Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ZVfUMcgLS9DtOUny3GcCYM8Pv6Y.roa
File: ZVfUMcgLS9DtOUny3GcCYM8Pv6Y.roa (raw, json)
Hash identifier: oaovPixBLokxXwnCWg9mh7vrvr7eI79FRMJSNMnbYN0=
Subject key identifier: 65:57:D4:31:C8:0B:4B:D0:ED:39:49:F2:DC:67:02:60:CF:0F:BF:A6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188263B40DEF386C41447EA87C4A018C9A7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ZVfUMcgLS9DtOUny3GcCYM8Pv6Y.roa
Signing time: Tue 16 May 2023 20:23:17 +0000
ROA not before: Tue 16 May 2023 20:23:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 88.216.106.0/24 maxlen: 24
88.216.109.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:26:3b:40:de:f3:86:c4:14:47:ea:87:c4:a0:18:c9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 16 20:23:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6557d431c80b4bd0ed3949f2dc670260cf0fbfa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c5:f8:7f:6e:f1:81:6d:46:0e:78:f9:7c:6b:
60:51:17:e6:6b:dc:0c:6d:17:03:08:91:1c:35:1f:
1e:65:db:1b:44:90:dd:af:17:de:b2:c0:63:d4:3f:
f4:ad:75:c4:0d:6f:37:e5:33:a7:54:ba:f7:f8:63:
1e:aa:c6:35:49:1d:a9:da:8d:6d:a4:fe:aa:19:b5:
b9:1e:57:6e:79:b7:13:f9:a9:7e:62:44:df:64:cd:
9e:90:18:ed:62:cb:80:3b:64:9b:cc:83:e3:8e:eb:
1b:0b:53:1f:9a:d4:4c:9a:da:91:df:20:37:61:cd:
c7:d7:3b:5b:58:21:03:88:5e:23:0d:1a:5c:97:de:
12:d5:f8:60:b5:4e:b0:d9:d2:ba:0b:20:e0:05:b1:
6f:0b:5b:32:ca:ba:de:fc:8c:d4:81:ef:77:36:66:
f1:3e:f8:8d:87:63:ce:92:71:a2:bc:54:e6:5e:73:
ca:da:fb:a4:da:73:75:2c:e3:38:38:2f:56:7c:2d:
98:03:da:f4:08:d5:ac:db:4f:a3:8b:7f:9f:1c:a2:
69:81:da:32:9e:2d:39:7b:e7:10:5f:f6:05:16:61:
e5:46:53:95:aa:39:fa:f6:93:bd:7c:ad:ff:f9:7d:
fc:96:c6:df:7f:60:83:65:45:5f:9f:74:0b:8a:ad:
77:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:57:D4:31:C8:0B:4B:D0:ED:39:49:F2:DC:67:02:60:CF:0F:BF:A6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ZVfUMcgLS9DtOUny3GcCYM8Pv6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.106.0/24
88.216.109.0/24
Signature Algorithm: sha256WithRSAEncryption
61:98:e6:4b:06:6e:b6:fa:1c:20:23:9f:b0:46:fb:1a:a2:c8:
4f:71:e6:24:67:e7:ee:3f:41:6d:b2:33:25:44:67:9f:01:29:
3f:15:1b:e9:ad:a6:db:dd:d8:8f:ce:92:46:37:ea:ac:ca:3f:
15:64:60:05:21:65:2e:66:ac:f8:0e:4f:81:59:1b:dc:a7:c5:
c6:54:39:fc:c7:68:46:30:2c:69:e1:b3:ed:2c:43:56:d6:c7:
f5:bd:37:07:96:b8:04:88:4c:84:7b:12:5a:2e:b8:6c:18:fb:
02:48:2e:8e:4c:e4:7b:05:79:78:eb:19:94:aa:ba:fd:59:45:
7f:b2:bf:7c:29:4b:71:f5:11:08:e0:da:ee:d0:31:18:4f:b5:
73:98:f1:44:d5:c5:67:1f:bb:65:9b:7e:e6:4a:13:98:2f:2f:
53:9e:e5:6a:4c:b0:11:88:b8:e5:23:b5:d4:5b:cf:c3:28:d4:
4d:9b:77:9c:66:12:76:3a:d5:de:b2:4a:8a:78:1e:fd:c0:fa:
f8:86:ed:9d:89:e3:58:6c:8c:27:1c:1a:c9:9c:0c:d6:f3:1a:
ef:2c:a6:87:21:51:b6:7d:ca:92:0e:22:9d:29:d7:a1:6c:bc:
06:5a:75:ce:fa:7c:28:2f:da:b0:a2:fd:1c:5a:01:a9:1c:77:
2c:1b:2d:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgmO0De84bEFEfqh8SgGMmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTE2MjAyMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTU3ZDQzMWM4MGI0YmQwZWQzOTQ5ZjJkYzY3MDI2MGNmMGZiZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMX4f27xgW1GDnj5fGtgURfma9wM
bRcDCJEcNR8eZdsbRJDdrxfessBj1D/0rXXEDW835TOnVLr3+GMeqsY1SR2p2o1t
pP6qGbW5HlduebcT+al+YkTfZM2ekBjtYsuAO2SbzIPjjusbC1MfmtRMmtqR3yA3
Yc3H1ztbWCEDiF4jDRpcl94S1fhgtU6w2dK6CyDgBbFvC1syyrre/IzUge93Nmbx
PviNh2POknGivFTmXnPK2vuk2nN1LOM4OC9WfC2YA9r0CNWs20+ji3+fHKJpgdoy
ni05e+cQX/YFFmHlRlOVqjn69pO9fK3/+X38lsbff2CDZUVfn3QLiq13OQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGVX1DHIC0vQ7TlJ8txnAmDPD7+mMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWlZmVU1jZ0xTOUR0T1VueTNHY0NZTThQdjZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNhqAwQA
WNhtMA0GCSqGSIb3DQEBCwUAA4IBAQBhmOZLBm62+hwgI5+wRvsaoshPceYkZ+fu
P0FtsjMlRGefASk/FRvprabb3diPzpJGN+qsyj8VZGAFIWUuZqz4Dk+BWRvcp8XG
VDn8x2hGMCxp4bPtLENW1sf1vTcHlrgEiEyEexJaLrhsGPsCSC6OTOR7BXl46xmU
qrr9WUV/sr98KUtx9REI4Nru0DEYT7VzmPFE1cVnH7tlm37mShOYLy9TnuVqTLAR
iLjlI7XUW8/DKNRNm3ecZhJ2OtXeskqKeB79wPr4hu2dieNYbIwnHBrJnAzW8xrv
LKaHIVG2fcqSDiKdKdehbLwGWnXO+nwoL9qwov0cWgGpHHcsGy3D
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:48 2023 by rpki-client on console-fra.rpki-client.org