Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/p0ppnyESQu9dQrn8JPlY8ydvxlU.roa
File: p0ppnyESQu9dQrn8JPlY8ydvxlU.roa (raw, json)
Hash identifier: PQiOAP8TV0g4NPcon4Nq6NHejM/DzFOinEqG76hyRqw=
Subject key identifier: A7:4A:69:9F:21:12:42:EF:5D:42:B9:FC:24:F9:58:F3:27:6F:C6:55
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826C1FE1A62F4A857B1858EEC3CA7FC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/p0ppnyESQu9dQrn8JPlY8ydvxlU.roa
Signing time: Thu 02 Jan 2025 17:53:36 +0000
ROA not before: Thu 02 Jan 2025 17:53:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 88.216.66.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 13:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:c1:fe:1a:62:f4:a8:57:b1:85:8e:ec:3c:a7:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a74a699f211242ef5d42b9fc24f958f3276fc655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e5:60:54:27:e5:38:cd:eb:37:11:ce:61:63:
90:a0:34:08:66:f7:97:23:36:92:a3:eb:c0:05:29:
c5:19:5b:94:74:71:b3:31:26:15:60:9d:b4:c8:4a:
7a:ca:f6:64:af:e7:30:25:35:b3:b5:e5:1f:04:83:
dc:e2:9f:ec:14:9d:64:ae:29:03:47:25:2d:1f:fe:
d8:fd:96:42:40:8f:a6:15:94:85:a5:6f:47:2d:c1:
66:92:f6:ff:a4:a3:57:3d:d2:5c:40:56:1d:b6:dc:
1a:e8:ba:e4:1c:fb:16:9d:29:e3:4d:fc:70:43:1f:
dc:d0:0c:06:d6:f6:d1:05:df:8c:96:49:c3:33:6e:
fe:bc:b1:8d:59:2e:fe:83:cd:f8:f0:46:ec:2b:84:
1d:c2:d4:5a:49:58:8a:9f:86:d1:d9:67:f6:ad:a8:
66:d8:23:01:ee:6d:34:4b:2d:8c:27:bf:75:c2:f6:
20:37:6e:27:ae:61:8a:b3:71:45:0d:a9:72:8a:bb:
8c:21:49:b4:43:62:fa:d8:f2:33:98:51:e2:91:6c:
22:cf:5c:4c:59:77:9f:44:07:1a:12:d2:62:99:ef:
6c:e6:6d:3c:f7:bb:55:5d:e6:a6:50:60:32:a2:bf:
af:44:f0:f3:f2:51:3a:d9:71:4c:15:4d:bd:a2:2b:
cd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:4A:69:9F:21:12:42:EF:5D:42:B9:FC:24:F9:58:F3:27:6F:C6:55
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/p0ppnyESQu9dQrn8JPlY8ydvxlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.66.0/23
Signature Algorithm: sha256WithRSAEncryption
03:ac:44:52:db:49:66:21:74:70:29:1d:d3:41:45:8f:e0:f5:
d9:24:bf:b1:8d:98:db:dc:c1:c7:ce:4e:15:c1:f5:c0:51:7e:
8a:51:7f:d2:cd:03:29:83:b1:a3:b9:0e:c0:00:a4:e9:09:91:
85:a3:83:20:6a:95:97:16:f4:13:19:fb:db:64:02:2f:f0:ad:
5d:b3:59:b7:19:a9:47:a5:09:ac:51:44:48:0c:4f:b8:a4:28:
ed:60:cf:eb:ff:45:de:ea:67:b4:52:54:1d:23:c3:bd:b9:f1:
6c:d7:b9:a0:b7:50:d6:a9:5c:23:65:5a:1e:66:c9:7a:02:3d:
8c:da:33:1d:6c:17:e2:9c:93:ca:bb:67:4e:e6:06:a4:d6:76:
bb:6b:3e:d8:48:9d:8d:94:82:fe:f6:60:5f:20:b7:3e:2f:fb:
17:46:0d:96:36:b6:8c:02:3d:6e:35:58:89:ca:37:9b:20:1d:
ef:0e:64:99:ad:ed:a6:10:1b:3f:36:29:0d:74:a2:1e:b7:78:
f9:3c:15:ac:ae:f2:51:83:a0:92:c7:8a:ed:8e:c2:fc:3f:4b:
8c:09:f1:ce:81:f1:99:67:ee:86:be:47:48:4a:b6:7e:16:2e:
60:a4:23:21:39:7c:64:80:78:b8:c1:fe:33:c3:b8:13:fb:6e:
f1:97:a5:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJsH+GmL0qFexhY7sPKf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzRhNjk5ZjIxMTI0MmVmNWQ0MmI5ZmMyNGY5NThmMzI3NmZjNjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+VgVCflOM3rNxHOYWOQoDQIZveX
IzaSo+vABSnFGVuUdHGzMSYVYJ20yEp6yvZkr+cwJTWzteUfBIPc4p/sFJ1krikD
RyUtH/7Y/ZZCQI+mFZSFpW9HLcFmkvb/pKNXPdJcQFYdttwa6LrkHPsWnSnjTfxw
Qx/c0AwG1vbRBd+MlknDM27+vLGNWS7+g8348EbsK4QdwtRaSViKn4bR2Wf2rahm
2CMB7m00Sy2MJ791wvYgN24nrmGKs3FFDalyiruMIUm0Q2L62PIzmFHikWwiz1xM
WXefRAcaEtJime9s5m0897tVXeamUGAyor+vRPDz8lE62XFMFU29oivNMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKdKaZ8hEkLvXUK5/CT5WPMnb8ZVMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcDBwcG55RVNRdTlkUXJuOEpQbFk4eWR2eGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNhCMA0G
CSqGSIb3DQEBCwUAA4IBAQADrERS20lmIXRwKR3TQUWP4PXZJL+xjZjb3MHHzk4V
wfXAUX6KUX/SzQMpg7GjuQ7AAKTpCZGFo4MgapWXFvQTGfvbZAIv8K1ds1m3GalH
pQmsUURIDE+4pCjtYM/r/0Xe6me0UlQdI8O9ufFs17mgt1DWqVwjZVoeZsl6Aj2M
2jMdbBfinJPKu2dO5gak1na7az7YSJ2NlIL+9mBfILc+L/sXRg2WNraMAj1uNViJ
yjebIB3vDmSZre2mEBs/NikNdKIet3j5PBWsrvJRg6CSx4rtjsL8P0uMCfHOgfGZ
Z+6GvkdISrZ+Fi5gpCMhOXxkgHi4wf4zw7gT+27xl6Wb
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:57:16 2025 by rpki-client