Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/okEI6qceIHyu_yKS_-iqCaihJt0.roa
File: okEI6qceIHyu_yKS_-iqCaihJt0.roa (raw, json)
Hash identifier: rG8+6mqyQvgwAgxZYrfGTBOm4Dburl2UmFYu9/w5xio=
Subject key identifier: A2:41:08:EA:A7:1E:20:7C:AE:FF:22:92:FF:E8:AA:09:A8:A1:26:DD
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018580C8891E1BF95444EEC98E520D00E22E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/okEI6qceIHyu_yKS_-iqCaihJt0.roa
Signing time: Thu 05 Jan 2023 07:15:04 +0000
ROA not before: Thu 05 Jan 2023 07:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 88.216.199.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.226.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
84.32.58.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
84.32.50.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
84.32.108.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jan 2023 13:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:80:c8:89:1e:1b:f9:54:44:ee:c9:8e:52:0d:00:e2:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 5 07:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a24108eaa71e207caeff2292ffe8aa09a8a126dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6a:42:7e:1b:bf:71:55:ae:ed:d5:b3:5d:3d:
fa:6b:b5:bf:7a:40:84:29:67:a0:13:67:b5:dd:85:
15:4c:72:52:02:e0:da:82:7e:8d:be:f5:eb:a3:62:
de:81:1b:f9:e1:ed:ee:fb:e3:87:a5:57:86:e3:7d:
09:7c:66:7d:14:eb:49:d7:24:10:1f:32:90:85:c7:
7c:27:b7:30:36:f0:de:c9:39:2c:92:3f:35:c2:8c:
49:3d:c9:4c:42:64:68:5e:39:21:2c:a1:b4:9a:1a:
b3:87:38:8d:fc:da:91:32:53:71:ac:18:7b:bc:9f:
cb:0c:61:d9:10:39:48:4b:f8:09:72:f9:bd:51:bf:
b0:1c:46:24:ea:1c:37:95:00:45:76:c4:13:0f:ec:
96:f6:7f:74:a8:2a:00:96:8e:7d:68:1e:3e:55:be:
76:15:f6:a0:47:8f:98:a3:76:96:aa:df:65:bc:c2:
be:d3:0d:43:79:84:b6:0f:e8:f9:a0:3f:13:28:5a:
63:37:c6:6f:54:cf:a5:32:df:8a:45:1a:1e:a8:e1:
e7:51:b8:0a:59:81:55:24:74:c6:4a:bf:41:a2:ef:
1e:7a:f8:ff:92:c4:d5:80:b5:f7:f3:de:a8:5c:53:
8e:0c:70:6d:9d:66:f2:f1:9a:69:7f:bd:a1:ab:fe:
4a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:41:08:EA:A7:1E:20:7C:AE:FF:22:92:FF:E8:AA:09:A8:A1:26:DD
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/okEI6qceIHyu_yKS_-iqCaihJt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.48.0/24
84.32.50.0/24
84.32.58.0/24
84.32.71.0/24
84.32.88.0/24
84.32.93.0/24
84.32.108.0/24
84.32.150.0/23
84.32.177.0/24
84.32.218.0/24
84.32.226.0/24
84.32.239.0/24
84.32.245.0/24
88.216.3.0/24
