Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Vo4JT1ACqJFHJXH8u9uWagqnW3A.roa
File: Vo4JT1ACqJFHJXH8u9uWagqnW3A.roa (raw, json)
Hash identifier: xAcqZkXjqmVz940sUcg9gF517pXz2tjCLgSLjq1Ojzk=
Subject key identifier: 56:8E:09:4F:50:02:A8:91:47:25:71:FC:BB:DB:96:6A:0A:A7:5B:70
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186D037A701C4A4EB2D7009AC7A77AACA99
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Vo4JT1ACqJFHJXH8u9uWagqnW3A.roa
Signing time: Sat 11 Mar 2023 10:29:13 +0000
ROA not before: Sat 11 Mar 2023 10:29:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d0:37:a7:01:c4:a4:eb:2d:70:09:ac:7a:77:aa:ca:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 11 10:29:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=568e094f5002a891472571fcbbdb966a0aa75b70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:42:a9:98:dd:3c:13:6a:9b:b6:84:3d:f2:6f:
ec:0a:23:a0:15:50:c5:31:52:08:1c:c8:92:dd:03:
96:5b:11:63:67:67:91:7b:3a:d8:82:75:e3:18:95:
b4:b3:95:f3:e8:f6:9c:69:5d:c9:6e:5c:f3:94:bf:
46:65:85:f6:23:82:07:3b:0e:bc:dc:f5:8c:c2:91:
84:b5:58:cb:af:01:e1:10:55:94:04:97:d3:a5:ab:
3c:b0:eb:24:26:ee:2d:6e:e6:f3:5b:9c:dc:bb:ff:
74:5d:f6:c8:00:14:15:1f:58:92:ac:f8:16:91:78:
b3:09:2d:2d:cc:1b:80:b9:a9:15:7f:5d:73:bc:1c:
5d:c3:2e:d9:ba:fc:7d:82:7d:1f:52:d1:0d:44:03:
22:ee:81:a9:3f:81:4f:53:84:66:f8:f4:dc:1f:2d:
14:9c:92:4f:5c:1c:82:5c:2b:32:c2:2c:f3:f5:be:
c2:f7:59:cb:3a:c4:74:5c:74:eb:c6:2a:2f:4c:c4:
68:fc:82:d1:4a:d3:21:e4:62:d1:bf:47:a5:4a:5d:
4d:41:62:61:4a:84:30:8a:0e:35:c5:c6:77:cf:28:
ae:92:5e:44:1a:fa:4a:fd:68:47:01:35:b4:39:c1:
cf:b9:eb:bc:f6:86:7f:46:0b:36:9d:dc:c9:ee:fb:
46:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:8E:09:4F:50:02:A8:91:47:25:71:FC:BB:DB:96:6A:0A:A7:5B:70
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Vo4JT1ACqJFHJXH8u9uWagqnW3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.152.0-84.32.154.255
84.32.156.0/22
84.32.175.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.111.0/24
88.216.132.0/24
88.216.185.0/24
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
63:fe:64:07:c9:ab:0f:03:06:5b:cd:d3:df:02:94:84:aa:f8:
28:f0:58:04:cb:cf:a0:79:d4:ab:e2:01:24:2a:56:90:86:b7:
59:03:3a:36:d9:05:13:4a:7e:59:cd:2c:f2:10:9d:95:c1:07:
e7:00:6d:03:dd:0b:63:79:ee:34:6b:95:2a:4b:16:16:60:1f:
0d:25:fe:81:3c:f4:81:4e:fc:9f:ec:15:8e:1e:88:f5:ea:a2:
53:e2:ee:2a:38:bd:df:83:b5:9a:d2:7b:82:71:59:7b:11:0d:
48:0e:9e:c8:ef:65:c0:bd:69:b4:ff:48:50:63:b6:b2:69:d0:
6f:2e:07:d2:3d:da:15:e7:59:39:0f:c0:cc:0f:3b:99:06:01:
9d:37:7a:15:c9:2c:87:07:d9:5f:b0:a5:84:6a:80:1a:03:e6:
32:a1:76:7c:77:72:d8:6e:02:14:1f:71:22:ca:6b:d0:77:ad:
c4:2b:fd:f8:82:ef:2c:4e:68:b2:9b:00:b5:ef:3d:75:c3:ac:
a3:f4:9d:7b:bd:30:e1:95:1b:56:b1:75:c6:1d:33:9c:cf:4e:
d1:ee:3e:45:48:fa:76:50:9b:3d:c3:db:7a:ed:57:5d:9b:dc:
c3:1c:43:d3:25:5a:25:bc:e9:93:ea:88:2a:7d:ee:83:e2:2e:
d4:14:ee:52
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYbQN6cBxKTrLXAJrHp3qsqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzExMTAyOTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjhlMDk0ZjUwMDJhODkxNDcyNTcxZmNiYmRiOTY2YTBhYTc1YjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEKpmN08E2qbtoQ98m/sCiOgFVDF
MVIIHMiS3QOWWxFjZ2eRezrYgnXjGJW0s5Xz6PacaV3JblzzlL9GZYX2I4IHOw68
3PWMwpGEtVjLrwHhEFWUBJfTpas8sOskJu4tbubzW5zcu/90XfbIABQVH1iSrPgW
kXizCS0tzBuAuakVf11zvBxdwy7Zuvx9gn0fUtENRAMi7oGpP4FPU4Rm+PTcHy0U
nJJPXByCXCsywizz9b7C91nLOsR0XHTrxiovTMRo/ILRStMh5GLRv0elSl1NQWJh
SoQwig41xcZ3zyiukl5EGvpK/WhHATW0OcHPueu89oZ/Rgs2ndzJ7vtGzwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFFaOCU9QAqiRRyVx/LvblmoKp1twMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVm80SlQxQUNxSkZISlhIOHU5dVdhZ3FuVzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBANUIJgD
BABUIJoDBAJUIJwDBABUIK8DBAFY2CwwDAMEA1jYOAMEAVjYQAMEAFjYbwMEAFjY
hAMEAFjYuQMEAFjY1zANBgkqhkiG9w0BAQsFAAOCAQEAY/5kB8mrDwMGW83T3wKU
hKr4KPBYBMvPoHnUq+IBJCpWkIa3WQM6NtkFE0p+Wc0s8hCdlcEH5wBtA90LY3nu
NGuVKksWFmAfDSX+gTz0gU78n+wVjh6I9eqiU+LuKji934O1mtJ7gnFZexENSA6e
yO9lwL1ptP9IUGO2smnQby4H0j3aFedZOQ/AzA87mQYBnTd6FckshwfZX7ClhGqA
GgPmMqF2fHdy2G4CFB9xIspr0HetxCv9+ILvLE5ospsAte89dcOso/Sde70w4ZUb
VrF1xh0znM9O0e4+RUj6dlCbPcPbeu1XXZvcwxxD0yVaJbzpk+qIKn3ug+Iu1BTu
Ug==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:30 2023 by rpki-client on console-ams.rpki-client.org