Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/keFkKBJgBLzmkTAJ-6WgPKI8WR0.roa
File: keFkKBJgBLzmkTAJ-6WgPKI8WR0.roa (raw, json)
Hash identifier: O49HptHLiUVc8U5ZGSKvzlzdTB/BzwUWL1BK6nRdLOo=
Subject key identifier: 91:E1:64:28:12:60:04:BC:E6:91:30:09:FB:A5:A0:3C:A2:3C:59:1D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018B29536FA5604974D3BB8F48CB7BDB3047
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/keFkKBJgBLzmkTAJ-6WgPKI8WR0.roa
Signing time: Fri 13 Oct 2023 13:56:55 +0000
ROA not before: Fri 13 Oct 2023 13:56:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60099
IP address blocks: 88.216.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:53:6f:a5:60:49:74:d3:bb:8f:48:cb:7b:db:30:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 13 13:56:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91e16428126004bce6913009fba5a03ca23c591d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e1:39:52:95:e4:d5:41:04:9c:72:d2:f9:36:
b6:45:df:2b:9a:99:a4:0b:70:fd:63:83:71:af:b6:
92:c9:58:fb:a3:45:7c:60:47:59:2b:6f:12:70:a6:
1b:40:c4:0a:79:91:2b:b7:ca:f2:34:1f:3e:ae:6a:
eb:c1:64:2d:6d:02:7b:d9:ea:cf:1f:d8:1f:7d:76:
41:84:43:1d:f5:36:a4:15:d4:8a:19:33:0a:e8:be:
1c:56:3a:04:e4:ca:5c:11:6e:6d:0a:fc:a8:6d:2e:
9a:c6:aa:e8:6e:bc:7f:3a:cf:bc:b8:1d:dd:ad:e3:
4e:ea:8c:52:d9:ac:fc:22:2a:75:b5:f9:14:21:82:
20:e1:9d:34:0d:ef:cd:01:8a:3e:1c:96:6c:b6:20:
51:e3:34:98:66:8a:c9:3c:40:df:33:17:16:f0:63:
49:fd:19:10:24:81:65:ae:d2:ce:f6:cd:d4:b5:69:
a3:b3:4e:c9:10:1c:51:9d:27:0e:f8:f6:11:54:66:
19:40:ea:4d:92:cb:07:31:8d:20:1e:12:cf:21:67:
0a:2f:4c:1d:bf:50:5c:c5:12:cb:b1:a5:92:8a:52:
d4:af:48:81:01:3e:7d:a2:91:89:5a:49:bd:13:0a:
28:c6:0c:77:40:12:6e:b9:0e:5d:d5:1f:ab:96:14:
2a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E1:64:28:12:60:04:BC:E6:91:30:09:FB:A5:A0:3C:A2:3C:59:1D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/keFkKBJgBLzmkTAJ-6WgPKI8WR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.4.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:10:0a:4b:eb:e4:91:31:ed:d6:30:c1:30:dc:07:43:01:48:
a7:cd:18:25:b9:f5:d0:35:83:36:c5:8c:40:a9:5c:f3:36:6b:
e6:59:a8:92:53:13:c9:fd:bd:bc:9e:94:d2:44:44:03:f4:f3:
97:ad:90:5e:d4:3e:35:3f:77:6c:d2:71:ec:98:bf:fc:72:1a:
5d:a0:5e:73:e8:dc:55:d9:21:63:b6:4a:0c:43:59:5f:9e:fb:
6b:a8:d8:f3:b6:dc:71:0c:55:25:9d:6d:f7:4e:df:e5:35:0a:
4f:62:f6:e2:96:b2:e2:50:3e:fc:7a:18:04:4a:21:aa:11:5e:
8a:c0:2a:bd:a9:f4:75:29:53:04:bd:1b:59:d7:f2:5c:43:8f:
e5:49:9d:fa:59:94:be:e2:b2:29:72:6f:4a:39:7f:86:35:e6:
b7:0d:b2:07:33:13:8e:fa:fc:f9:55:fb:67:99:fb:e8:11:2a:
ae:07:94:e6:16:56:9d:50:65:62:76:19:0d:dd:67:68:64:72:
07:d3:bf:59:7c:db:3c:84:8a:e4:c6:37:81:89:a0:b7:a2:eb:
9b:5f:0e:06:b4:dc:d5:d9:4b:8f:3f:3d:02:1c:6a:86:95:15:
04:0f:c8:c6:dc:4b:a3:0c:71:66:35:0b:71:2c:6c:ea:2e:de:
64:b3:d9:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYspU2+lYEl007uPSMt72zBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDEzMTM1NjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWUxNjQyODEyNjAwNGJjZTY5MTMwMDlmYmE1YTAzY2EyM2M1OTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+E5UpXk1UEEnHLS+Ta2Rd8rmpmk
C3D9Y4Nxr7aSyVj7o0V8YEdZK28ScKYbQMQKeZErt8ryNB8+rmrrwWQtbQJ72erP
H9gffXZBhEMd9TakFdSKGTMK6L4cVjoE5MpcEW5tCvyobS6axqrobrx/Os+8uB3d
reNO6oxS2az8Iip1tfkUIYIg4Z00De/NAYo+HJZstiBR4zSYZorJPEDfMxcW8GNJ
/RkQJIFlrtLO9s3UtWmjs07JEBxRnScO+PYRVGYZQOpNkssHMY0gHhLPIWcKL0wd
v1BcxRLLsaWSilLUr0iBAT59opGJWkm9Ewooxgx3QBJuuQ5d1R+rlhQqYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHhZCgSYAS85pEwCfuloDyiPFkdMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEva2VGa0tCSmdCTHpta1RBSi02V2dQS0k4V1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNgEMA0G
CSqGSIb3DQEBCwUAA4IBAQBOEApL6+SRMe3WMMEw3AdDAUinzRglufXQNYM2xYxA
qVzzNmvmWaiSUxPJ/b28npTSREQD9POXrZBe1D41P3ds0nHsmL/8chpdoF5z6NxV
2SFjtkoMQ1lfnvtrqNjzttxxDFUlnW33Tt/lNQpPYvbilrLiUD78ehgESiGqEV6K
wCq9qfR1KVMEvRtZ1/JcQ4/lSZ36WZS+4rIpcm9KOX+GNea3DbIHMxOO+vz5Vftn
mfvoESquB5TmFladUGVidhkN3WdoZHIH079ZfNs8hIrkxjeBiaC3ouubXw4GtNzV
2UuPPz0CHGqGlRUED8jG3EujDHFmNQtxLGzqLt5ks9m8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:30 2024 by rpki-client on console-ams.rpki-client.org