:cd:c2:c0:77:8d:87:ca:b4:57:
4d:14:d4:0a:c0:bb:15:9b:08:65:fb:5e:a9:e6:06:
3c:40:d6:9a:cd:2b:2c:e6:6b:7e:dd:65:4a:83:29:
6e:d7:e0:33:01:80:f6:d8:e5:10:fc:d0:ce:09:b0:
8f:2b:9a:fd:17:aa:86:34:27:ce:02:0c:68:22:4e:
7b:27:12:2c:fd:6f:f2:c8:1e:ea:73:98:10:c2:95:
8c:41:a4:20:10:17:5b:9d:23:87:e5:f6:70:f0:80:
48:ad:5e:e5:20:17:81:bf:f0:7e:60:56:23:20:10:
58:be:3f:94:43:41:7a:f7:51:a0:2c:3e:db:4b:b1:
75:8f:ee:8c:b2:d6:db:d4:72:26:dc:e5:50:46:48:
a6:91:24:dc:01:d2:cd:55:04:95:24:fd:a4:d0:3b:
87:86:43:8e:14:0d:66:de:15:30:3a:f5:64:75:ed:
09:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:38:EA:70:36:6E:61:A3:45:9E:5E:E6:AD:DE:0D:16:F2:7C:E5:B5
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TTjqcDZuYaNFnl7mrd4NFvJ85bU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.96.0/24
88.216.185.0/24
Signature Algorithm: sha256WithRSAEncryption
55:e3:8a:ca:a4:67:2c:6f:21:98:98:59:55:04:85:98:51:3b:
f2:c3:44:2a:70:70:8b:5e:42:ba:68:de:06:96:ed:26:77:0d:
54:7a:9e:2f:e1:2f:18:b4:76:9e:c0:75:5e:8d:98:dc:30:9f:
22:18:85:46:36:12:2d:6a:5e:c8:3f:d0:9e:b2:dc:b6:97:4c:
62:ef:a9:98:d0:3e:79:36:d7:6a:18:90:08:6b:e1:bd:eb:7e:
96:59:dc:c7:16:e6:61:82:78:16:ff:cc:02:5c:7d:f5:84:db:
7c:db:2d:c9:fe:c8:94:7c:43:b5:14:f4:66:eb:f9:69:e4:24:
c8:42:df:23:23:4c:b2:e4:d0:a0:e9:bf:9b:93:36:ea:5e:ff:
29:ce:a1:a4:3a:d4:87:77:1d:ca:bd:ad:a7:0d:96:ea:c6:b1:
f4:2a:9f:3b:fa:5a:6c:7a:d1:71:06:ad:07:32:de:ed:e3:3e:
e6:82:e5:91:28:4b:8a:89:8f:0c:0b:23:3e:61:46:2d:b3:2a:
08:08:e9:f4:00:2a:7f:bc:41:b0:d5:78:ff:70:fc:a7:b5:74:
1a:e4:8f:fe:bd:15:88:02:41:1d:e6:e2:93:ab:8f:37:6b:ea:
47:72:86:15:7c:72:75:15:71:bb:6d:90:2f:df:f2:2f:0b:c0:
a8:f4:6a:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdC1u+5cI1dZjK9/hmgjwROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDAyMTYzOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDM4ZWE3MDM2NmU2MWEzNDU5ZTVlZTZhZGRlMGQxNmYyN2NlNWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQjJIq94gbeVIZzzFzMI/GdZkUsF
nGo3VvUq6PeN9U4qvJqZOOrrRSxTbMt1FIEV/1T5sNlUFvGSGdrmgN1Yt8u4nij+
yaev1rUrIrAJAQ7NwsB3jYfKtFdNFNQKwLsVmwhl+16p5gY8QNaazSss5mt+3WVK
gylu1+AzAYD22OUQ/NDOCbCPK5r9F6qGNCfOAgxoIk57JxIs/W/yyB7qc5gQwpWM
QaQgEBdbnSOH5fZw8IBIrV7lIBeBv/B+YFYjIBBYvj+UQ0F691GgLD7bS7F1j+6M
stbb1HIm3OVQRkimkSTcAdLNVQSVJP2k0DuHhkOOFA1m3hUwOvVkde0JQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE046nA2bmGjRZ5e5q3eDRbyfOW1MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVFRqcWNEWnVZYU5Gbmw3bXJkNE5Gdko4NWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNhgAwQA
WNi5MA0GCSqGSIb3DQEBCwUAA4IBAQBV44rKpGcsbyGYmFlVBIWYUTvyw0QqcHCL
XkK6aN4Glu0mdw1Uep4v4S8YtHaewHVejZjcMJ8iGIVGNhItal7IP9Cesty2l0xi
76mY0D55NtdqGJAIa+G9636WWdzHFuZhgngW/8wCXH31hNt82y3J/siUfEO1FPRm
6/lp5CTIQt8jI0yy5NCg6b+bkzbqXv8pzqGkOtSHdx3Kva2nDZbqxrH0Kp87+lps
etFxBq0HMt7t4z7mguWRKEuKiY8MCyM+YUYtsyoICOn0ACp/vEGw1Xj/cPyntXQa
5I/+vRWIAkEd5uKTq483a+pHcoYVfHJ1FXG7bZAv3/IvC8Co9GoV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org