88.216.21.0-88.216.22.255
88.216.32.0/24
88.216.46.0/24
88.216.92.0/24
88.216.134.0/24
88.216.199.0/24
88.216.210.0/23
Signature Algorithm: sha256WithRSAEncryption
78:42:d3:5e:33:6a:c0:2f:2f:bf:04:7f:aa:90:95:33:49:99:
58:f7:81:af:ef:60:41:8a:be:f4:e0:d3:b3:de:3e:eb:63:fe:
d4:99:24:53:09:6b:67:ce:d6:12:ae:c5:57:7e:4e:fd:1a:58:
c8:a7:98:91:8b:76:47:09:85:43:ed:cd:81:09:68:75:d0:80:
04:bd:be:7e:cf:c3:7e:c5:29:77:7b:97:8f:f0:68:63:3d:f2:
5c:12:ea:48:c9:f9:7f:d7:70:0d:68:3c:9e:73:4f:e3:da:eb:
08:a4:ba:58:db:a8:19:6b:9d:aa:13:c4:25:f4:6b:f6:3a:7e:
2c:9f:1f:4f:c4:a7:10:50:34:03:7c:0e:84:a6:38:1b:7c:6b:
7a:b9:e6:4b:cb:f8:60:39:0e:91:09:b1:7a:b9:de:2c:9e:c0:
25:5d:d4:d9:93:7c:a4:e8:e9:d2:fe:6a:fb:04:54:d3:a1:c0:
32:af:3f:5e:57:c9:8e:f5:31:47:c6:44:cf:ed:d3:c3:9e:ff:
92:01:27:0b:c5:00:b8:3a:3d:dd:40:f5:e1:2f:b9:66:0f:b1:
1f:c6:a3:97:19:23:6a:8f:b9:14:57:c8:10:88:de:cb:37:5c:
45:f8:27:d1:4d:89:b5:bd:f2:d1:71:c2:4a:5d:39:f6:41:31:
8f:f6:63:c2
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYWAyIkeG/lURO7JjlINAOIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTA1MDcxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQxMDhlYWE3MWUyMDdjYWVmZjIyOTJmZmU4YWEwOWE4YTEyNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmpCfhu/cVWu7dWzXT36a7W/ekCE
KWegE2e13YUVTHJSAuDagn6NvvXro2LegRv54e3u++OHpVeG430JfGZ9FOtJ1yQQ
HzKQhcd8J7cwNvDeyTkskj81woxJPclMQmRoXjkhLKG0mhqzhziN/NqRMlNxrBh7
vJ/LDGHZEDlIS/gJcvm9Ub+wHEYk6hw3lQBFdsQTD+yW9n90qCoAlo59aB4+Vb52
FfagR4+Yo3aWqt9lvMK+0w1DeYS2D+j5oD8TKFpjN8ZvVM+lMt+KRRoeqOHnUbgK
WYFVJHTGSr9Bou8eevj/ksTVgLX3896oXFOODHBtnWby8Zppf72hq/5K4QIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFKJBCOqnHiB8rv8ikv/oqgmooSbdMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvb2tFSTZxY2VJSHl1X3lLU18taXFDYWloSnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBABU
IAgDBABUIAoDBABUIDADBABUIDIDBABUIDoDBABUIEcDBABUIFgDBABUIF0DBABU
IGwDBAFUIJYDBABUILEDBABUINoDBABUIOIDBABUIO8DBABUIPUDBABY2AMwDAME
AFjYFQMEAFjYFgMEAFjYIAMEAFjYLgMEAFjYXAMEAFjYhgMEAFjYxwMEAVjY0jAN
BgkqhkiG9w0BAQsFAAOCAQEAeELTXjNqwC8vvwR/qpCVM0mZWPeBr+9gQYq+9ODT
s94+62P+1JkkUwlrZ87WEq7FV35O/RpYyKeYkYt2RwmFQ+3NgQloddCABL2+fs/D
fsUpd3uXj/BoYz3yXBLqSMn5f9dwDWg8nnNP49rrCKS6WNuoGWudqhPEJfRr9jp+
LJ8fT8SnEFA0A3wOhKY4G3xrernmS8v4YDkOkQmxerneLJ7AJV3U2ZN8pOjp0v5q
+wRU06HAMq8/XlfJjvUxR8ZEz+3Tw57/kgEnC8UAuDo93UD14S+5Zg+xH8ajlxkj
ao+5FFfIEIjeyzdcRfgn0U2Jtb3y0XHCSl059kExj/Zjwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org