Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mNTFCOwi4V1dEjcdhpJzgbAiYS8.roa
File: mNTFCOwi4V1dEjcdhpJzgbAiYS8.roa (raw, json)
Hash identifier: /T7r2zxS/JKTKh5Y01Io5K08SjqcczLrzqrVySuA8p0=
Subject key identifier: 98:D4:C5:08:EC:22:E1:5D:5D:12:37:1D:86:92:73:81:B0:22:61:2F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC5014F07581E58C78B072A166F17BD15
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mNTFCOwi4V1dEjcdhpJzgbAiYS8.roa
Signing time: Mon 01 Jan 2024 12:30:46 +0000
ROA not before: Mon 01 Jan 2024 12:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216084
IP address blocks: 88.216.220.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 11:18:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4f:07:58:1e:58:c7:8b:07:2a:16:6f:17:bd:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98d4c508ec22e15d5d12371d86927381b022612f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1b:61:33:64:74:57:49:65:a4:ca:d7:04:60:
3b:cf:0b:38:48:5a:a3:77:5f:88:71:13:a5:08:c3:
15:8c:73:59:f5:d2:05:cb:ac:45:d6:19:8f:9a:2e:
ff:43:8c:44:b1:fd:5e:81:07:00:97:e5:7b:db:25:
e6:7f:d6:f8:0a:f4:f5:41:00:36:8f:0e:5d:9c:78:
29:3c:6f:87:34:c0:09:04:4b:2d:47:3e:46:21:2a:
bf:cc:c4:20:9d:c7:3b:2b:84:09:91:dd:09:3e:77:
43:3b:42:7a:5a:49:6a:dc:17:0c:c9:59:94:83:c5:
59:0e:25:57:fe:74:44:07:b4:cf:59:0a:98:8e:8a:
8d:b9:56:50:f0:8a:e6:fc:20:2b:f6:81:f7:bf:66:
c8:be:80:3e:96:d6:cd:0b:71:58:ee:95:6f:9d:79:
8f:ad:fc:70:92:72:60:b3:78:42:1b:8a:cc:1d:12:
01:70:4b:ac:f9:63:2b:ba:0f:1a:d0:8d:51:39:9e:
58:42:87:a6:e6:8d:87:4a:c0:e8:32:fd:d6:19:e4:
aa:30:0a:03:d0:08:91:ad:65:df:af:49:ab:e9:ab:
1d:42:15:bf:26:c9:e5:2f:f6:cc:ca:82:25:99:53:
5b:f4:b2:b2:47:33:90:74:c6:9d:76:89:7e:6d:cb:
a0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D4:C5:08:EC:22:E1:5D:5D:12:37:1D:86:92:73:81:B0:22:61:2F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mNTFCOwi4V1dEjcdhpJzgbAiYS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.220.0/24
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
57:a3:c6:19:94:ae:15:e2:a9:7c:86:1d:66:46:0b:bb:bb:cf:
77:56:cf:87:2f:e5:99:5f:7c:71:38:92:86:e1:c6:68:32:9c:
c6:d3:5a:36:f7:ef:d5:39:90:ed:80:ff:2e:8a:35:bd:4f:ad:
a3:4c:e8:a1:01:5d:a8:ee:db:14:15:a3:a0:f4:53:a2:43:b7:
ab:87:f5:18:fd:68:14:97:a2:01:e9:66:d3:e6:d1:77:ed:02:
49:d5:1e:63:4d:72:b5:52:e6:f4:7c:91:52:91:98:0f:d0:ea:
13:2a:5f:5e:9d:62:63:8f:fc:74:7a:70:46:77:99:e3:59:80:
bb:5d:fb:f0:02:c1:c8:67:7e:54:d6:79:6a:a1:f3:fe:d8:43:
79:4c:c6:7b:fe:76:d7:cf:56:c2:cc:d5:88:84:ef:8f:b9:46:
af:f5:63:d8:d4:14:fc:b1:6f:d5:77:05:ad:1b:78:c3:ed:dd:
07:dd:8a:b4:1a:4e:1e:33:19:d4:c4:48:78:d4:9c:81:90:27:
d2:73:68:c9:02:fc:9d:76:56:39:d1:6f:cd:8c:78:2e:74:cb:
41:df:ec:54:63:5b:34:4e:65:c5:d1:ae:b5:ce:c0:ad:75:a0:
6f:9c:76:70:c3:f7:92:e2:eb:dd:b3:41:98:c7:b4:bd:82:a4:
fb:cd:a4:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAU8HWB5Yx4sHKhZvF70VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQ0YzUwOGVjMjJlMTVkNWQxMjM3MWQ4NjkyNzM4MWIwMjI2MTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRthM2R0V0llpMrXBGA7zws4SFqj
d1+IcROlCMMVjHNZ9dIFy6xF1hmPmi7/Q4xEsf1egQcAl+V72yXmf9b4CvT1QQA2
jw5dnHgpPG+HNMAJBEstRz5GISq/zMQgncc7K4QJkd0JPndDO0J6Wklq3BcMyVmU
g8VZDiVX/nREB7TPWQqYjoqNuVZQ8Irm/CAr9oH3v2bIvoA+ltbNC3FY7pVvnXmP
rfxwknJgs3hCG4rMHRIBcEus+WMrug8a0I1ROZ5YQoem5o2HSsDoMv3WGeSqMAoD
0AiRrWXfr0mr6asdQhW/JsnlL/bMyoIlmVNb9LKyRzOQdMaddol+bcugQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJjUxQjsIuFdXRI3HYaSc4GwImEvMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbU5URkNPd2k0VjFkRWpjZGhwSnpnYkFpWVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNjcAwQA
WNjfMA0GCSqGSIb3DQEBCwUAA4IBAQBXo8YZlK4V4ql8hh1mRgu7u893Vs+HL+WZ
X3xxOJKG4cZoMpzG01o29+/VOZDtgP8uijW9T62jTOihAV2o7tsUFaOg9FOiQ7er
h/UY/WgUl6IB6WbT5tF37QJJ1R5jTXK1Uub0fJFSkZgP0OoTKl9enWJjj/x0enBG
d5njWYC7XfvwAsHIZ35U1nlqofP+2EN5TMZ7/nbXz1bCzNWIhO+PuUav9WPY1BT8
sW/VdwWtG3jD7d0H3Yq0Gk4eMxnUxEh41JyBkCfSc2jJAvyddlY50W/NjHgudMtB
3+xUY1s0TmXF0a61zsCtdaBvnHZww/eS4uvds0GYx7S9gqT7zaTs
-----END CERTIFICATE-----
Generated at Wed Nov 6 14:01:45 2024 by rpki-client on console-ams.rpki-client.org