Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VOTiVnGieCYqvGvx4Ofhj_w6kRw.roa
File: VOTiVnGieCYqvGvx4Ofhj_w6kRw.roa (raw, json)
Hash identifier: Rpo2mk6e4q0u39a8WTc71Uzg5HlN4YpjSkVIAxHn9JY=
Subject key identifier: 54:E4:E2:56:71:A2:78:26:2A:BC:6B:F1:E0:E7:E1:8F:FC:3A:91:1C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018A4B676FCE2689141126E1F940A6D71B5D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VOTiVnGieCYqvGvx4Ofhj_w6kRw.roa
Signing time: Thu 31 Aug 2023 11:43:04 +0000
ROA not before: Thu 31 Aug 2023 11:43:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33922
IP address blocks: 88.216.164.0/24 maxlen: 24
88.216.165.0/24 maxlen: 24
88.216.166.0/24 maxlen: 24
88.216.167.0/24 maxlen: 24
84.32.116.0/23 maxlen: 24
84.32.114.0/23 maxlen: 24
88.216.148.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:67:6f:ce:26:89:14:11:26:e1:f9:40:a6:d7:1b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 31 11:43:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54e4e25671a278262abc6bf1e0e7e18ffc3a911c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:87:09:73:38:9d:fa:1c:62:ba:e9:08:c0:52:
63:a9:00:59:d1:83:83:da:1e:fd:39:e4:3a:7b:17:
9c:f0:8f:54:f4:93:af:8e:27:f7:06:45:21:d9:10:
14:52:2d:f8:19:df:a1:da:30:cd:b3:ea:50:d4:d9:
9e:f0:20:99:c9:67:c5:ea:21:3a:b6:c3:95:ed:47:
ea:f4:85:71:f4:cb:70:f2:1a:3f:13:b3:36:a4:7c:
ff:ef:6b:f2:33:0c:b0:c8:ff:8e:28:a0:71:ae:56:
46:a2:99:a5:7a:fe:bf:5e:dc:68:61:cd:5e:a4:09:
5f:b7:65:10:9c:2b:35:9a:e8:fe:c4:88:59:18:69:
07:0c:f5:59:2b:c6:ee:68:ae:20:70:b3:bb:1c:12:
47:f3:16:89:a6:5b:81:c0:fe:94:9d:71:1e:d0:15:
ba:37:f6:03:dc:97:76:35:dd:a9:7b:64:17:90:a4:
ed:ff:48:33:e0:ed:93:2b:bc:c1:f6:55:b6:05:e3:
a2:1d:2b:94:42:6f:0e:c3:f3:c1:21:87:04:0d:cc:
25:c4:95:8e:38:35:00:9c:92:c8:da:b9:f7:47:9a:
b4:5e:0d:70:97:00:02:38:d5:7d:5f:82:bb:a5:ba:
49:53:52:40:33:19:9a:16:b4:79:60:26:3b:2e:07:
cc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E4:E2:56:71:A2:78:26:2A:BC:6B:F1:E0:E7:E1:8F:FC:3A:91:1C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VOTiVnGieCYqvGvx4Ofhj_w6kRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.114.0-84.32.117.255
88.216.148.0/24
88.216.164.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:cf:12:9e:b0:4e:8d:ac:32:f9:b9:54:ac:14:72:df:d8:e5:
9c:75:54:cd:75:94:0f:74:e7:fc:22:86:8f:94:10:36:b1:17:
8d:66:a8:28:3a:08:c0:75:40:d9:4d:80:5b:0e:ad:26:5e:f6:
fd:93:b2:16:ef:e6:6c:99:b9:ce:99:33:db:da:4a:d9:10:fa:
d8:70:67:c7:c6:c8:ae:64:b6:0d:4b:36:24:ac:6e:68:05:cc:
78:dd:97:e1:ef:e8:7a:5b:20:99:37:48:63:e9:de:0c:19:27:
a2:21:66:ed:d5:e6:b9:8e:99:28:4b:b3:ab:5d:4c:80:05:64:
c2:e0:c3:e2:a2:25:61:e2:c5:e5:44:0e:5e:a8:1c:19:08:3b:
af:25:85:e9:07:9b:47:cd:51:89:95:95:73:f6:11:c3:13:c8:
69:25:4f:f2:f4:fa:87:e8:72:51:11:5e:44:cb:2f:e3:f7:40:
c8:3f:a1:cf:46:bb:f4:aa:a6:d0:8c:55:6f:0a:65:e1:97:05:
07:fc:de:21:7e:2f:2d:d1:15:ea:0d:4d:5d:62:c8:34:6f:98:
b9:06:fc:21:44:2e:b6:88:c8:f7:65:5e:93:a9:f3:99:3d:dd:
5c:04:19:2a:d8:d7:5c:aa:30:62:0d:cb:03:3d:72:59:9c:7d:
2b:3e:1b:8b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYpLZ2/OJokUESbh+UCm1xtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwODMxMTE0MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGU0ZTI1NjcxYTI3ODI2MmFiYzZiZjFlMGU3ZTE4ZmZjM2E5MTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIcJczid+hxiuukIwFJjqQBZ0YOD
2h79OeQ6exec8I9U9JOvjif3BkUh2RAUUi34Gd+h2jDNs+pQ1Nme8CCZyWfF6iE6
tsOV7Ufq9IVx9Mtw8ho/E7M2pHz/72vyMwywyP+OKKBxrlZGopmlev6/XtxoYc1e
pAlft2UQnCs1muj+xIhZGGkHDPVZK8buaK4gcLO7HBJH8xaJpluBwP6UnXEe0BW6
N/YD3Jd2Nd2pe2QXkKTt/0gz4O2TK7zB9lW2BeOiHSuUQm8Ow/PBIYcEDcwlxJWO
ODUAnJLI2rn3R5q0Xg1wlwACONV9X4K7pbpJU1JAMxmaFrR5YCY7LgfMxQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFTk4lZxongmKrxr8eDn4Y/8OpEcMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVk9UaVZuR2llQ1lxdkd2eDRPZmhqX3c2a1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFUIHID
BAFUIHQDBABY2JQDBAJY2KQwDQYJKoZIhvcNAQELBQADggEBAB3PEp6wTo2sMvm5
VKwUct/Y5Zx1VM11lA905/wiho+UEDaxF41mqCg6CMB1QNlNgFsOrSZe9v2Tshbv
5myZuc6ZM9vaStkQ+thwZ8fGyK5ktg1LNiSsbmgFzHjdl+Hv6HpbIJk3SGPp3gwZ
J6IhZu3V5rmOmShLs6tdTIAFZMLgw+KiJWHixeVEDl6oHBkIO68lhekHm0fNUYmV
lXP2EcMTyGklT/L0+ofoclERXkTLL+P3QMg/oc9Gu/SqptCMVW8KZeGXBQf83iF+
Ly3RFeoNTV1iyDRvmLkG/CFELraIyPdlXpOp85k93VwEGSrY11yqMGINywM9clmc
fSs+G4s=
-----END CERTIFICATE-----
Generated at Fri Oct 13 14:41:27 2023 by rpki-client on console-ams.rpki-client.org