Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/klrfGw7WaIMUPWIwhj4qZYPSgkY.roa
File: klrfGw7WaIMUPWIwhj4qZYPSgkY.roa (raw, json)
Hash identifier: a6ReZCOgO3+GcsSf8vPMvr2/IyladnuX2oGmnfPzv44=
Subject key identifier: 92:5A:DF:1B:0E:D6:68:83:14:3D:62:30:86:3E:2A:65:83:D2:82:46
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185F3EF5B41A139AF6A3BE288A06449CFC1
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/klrfGw7WaIMUPWIwhj4qZYPSgkY.roa
Signing time: Fri 27 Jan 2023 15:53:48 +0000
ROA not before: Fri 27 Jan 2023 15:53:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 88.216.189.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Feb 2023 17:36:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:ef:5b:41:a1:39:af:6a:3b:e2:88:a0:64:49:cf:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 27 15:53:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=925adf1b0ed66883143d6230863e2a6583d28246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:84:a4:81:96:87:58:4b:ef:bf:80:4e:65:9f:
6f:f7:37:5a:f2:23:9d:3c:14:db:d6:c9:cd:2a:ae:
87:96:0b:33:6c:80:b9:2b:87:ab:a5:81:88:2d:21:
5d:98:09:b2:64:16:80:51:84:b6:c7:34:e9:69:50:
02:75:f8:ed:9a:88:3e:25:89:34:ff:6b:59:19:ec:
81:ec:5a:8f:52:83:db:77:e8:34:5d:d3:25:4c:f6:
04:39:27:ba:61:e0:9a:f4:0b:35:fd:b5:7e:23:76:
16:cb:b7:3e:5a:8b:41:16:fe:8e:f0:0c:35:6b:a6:
a4:61:05:eb:20:f5:32:4f:89:c1:11:94:fb:51:e1:
5f:bc:ea:c6:2c:6f:6b:d9:44:54:46:ea:ad:c6:46:
82:dc:2c:d3:f4:11:79:ff:8d:d2:9b:32:cc:aa:d6:
b4:7b:f3:a3:9e:4a:e1:6e:6d:62:db:3d:04:d7:65:
6c:49:4c:d0:10:db:45:1d:7e:c1:80:6f:56:67:20:
01:38:c5:fc:00:f1:83:fa:18:0a:84:b9:4b:89:41:
0f:19:c4:d0:89:a6:8d:f9:b0:d1:29:43:a8:a2:25:
2f:87:60:f6:db:ff:8f:02:0f:d1:2f:6c:bd:3a:61:
be:ef:c0:5a:f1:96:b5:0d:21:c2:01:01:fa:df:db:
f5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:5A:DF:1B:0E:D6:68:83:14:3D:62:30:86:3E:2A:65:83:D2:82:46
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/klrfGw7WaIMUPWIwhj4qZYPSgkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.231.0/24
88.216.189.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:44:85:c9:f3:af:72:0d:ce:c1:ab:b8:8c:80:7e:12:ea:52:
a7:78:16:f3:75:81:f7:00:34:7e:d9:5d:53:94:32:4f:1f:64:
10:69:95:6d:a0:2a:66:85:ee:5c:f0:0a:ab:60:ff:45:86:c4:
1e:c3:06:6b:d0:dd:ca:86:71:44:21:79:c7:97:e1:23:33:f3:
bf:60:d9:c4:b9:65:4f:0c:e0:71:36:21:7a:f5:f3:b3:45:73:
95:31:3e:8a:7d:72:c6:15:7e:b1:5b:ec:7c:54:3e:3d:a8:e4:
9e:73:37:85:b8:39:16:42:27:79:37:f6:ef:74:20:b6:63:99:
11:cd:2e:51:e5:fc:5a:2a:98:4e:42:fc:93:f5:68:d1:5b:62:
1f:c3:6c:37:23:c6:8a:bb:ff:a5:ee:32:45:2e:14:78:07:25:
b0:ec:ef:6a:78:44:80:50:2a:99:01:28:69:bd:9c:22:15:f1:
7a:a3:f5:62:f1:41:17:20:72:29:bb:69:dd:9f:d5:b0:3f:6d:
72:e1:d5:46:9b:4f:9a:f2:b3:a2:da:42:6c:5b:b2:39:4e:ca:
8a:e2:7f:44:6c:b9:81:bf:bc:67:2e:2c:0d:92:0f:5a:23:0f:
f7:96:f3:f7:6e:f5:db:c8:0b:56:5d:06:4b:98:3f:cc:77:68:
59:82:dd:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXz71tBoTmvajviiKBkSc/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTI3MTU1MzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjVhZGYxYjBlZDY2ODgzMTQzZDYyMzA4NjNlMmE2NTgzZDI4MjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoSkgZaHWEvvv4BOZZ9v9zda8iOd
PBTb1snNKq6HlgszbIC5K4erpYGILSFdmAmyZBaAUYS2xzTpaVACdfjtmog+JYk0
/2tZGeyB7FqPUoPbd+g0XdMlTPYEOSe6YeCa9As1/bV+I3YWy7c+WotBFv6O8Aw1
a6akYQXrIPUyT4nBEZT7UeFfvOrGLG9r2URURuqtxkaC3CzT9BF5/43SmzLMqta0
e/Ojnkrhbm1i2z0E12VsSUzQENtFHX7BgG9WZyABOMX8APGD+hgKhLlLiUEPGcTQ
iaaN+bDRKUOooiUvh2D22/+PAg/RL2y9OmG+78Ba8Za1DSHCAQH639v1IwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJJa3xsO1miDFD1iMIY+KmWD0oJGMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEva2xyZkd3N1dhSU1VUFdJd2hqNHFaWVBTZ2tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCDnAwQA
WNi9MA0GCSqGSIb3DQEBCwUAA4IBAQBaRIXJ869yDc7Bq7iMgH4S6lKneBbzdYH3
ADR+2V1TlDJPH2QQaZVtoCpmhe5c8AqrYP9FhsQewwZr0N3KhnFEIXnHl+EjM/O/
YNnEuWVPDOBxNiF69fOzRXOVMT6KfXLGFX6xW+x8VD49qOSeczeFuDkWQid5N/bv
dCC2Y5kRzS5R5fxaKphOQvyT9WjRW2Ifw2w3I8aKu/+l7jJFLhR4ByWw7O9qeESA
UCqZAShpvZwiFfF6o/Vi8UEXIHIpu2ndn9WwP21y4dVGm0+a8rOi2kJsW7I5TsqK
4n9EbLmBv7xnLiwNkg9aIw/3lvP3bvXbyAtWXQZLmD/Md2hZgt0D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:35 2024 by rpki-client on console-fra.rpki-client.org