Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/cvPd6WqEImGA6uJm1GWwwk8NfX0.roa
File: cvPd6WqEImGA6uJm1GWwwk8NfX0.roa (raw, json)
Hash identifier: RD2b7ofzVdcXF7CgOMfgzdUJ4PeT66umb+H8RVwX82g=
Subject key identifier: 72:F3:DD:E9:6A:84:22:61:80:EA:E2:66:D4:65:B0:C2:4F:0D:7D:7D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CAF907A7A230DFD1A7F57F0E5FCEEF454
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/cvPd6WqEImGA6uJm1GWwwk8NfX0.roa
Signing time: Thu 28 Dec 2023 08:35:30 +0000
ROA not before: Thu 28 Dec 2023 08:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 88.216.224.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:90:7a:7a:23:0d:fd:1a:7f:57:f0:e5:fc:ee:f4:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 28 08:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72f3dde96a84226180eae266d465b0c24f0d7d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:66:94:52:3f:7a:be:c5:0b:e9:52:b7:29:8e:
d1:33:a4:d3:6b:c6:ea:02:73:d7:a7:19:e4:95:37:
59:2e:bc:96:52:d6:75:c2:ee:35:68:bf:4a:f4:ea:
07:be:7b:33:1a:c1:66:e2:f7:32:4d:e9:3c:fb:1f:
de:3d:d7:64:0d:95:f3:77:d5:bf:88:f3:72:99:c6:
1d:a3:87:db:20:6a:b7:37:e9:be:35:8e:77:aa:44:
71:3b:2d:b7:48:0b:5b:82:c6:df:c6:43:0c:26:98:
5e:87:6d:18:5a:03:cb:f5:1d:f5:7f:4f:08:bd:b0:
be:cc:47:6e:a2:39:50:17:f9:43:07:a1:87:7a:31:
24:33:ea:67:3a:07:b7:b1:7d:30:ed:2d:3d:f9:22:
c8:02:f4:2d:d9:28:60:c9:3c:08:e7:63:4b:cf:26:
a1:21:3b:90:3e:15:09:50:68:e5:04:e0:b2:0d:7c:
84:03:c2:05:86:de:62:44:fe:d6:36:f1:01:22:70:
6a:ad:7a:47:d5:a9:4f:9a:1d:57:94:a1:2c:7e:ce:
77:ed:38:bb:ef:8b:b6:f5:8f:b9:d5:41:4b:ca:d5:
f5:9c:92:78:1d:ff:c8:38:3e:cd:92:7d:24:a4:19:
2e:48:8e:f8:aa:d4:d7:c0:c1:59:d5:96:fa:c0:e4:
f9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F3:DD:E9:6A:84:22:61:80:EA:E2:66:D4:65:B0:C2:4F:0D:7D:7D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/cvPd6WqEImGA6uJm1GWwwk8NfX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.224.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:65:f7:48:69:ef:d7:b9:23:93:6c:7b:f1:66:2a:92:76:5a:
6c:69:ad:ae:67:da:89:55:cf:90:dd:3e:2a:85:6c:ab:b9:a4:
92:e7:01:a7:f9:ec:23:ab:d1:d4:ba:00:30:1f:d9:c6:60:89:
d9:48:69:b4:b8:7d:86:f0:f3:5d:1a:91:9c:38:1d:8b:8e:6f:
62:35:13:05:26:9b:b9:2d:ab:95:ae:e8:aa:bc:13:b5:88:17:
4b:3b:67:8f:c6:d3:3c:a7:f6:f5:51:58:4c:ea:eb:b7:74:34:
ec:9d:e4:17:c9:33:89:27:f4:0d:0c:51:48:94:a2:92:e0:cf:
6b:16:28:f2:c5:dd:ce:0a:ba:2c:2f:47:df:69:8d:8f:aa:51:
de:68:28:44:30:f5:85:95:5b:82:82:e5:30:a4:7b:8f:e6:59:
2a:40:53:9a:c3:c1:8b:72:8e:03:b7:15:34:10:8d:0b:1b:3e:
77:53:69:f8:f1:d1:a7:f9:9e:c1:7e:8d:7a:bc:42:e8:ad:d2:
ff:86:3d:f1:14:17:27:ea:dd:09:c7:a0:5e:55:48:0f:df:0b:
bc:62:91:dc:23:83:8c:de:7f:68:f2:cf:7e:0f:08:0f:62:75:
19:ad:44:24:5a:cb:e4:e6:a5:d7:bc:48:12:3d:cb:e0:13:b7:
00:9c:cf:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyvkHp6Iw39Gn9X8OX87vRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMjI4MDgzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmYzZGRlOTZhODQyMjYxODBlYWUyNjZkNDY1YjBjMjRmMGQ3ZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2aUUj96vsUL6VK3KY7RM6TTa8bq
AnPXpxnklTdZLryWUtZ1wu41aL9K9OoHvnszGsFm4vcyTek8+x/ePddkDZXzd9W/
iPNymcYdo4fbIGq3N+m+NY53qkRxOy23SAtbgsbfxkMMJpheh20YWgPL9R31f08I
vbC+zEduojlQF/lDB6GHejEkM+pnOge3sX0w7S09+SLIAvQt2ShgyTwI52NLzyah
ITuQPhUJUGjlBOCyDXyEA8IFht5iRP7WNvEBInBqrXpH1alPmh1XlKEsfs537Ti7
74u29Y+51UFLytX1nJJ4Hf/IOD7Nkn0kpBkuSI74qtTXwMFZ1Zb6wOT5MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHLz3elqhCJhgOriZtRlsMJPDX19MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvY3ZQZDZXcUVJbUdBNnVKbTFHV3d3azhOZlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNjgMA0G
CSqGSIb3DQEBCwUAA4IBAQALZfdIae/XuSOTbHvxZiqSdlpsaa2uZ9qJVc+Q3T4q
hWyruaSS5wGn+ewjq9HUugAwH9nGYInZSGm0uH2G8PNdGpGcOB2Ljm9iNRMFJpu5
LauVruiqvBO1iBdLO2ePxtM8p/b1UVhM6uu3dDTsneQXyTOJJ/QNDFFIlKKS4M9r
Fijyxd3OCrosL0ffaY2PqlHeaChEMPWFlVuCguUwpHuP5lkqQFOaw8GLco4DtxU0
EI0LGz53U2n48dGn+Z7Bfo16vELordL/hj3xFBcn6t0Jx6BeVUgP3wu8YpHcI4OM
3n9o8s9+DwgPYnUZrUQkWsvk5qXXvEgSPcvgE7cAnM9X
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:50 2024 by rpki-client on console-fra.rpki-client.org