Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_IVmXj33-S4pqasycKURwlFjWGA.roa
File: _IVmXj33-S4pqasycKURwlFjWGA.roa (raw, json)
Hash identifier: lODBC8swxAC5CAmIj0KSrBIx8H0LRAmbr4OEqbhqoCg=
Subject key identifier: FC:85:66:5E:3D:F7:F9:2E:29:A9:AB:32:70:A5:11:C2:51:63:58:60
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFB23DDDA59B304DA68BFF0EDF32E6
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_IVmXj33-S4pqasycKURwlFjWGA.roa
Signing time: Sun 01 Jan 2023 18:54:46 +0000
ROA not before: Sun 01 Jan 2023 18:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8764
IP address blocks: 88.216.139.0/24 maxlen: 24
88.216.138.0/24 maxlen: 24
88.216.142.0/24 maxlen: 24
88.216.143.0/24 maxlen: 24
88.216.140.0/24 maxlen: 24
88.216.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:b2:3d:dd:a5:9b:30:4d:a6:8b:ff:0e:df:32:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc85665e3df7f92e29a9ab3270a511c251635860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:87:da:07:a8:98:8d:f4:54:9c:ce:81:36:90:
9b:c2:8d:9b:bf:ba:4f:88:6a:b2:88:b7:40:47:94:
40:d8:94:71:bf:61:0f:61:c7:a9:20:f5:8c:89:5a:
dd:88:90:ac:f4:f2:73:dc:c4:f8:49:82:7f:d4:7f:
2e:09:ba:52:6a:bf:4e:85:11:53:d3:b6:08:f5:42:
57:ef:c9:4c:ba:8d:08:e0:5d:64:1e:37:57:75:b7:
c2:b9:aa:b1:ad:0f:d2:a2:8b:05:ad:9c:6a:81:f0:
4f:4c:2b:18:3b:a3:09:a7:6f:a4:a1:8b:90:be:b0:
bb:ae:5a:7f:ad:23:c2:6c:be:5f:bb:21:c6:b6:52:
b5:39:fb:1e:06:4f:d9:5c:16:5b:8b:e6:de:74:a6:
c6:14:c4:b0:bc:d5:c9:79:76:64:3c:a5:a7:8d:8e:
52:64:b5:2e:3d:34:53:b1:15:6d:f9:59:09:aa:57:
05:36:da:d4:c7:df:83:b1:20:fe:b4:89:37:c9:cf:
17:ca:99:00:26:ff:e1:08:cf:c9:ff:da:41:f3:9a:
88:d8:e2:13:d6:8c:d2:c1:69:43:30:5f:1f:c7:b0:
6e:3b:b4:db:a3:0e:85:ab:8f:73:d4:01:dd:aa:d1:
40:4c:5a:62:8f:a8:64:d8:ba:7d:3a:b4:fd:6d:01:
28:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:85:66:5E:3D:F7:F9:2E:29:A9:AB:32:70:A5:11:C2:51:63:58:60
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_IVmXj33-S4pqasycKURwlFjWGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.138.0-88.216.143.255
Signature Algorithm: sha256WithRSAEncryption
93:a6:d7:68:fc:a6:fe:3d:10:e4:c2:9e:d0:cc:ee:49:3f:e6:
6d:e4:38:8f:85:a9:66:9b:e8:c5:dd:74:39:8a:6f:a8:7a:37:
17:0c:ca:58:b6:d9:fb:b2:ba:6d:70:8e:5c:2c:51:ea:cf:85:
91:f4:cd:bb:bd:45:28:19:16:4e:e7:c0:47:3a:32:68:0b:12:
cd:b4:34:81:b5:b0:59:a7:73:e0:35:df:cd:9f:b6:6a:07:72:
72:64:dc:b0:4b:37:c9:f6:9a:01:99:19:23:67:7c:d9:ea:28:
32:fe:fe:cd:9a:a7:57:56:25:a9:fe:3e:fc:49:21:51:27:52:
f2:4e:c6:1d:94:6a:b3:3a:30:8e:b6:8e:1e:da:be:d6:e3:39:
b5:53:7c:af:14:9e:38:4f:d1:e3:64:0d:a7:a3:9a:bb:7c:dc:
2f:83:88:24:52:b2:34:87:65:d9:b7:d9:e2:66:c3:18:3a:22:
d4:52:07:72:d3:20:6a:b4:b0:82:59:eb:f1:20:ac:3a:d7:4e:
bd:7d:44:19:4b:95:f6:cd:06:2a:ee:c6:09:36:dc:7a:bb:62:
2b:39:59:72:89:1f:d5:52:89:9e:a7:26:9a:16:59:75:74:17:
5c:38:5e:94:50:a5:c3:2b:cc:62:00:47:c8:b6:c9:8e:c0:f4:
7b:f1:1c:b9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVur7I93aWbME2mi/8O3zLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzg1NjY1ZTNkZjdmOTJlMjlhOWFiMzI3MGE1MTFjMjUxNjM1ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIfaB6iYjfRUnM6BNpCbwo2bv7pP
iGqyiLdAR5RA2JRxv2EPYcepIPWMiVrdiJCs9PJz3MT4SYJ/1H8uCbpSar9OhRFT
07YI9UJX78lMuo0I4F1kHjdXdbfCuaqxrQ/SoosFrZxqgfBPTCsYO6MJp2+koYuQ
vrC7rlp/rSPCbL5fuyHGtlK1OfseBk/ZXBZbi+bedKbGFMSwvNXJeXZkPKWnjY5S
ZLUuPTRTsRVt+VkJqlcFNtrUx9+DsSD+tIk3yc8XypkAJv/hCM/J/9pB85qI2OIT
1ozSwWlDMF8fx7BuO7Tbow6Fq49z1AHdqtFATFpij6hk2Lp9OrT9bQEoZQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPyFZl499/kuKamrMnClEcJRY1hgMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvX0lWbVhqMzMtUzRwcWFzeWNLVVJ3bEZqV0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFY2IoD
BARY2IAwDQYJKoZIhvcNAQELBQADggEBAJOm12j8pv49EOTCntDM7kk/5m3kOI+F
qWab6MXddDmKb6h6NxcMyli22fuyum1wjlwsUerPhZH0zbu9RSgZFk7nwEc6MmgL
Es20NIG1sFmnc+A1382ftmoHcnJk3LBLN8n2mgGZGSNnfNnqKDL+/s2ap1dWJan+
PvxJIVEnUvJOxh2UarM6MI62jh7avtbjObVTfK8UnjhP0eNkDaejmrt83C+DiCRS
sjSHZdm32eJmwxg6ItRSB3LTIGq0sIJZ6/EgrDrXTr19RBlLlfbNBiruxgk23Hq7
Yis5WXKJH9VSiZ6nJpoWWXV0F1w4XpRQpcMrzGIAR8i2yY7A9HvxHLk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org