Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mIZQkZhMunbmMeznZo5kjMVbQXM.roa
File: mIZQkZhMunbmMeznZo5kjMVbQXM.roa (raw, json)
Hash identifier: f7pAt8UQdBxczasMcOZe8pgeqU4EUDbJ0RQ09x4JuBw=
Subject key identifier: 98:86:50:91:98:4C:BA:76:E6:31:EC:E7:66:8E:64:8C:C5:5B:41:73
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC5014ABD3F14F44C9A810FABF393FBDC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mIZQkZhMunbmMeznZo5kjMVbQXM.roa
Signing time: Mon 01 Jan 2024 12:30:45 +0000
ROA not before: Mon 01 Jan 2024 12:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201575
IP address blocks: 88.216.208.0/24 maxlen: 24
84.32.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jan 2024 18:13:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4a:bd:3f:14:f4:4c:9a:81:0f:ab:f3:93:fb:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98865091984cba76e631ece7668e648cc55b4173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:81:b3:18:e9:f7:e5:29:8f:01:e3:b6:08:ed:
d0:78:bb:24:b9:d6:47:89:e4:b2:82:54:2e:2f:dd:
29:e8:f9:85:d0:d9:68:37:64:4c:65:c9:24:2f:a6:
74:3d:84:81:03:e0:be:c2:37:ba:b4:50:30:f7:2e:
b0:13:60:05:6d:6c:0b:38:e7:02:9f:5a:b5:4b:eb:
50:e2:4e:9e:f0:77:5e:09:98:da:38:8e:6b:1f:7f:
77:80:e8:02:7b:1f:6b:a5:c8:48:e3:5f:bd:e6:10:
b6:93:3a:47:ab:f3:86:55:39:a9:d0:97:bb:02:3e:
eb:be:d1:e5:a2:e8:14:57:c9:82:b1:e3:41:de:7e:
2e:b6:14:1d:d6:29:84:37:fc:6c:89:b9:72:a5:f6:
09:8c:ce:ec:81:cf:fd:50:d8:7f:6f:49:ce:0f:be:
f1:b3:11:19:f9:40:ca:a1:8b:39:34:4a:81:33:17:
be:29:a8:cf:f4:15:c2:61:ca:e2:8d:33:71:56:6e:
c7:9a:2d:73:11:6d:12:95:9d:e0:4b:ed:09:ac:50:
63:d5:b3:ca:e8:00:32:83:68:26:09:e8:60:a1:ce:
93:3c:cf:3c:f2:ef:0f:28:f8:d2:00:0b:d5:c3:f2:
58:76:e7:cb:70:5c:57:a1:58:1d:08:ca:70:eb:3c:
ee:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:86:50:91:98:4C:BA:76:E6:31:EC:E7:66:8E:64:8C:C5:5B:41:73
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mIZQkZhMunbmMeznZo5kjMVbQXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.249.0/24
88.216.208.0/24
Signature Algorithm: sha256WithRSAEncryption
65:10:bf:be:c7:8c:0a:3d:ec:a8:55:89:d5:59:5d:22:7d:d6:
b1:5c:ac:6c:45:96:8d:cb:cf:db:53:e2:46:71:e6:24:b3:19:
50:f7:a0:14:7c:64:78:03:5d:5d:f9:ba:8c:1c:c2:19:ce:5f:
92:bc:30:e7:fe:ef:aa:2f:9a:ee:06:ad:23:4d:81:d8:83:ee:
bd:b5:1a:6b:2d:19:7d:a2:ff:48:49:bb:ad:5a:7b:ae:78:20:
d6:c3:8a:5d:d0:b6:eb:b9:7d:bd:e2:d5:75:a5:3d:87:94:b0:
3e:58:dd:e9:bd:a5:64:a3:fe:be:f6:43:7c:de:4c:22:e3:1c:
b8:f9:ba:3e:bd:06:cc:95:3f:09:db:45:b6:55:9b:f5:02:a7:
fa:db:bd:76:ca:9c:41:f9:df:72:58:88:85:99:4e:92:82:bf:
be:d6:8d:6a:e6:26:77:eb:b8:12:b5:31:3a:85:86:f2:c7:17:
f5:13:38:a6:8b:1c:d9:05:cb:e7:59:7d:34:ef:d1:99:32:1f:
fc:6b:1f:07:db:05:e1:6e:11:43:48:d2:46:fd:83:2e:3b:cc:
d7:f0:09:c3:41:56:dc:c9:00:17:c1:03:69:15:bd:ae:c4:82:
09:bb:7e:f2:d1:94:36:69:83:eb:11:1a:0c:c3:6a:48:b1:b4:
ad:2b:48:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAUq9PxT0TJqBD6vzk/vcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODg2NTA5MTk4NGNiYTc2ZTYzMWVjZTc2NjhlNjQ4Y2M1NWI0MTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYGzGOn35SmPAeO2CO3QeLskudZH
ieSyglQuL90p6PmF0NloN2RMZckkL6Z0PYSBA+C+wje6tFAw9y6wE2AFbWwLOOcC
n1q1S+tQ4k6e8HdeCZjaOI5rH393gOgCex9rpchI41+95hC2kzpHq/OGVTmp0Je7
Aj7rvtHlougUV8mCseNB3n4uthQd1imEN/xsiblypfYJjM7sgc/9UNh/b0nOD77x
sxEZ+UDKoYs5NEqBMxe+KajP9BXCYcrijTNxVm7Hmi1zEW0SlZ3gS+0JrFBj1bPK
6AAyg2gmCehgoc6TPM888u8PKPjSAAvVw/JYdufLcFxXoVgdCMpw6zzuMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJiGUJGYTLp25jHs52aOZIzFW0FzMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbUlaUWtaaE11bmJtTWV6blpvNWtqTVZiUVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCD5AwQA
WNjQMA0GCSqGSIb3DQEBCwUAA4IBAQBlEL++x4wKPeyoVYnVWV0ifdaxXKxsRZaN
y8/bU+JGceYksxlQ96AUfGR4A11d+bqMHMIZzl+SvDDn/u+qL5ruBq0jTYHYg+69
tRprLRl9ov9ISbutWnuueCDWw4pd0LbruX294tV1pT2HlLA+WN3pvaVko/6+9kN8
3kwi4xy4+bo+vQbMlT8J20W2VZv1Aqf62712ypxB+d9yWIiFmU6Sgr++1o1q5iZ3
67gStTE6hYbyxxf1EzimixzZBcvnWX0079GZMh/8ax8H2wXhbhFDSNJG/YMuO8zX
8AnDQVbcyQAXwQNpFb2uxIIJu37y0ZQ2aYPrERoMw2pIsbStK0iU
-----END CERTIFICATE-----
Generated at Sun Jan 28 18:50:26 2024 by rpki-client on console-fra.rpki-client.org