Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ckWO1Oj4bcLR9scI7a-QGZGBIBE.roa
File: ckWO1Oj4bcLR9scI7a-QGZGBIBE.roa (raw, json)
Hash identifier: 4y3TzLD+RQlKAx68VNrQV+UCyF7eWaVr1cU73jZGfTc=
Subject key identifier: 72:45:8E:D4:E8:F8:6D:C2:D1:F6:C7:08:ED:AF:90:19:91:81:20:11
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01868EDF2ADFFFA8E52267DB33AFE7FD2C76
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ckWO1Oj4bcLR9scI7a-QGZGBIBE.roa
Signing time: Sun 26 Feb 2023 17:57:15 +0000
ROA not before: Sun 26 Feb 2023 17:57:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
84.32.172.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Mar 2023 10:29:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8e:df:2a:df:ff:a8:e5:22:67:db:33:af:e7:fd:2c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 26 17:57:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72458ed4e8f86dc2d1f6c708edaf901991812011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4e:d5:7a:f2:53:78:cc:69:5c:8b:ef:e3:8b:
ff:34:4a:fc:e8:52:aa:e2:c2:c8:a6:b4:82:a2:91:
e6:13:9f:30:d3:9a:0c:af:90:d8:7f:d3:f7:4c:db:
c6:c6:d4:19:79:8b:4f:1c:6a:cf:7e:c5:bf:fc:2e:
84:d3:2b:7d:15:a9:e7:78:89:1c:c0:54:53:06:ee:
70:36:8c:bf:1c:00:fd:9a:c8:c7:1c:ba:64:4c:5d:
76:34:5c:e8:0c:07:bf:33:d2:a2:5f:6d:f3:cd:e2:
7f:84:af:e2:d4:24:c9:8f:fb:e5:cc:bb:ff:cd:1f:
f1:a6:44:5a:e0:3a:9a:20:db:00:92:0a:7b:62:39:
b0:0d:40:e3:ec:3f:c8:af:c3:cd:27:38:98:4c:87:
11:14:27:08:a1:0a:04:92:94:32:8c:63:8d:d9:3e:
7e:52:b0:76:3c:47:51:62:41:e1:16:30:59:3a:2e:
24:e0:45:23:b9:3f:0e:57:5b:19:65:7c:85:30:7d:
b2:59:10:bf:52:d4:13:f1:49:6c:27:a0:7e:52:80:
7d:4b:83:81:81:6c:8b:79:c2:48:6d:1e:28:10:32:
85:8e:a6:e1:e6:ff:d8:88:37:e1:5a:96:f1:fb:46:
a7:d5:98:ab:7f:aa:e6:4d:21:b6:a6:a7:41:d7:03:
bb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:45:8E:D4:E8:F8:6D:C2:D1:F6:C7:08:ED:AF:90:19:91:81:20:11
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ckWO1Oj4bcLR9scI7a-QGZGBIBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.152.0-84.32.154.255
84.32.156.0/22
84.32.172.0/24
84.32.175.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.111.0/24
88.216.132.0/24
88.216.185.0/24
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ab:66:98:4d:b5:08:82:e7:c1:90:f0:b6:94:70:9d:15:00:
06:d9:13:0c:79:5d:18:4e:57:cc:06:98:d4:99:e8:27:3c:64:
3e:02:fd:61:6d:7c:b6:5b:7b:a6:8c:4c:f3:93:c9:64:6b:ff:
2e:34:0b:f8:eb:a4:b6:81:1e:b8:66:48:a7:5c:9f:38:26:c1:
98:eb:bd:9e:b7:eb:99:5b:62:6e:4e:35:c5:f1:97:30:3b:f6:
d4:dc:ae:58:85:7f:bd:7c:d0:45:5e:34:84:6a:bb:c2:b1:05:
b8:10:28:2f:e6:1a:ac:0b:9e:ef:e6:ed:1e:af:88:43:56:7a:
7e:c5:98:7b:be:82:7d:be:53:e6:ee:55:82:bf:23:ca:cf:99:
c6:2d:57:49:fd:4d:d8:f3:35:a5:6d:5d:7a:7e:64:05:4a:70:
37:d8:b5:a0:70:3c:83:01:e7:a3:3c:f4:2f:74:3e:a3:32:8b:
af:51:93:15:ba:02:bd:bb:4b:6d:9b:c6:e6:97:f0:39:40:14:
d6:30:b0:40:28:84:b1:9a:bc:2e:df:4a:99:6a:b7:ac:d1:a1:
c2:1b:87:01:76:70:f2:db:b0:44:58:94:14:2f:6b:5c:2f:d9:
f9:7d:b3:06:2a:ae:c7:5d:a4:ee:29:82:6b:d6:49:19:1c:5a:
83:00:35:06
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYaO3yrf/6jlImfbM6/n/Sx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjI2MTc1NzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjQ1OGVkNGU4Zjg2ZGMyZDFmNmM3MDhlZGFmOTAxOTkxODEyMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU7VevJTeMxpXIvv44v/NEr86FKq
4sLIprSCopHmE58w05oMr5DYf9P3TNvGxtQZeYtPHGrPfsW//C6E0yt9FanneIkc
wFRTBu5wNoy/HAD9msjHHLpkTF12NFzoDAe/M9KiX23zzeJ/hK/i1CTJj/vlzLv/
zR/xpkRa4DqaINsAkgp7YjmwDUDj7D/Ir8PNJziYTIcRFCcIoQoEkpQyjGON2T5+
UrB2PEdRYkHhFjBZOi4k4EUjuT8OV1sZZXyFMH2yWRC/UtQT8UlsJ6B+UoB9S4OB
gWyLecJIbR4oEDKFjqbh5v/YiDfhWpbx+0an1Zirf6rmTSG2pqdB1wO7hwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFHJFjtTo+G3C0fbHCO2vkBmRgSARMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvY2tXTzFPajRiY0xSOXNjSTdhLVFHWkdCSUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBANUIJgD
BABUIJoDBAJUIJwDBABUIKwDBABUIK8DBAFY2CwwDAMEA1jYOAMEAVjYQAMEAFjY
bwMEAFjYhAMEAFjYuQMEAFjY1zANBgkqhkiG9w0BAQsFAAOCAQEAWqtmmE21CILn
wZDwtpRwnRUABtkTDHldGE5XzAaY1JnoJzxkPgL9YW18tlt7poxM85PJZGv/LjQL
+OuktoEeuGZIp1yfOCbBmOu9nrfrmVtibk41xfGXMDv21NyuWIV/vXzQRV40hGq7
wrEFuBAoL+YarAue7+btHq+IQ1Z6fsWYe76Cfb5T5u5Vgr8jys+Zxi1XSf1N2PM1
pW1den5kBUpwN9i1oHA8gwHnozz0L3Q+ozKLr1GTFboCvbtLbZvG5pfwOUAU1jCw
QCiEsZq8Lt9KmWq3rNGhwhuHAXZw8tuwRFiUFC9rXC/Z+X2zBiqux12k7imCa9ZJ
GRxagwA1Bg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:29 2024 by rpki-client on console-ams.rpki-client.org