Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fLB4ZsfehWmAGL6qI74qDBsOQ2Q.roa
File: fLB4ZsfehWmAGL6qI74qDBsOQ2Q.roa (raw, json)
Hash identifier: 8SUIjC//JxJiyj0Norl6DWZYk0R7fOmIElb+cwndiXE=
Subject key identifier: 7C:B0:78:66:C7:DE:85:69:80:18:BE:AA:23:BE:2A:0C:1B:0E:43:64
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018F9C895BE1CFDEA6B93038C17A784D3EB7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fLB4ZsfehWmAGL6qI74qDBsOQ2Q.roa
Signing time: Tue 21 May 2024 19:03:18 +0000
ROA not before: Tue 21 May 2024 19:03:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23013
IP address blocks: 88.216.130.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9c:89:5b:e1:cf:de:a6:b9:30:38:c1:7a:78:4d:3e:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 21 19:03:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cb07866c7de85698018beaa23be2a0c1b0e4364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:39:e2:9c:95:8e:e3:86:19:28:92:a9:85:95:
d8:e7:ed:46:7e:50:b4:b4:14:64:f7:4a:65:a3:4b:
ca:68:1a:5d:9d:41:b7:88:02:5b:79:8c:6f:72:82:
b3:92:71:d6:0c:a7:99:83:f8:92:82:37:6f:6a:20:
de:7b:51:8c:ff:50:cb:c6:c9:1c:02:34:1b:83:13:
9d:22:1b:f4:18:51:c1:1f:20:4c:80:61:92:9b:1b:
3f:a1:fe:06:4a:62:33:26:ac:9e:24:4e:c7:31:52:
2c:f0:cd:88:83:4a:22:d8:d2:c7:55:e9:5c:9a:cb:
3b:13:65:29:44:aa:6e:cd:59:b8:67:51:9c:8a:a8:
35:98:69:32:d4:a3:ab:77:1c:18:40:c9:b2:a0:9c:
1c:92:29:c2:e9:7c:b2:8b:96:16:e0:18:04:62:ec:
0a:20:8c:ee:4e:8c:e3:d3:1d:94:83:6b:50:bb:33:
f3:33:e4:c7:8f:d1:ee:91:3c:9a:a7:b9:f0:46:d2:
61:e5:28:24:65:ce:9c:82:25:28:ba:97:12:b2:c6:
cb:7e:93:42:57:c0:6a:9d:f6:16:04:0e:50:c7:8a:
20:32:17:2a:93:75:9d:71:62:33:50:d4:14:b5:10:
04:5e:cb:04:36:55:c2:3f:ee:79:db:b3:1f:4d:77:
83:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B0:78:66:C7:DE:85:69:80:18:BE:AA:23:BE:2A:0C:1B:0E:43:64
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fLB4ZsfehWmAGL6qI74qDBsOQ2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.130.0/24
88.216.132.0/24
88.216.188.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:e3:51:91:15:37:9c:38:86:ea:0a:ef:64:d9:05:16:c6:d0:
a5:8d:a4:76:ea:7a:da:21:c5:b4:6c:bf:7c:73:6c:ea:4f:ca:
70:7c:0d:08:47:ba:93:a1:f9:9e:a7:ce:db:83:03:fc:33:94:
2a:dc:0d:ef:98:ab:07:79:6f:b7:8b:0c:0a:46:f3:53:05:25:
c2:6c:8c:41:ec:24:06:a9:b1:73:bc:92:8f:70:f9:88:84:3e:
ed:44:0b:d0:a2:49:fc:f8:6b:9f:4a:21:bf:a8:86:cb:91:7f:
91:8d:76:1b:91:df:2c:23:19:96:95:61:a7:10:20:90:56:63:
58:e2:cd:f0:aa:f0:e3:4b:80:57:37:d1:5f:19:74:a8:d9:fc:
28:34:fa:8a:ca:c9:7f:5c:97:30:3c:fc:06:25:cd:8c:da:e7:
53:ba:13:ea:78:32:29:68:5d:47:17:de:09:c2:be:26:35:18:
47:79:e2:c4:1e:fd:d5:0b:69:76:d3:16:88:bf:3d:c1:3f:bf:
71:18:0e:df:81:e9:a0:ad:d0:55:c5:96:31:80:ad:ba:dc:09:
9c:1f:7c:20:28:d9:6b:00:8c:6b:03:c1:c4:9b:7d:28:4d:c3:
d6:74:8b:92:85:d0:5f:b3:1d:28:25:26:5f:4a:47:e3:6b:2b:
5b:8e:53:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+ciVvhz96muTA4wXp4TT63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNTIxMTkwMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2IwNzg2NmM3ZGU4NTY5ODAxOGJlYWEyM2JlMmEwYzFiMGU0MzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7zninJWO44YZKJKphZXY5+1GflC0
tBRk90plo0vKaBpdnUG3iAJbeYxvcoKzknHWDKeZg/iSgjdvaiDee1GM/1DLxskc
AjQbgxOdIhv0GFHBHyBMgGGSmxs/of4GSmIzJqyeJE7HMVIs8M2Ig0oi2NLHVelc
mss7E2UpRKpuzVm4Z1Gciqg1mGky1KOrdxwYQMmyoJwckinC6Xyyi5YW4BgEYuwK
IIzuTozj0x2Ug2tQuzPzM+THj9HukTyap7nwRtJh5SgkZc6cgiUoupcSssbLfpNC
V8BqnfYWBA5Qx4ogMhcqk3WdcWIzUNQUtRAEXssENlXCP+5527MfTXeDDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHyweGbH3oVpgBi+qiO+KgwbDkNkMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZkxCNFpzZmVoV21BR0w2cUk3NHFEQnNPUTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNiCAwQA
WNiEAwQCWNi8MA0GCSqGSIb3DQEBCwUAA4IBAQAb41GRFTecOIbqCu9k2QUWxtCl
jaR26nraIcW0bL98c2zqT8pwfA0IR7qTofmep87bgwP8M5Qq3A3vmKsHeW+3iwwK
RvNTBSXCbIxB7CQGqbFzvJKPcPmIhD7tRAvQokn8+GufSiG/qIbLkX+RjXYbkd8s
IxmWlWGnECCQVmNY4s3wqvDjS4BXN9FfGXSo2fwoNPqKysl/XJcwPPwGJc2M2udT
uhPqeDIpaF1HF94Jwr4mNRhHeeLEHv3VC2l20xaIvz3BP79xGA7fgemgrdBVxZYx
gK263AmcH3wgKNlrAIxrA8HEm30oTcPWdIuShdBfsx0oJSZfSkfjaytbjlM5
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:12:33 2025 by rpki-client