Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mfNzmi-1CAWJdVAo0zjIRThiK0Y.roa
File: mfNzmi-1CAWJdVAo0zjIRThiK0Y.roa (raw, json)
Hash identifier: Rvot1tBs3GNUWXbuyNYS95mu7hu0/igWG+hy63b2oKA=
Subject key identifier: 99:F3:73:9A:2F:B5:08:05:89:75:50:28:D3:38:C8:45:38:62:2B:46
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC5013A1C9AC7034C8682ABF17C07CE45
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mfNzmi-1CAWJdVAo0zjIRThiK0Y.roa
Signing time: Mon 01 Jan 2024 12:30:41 +0000
ROA not before: Mon 01 Jan 2024 12:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9087
IP address blocks: 88.216.182.0/23 maxlen: 23
84.32.208.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3a:1c:9a:c7:03:4c:86:82:ab:f1:7c:07:ce:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99f3739a2fb5080589755028d338c84538622b46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cb:a4:ab:08:e7:44:1b:a6:5d:16:10:58:ec:
6f:27:90:70:57:4b:ba:7c:4e:66:96:57:0f:d2:64:
64:74:03:a4:05:8e:39:3b:3f:ed:2b:bf:dd:35:83:
16:01:a3:3c:7e:52:04:31:7c:d7:b6:81:54:b5:b2:
5c:ba:bf:4b:91:94:d7:f9:39:f0:9d:d0:61:7a:13:
c0:87:0e:d0:4e:ea:20:8f:b9:78:26:17:cf:c0:82:
50:ad:36:6e:55:cf:23:83:3f:c8:81:26:c1:59:ea:
85:f1:61:5e:dc:37:c8:29:18:4b:fc:5b:8b:87:24:
11:75:a1:ee:39:4a:c7:f5:5f:6f:19:e0:1e:92:26:
8e:c9:89:d7:2e:38:97:eb:27:49:be:4f:e1:c5:04:
0e:b1:6b:75:79:da:66:59:db:c5:c5:83:1e:d7:05:
e5:b9:42:39:9a:5b:bc:10:cd:67:a7:dc:44:b1:62:
c5:54:c8:0c:f7:4c:74:3d:60:dd:7d:f2:83:9e:40:
67:3d:f9:7d:28:19:0c:db:12:8c:e4:f9:a4:6a:ea:
85:e2:7b:0e:a0:92:4f:a4:52:1b:91:23:52:ab:af:
5e:da:3f:d9:c3:d3:50:7d:4e:fe:47:bc:50:b3:fd:
ed:a3:8c:49:0d:5a:2f:8a:da:b5:b1:c5:34:e8:51:
31:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F3:73:9A:2F:B5:08:05:89:75:50:28:D3:38:C8:45:38:62:2B:46
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mfNzmi-1CAWJdVAo0zjIRThiK0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.208.0/23
88.216.182.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:3d:b0:df:03:db:b0:4b:ff:f6:83:33:0a:8f:7e:5b:a4:8e:
92:30:5c:e1:fe:72:2a:c8:5c:a4:29:80:02:cb:3f:4c:0e:51:
69:ab:ac:81:3c:68:d4:eb:f9:f9:f7:1b:3d:d6:0c:b0:11:2b:
c5:72:59:04:2b:d5:ed:41:24:02:4d:69:cb:b4:46:9e:42:da:
7a:d1:19:14:e2:3d:82:59:36:3e:24:22:a6:43:be:ab:12:94:
76:cb:81:86:55:f7:0f:13:ed:b7:0c:c7:46:41:e0:99:5f:f0:
5e:2d:d3:84:3c:78:c6:4b:fc:9d:65:3c:ca:4f:7e:85:f1:48:
2f:c3:f0:c1:7a:f4:ea:f9:f4:f5:ec:b6:29:1f:ab:62:47:8f:
e1:a7:f8:49:d6:66:f2:14:19:fa:9e:45:af:34:39:2b:4d:8e:
67:41:e4:20:13:57:d4:69:fc:74:a7:ed:a8:0c:af:30:28:be:
a7:21:19:b1:df:e2:90:44:a8:af:c3:91:05:6a:5c:b8:73:9f:
cb:ab:16:a8:db:47:72:d8:37:33:bb:c1:60:07:2d:dd:17:24:
0c:4b:74:f7:f6:b3:f6:59:58:88:6a:ad:5f:fc:81:d4:38:bd:
77:5e:fa:af:e8:82:be:40:b4:ff:ef:45:02:b9:a3:13:5a:d6:
7e:a5:22:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFATocmscDTIaCq/F8B85FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWYzNzM5YTJmYjUwODA1ODk3NTUwMjhkMzM4Yzg0NTM4NjIyYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcukqwjnRBumXRYQWOxvJ5BwV0u6
fE5mllcP0mRkdAOkBY45Oz/tK7/dNYMWAaM8flIEMXzXtoFUtbJcur9LkZTX+Tnw
ndBhehPAhw7QTuogj7l4JhfPwIJQrTZuVc8jgz/IgSbBWeqF8WFe3DfIKRhL/FuL
hyQRdaHuOUrH9V9vGeAekiaOyYnXLjiX6ydJvk/hxQQOsWt1edpmWdvFxYMe1wXl
uUI5mlu8EM1np9xEsWLFVMgM90x0PWDdffKDnkBnPfl9KBkM2xKM5PmkauqF4nsO
oJJPpFIbkSNSq69e2j/Zw9NQfU7+R7xQs/3to4xJDVovitq1scU06FExSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJnzc5ovtQgFiXVQKNM4yEU4YitGMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbWZOem1pLTFDQVdKZFZBbzB6aklSVGhpSzBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVCDQAwQB
WNi2MA0GCSqGSIb3DQEBCwUAA4IBAQCePbDfA9uwS//2gzMKj35bpI6SMFzh/nIq
yFykKYACyz9MDlFpq6yBPGjU6/n59xs91gywESvFclkEK9XtQSQCTWnLtEaeQtp6
0RkU4j2CWTY+JCKmQ76rEpR2y4GGVfcPE+23DMdGQeCZX/BeLdOEPHjGS/ydZTzK
T36F8Ugvw/DBevTq+fT17LYpH6tiR4/hp/hJ1mbyFBn6nkWvNDkrTY5nQeQgE1fU
afx0p+2oDK8wKL6nIRmx3+KQRKivw5EFaly4c5/Lqxao20dy2Dczu8FgBy3dFyQM
S3T39rP2WViIaq1f/IHUOL13Xvqv6IK+QLT/70UCuaMTWtZ+pSKC
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:05 2025 by rpki-client