Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/s32UAt4mt6x07ODb5q-_P5R99Bw.roa
File: s32UAt4mt6x07ODb5q-_P5R99Bw.roa (raw, json)
Hash identifier: NXK3v60v3HcpGWRC3SaCOa2u50BxowPcujWLaardqoE=
Subject key identifier: B3:7D:94:02:DE:26:B7:AC:74:EC:E0:DB:E6:AF:BF:3F:94:7D:F4:1C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188C302D9DF2F43E9A660D477680C0008AE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/s32UAt4mt6x07ODb5q-_P5R99Bw.roa
Signing time: Fri 16 Jun 2023 07:02:03 +0000
ROA not before: Fri 16 Jun 2023 07:02:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35409
IP address blocks: 88.216.93.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
84.32.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Jun 2023 14:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:02:d9:df:2f:43:e9:a6:60:d4:77:68:0c:00:08:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 16 07:02:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b37d9402de26b7ac74ece0dbe6afbf3f947df41c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9d:b3:30:29:47:0a:19:f2:a3:3a:30:6f:02:
23:6e:cb:50:ce:0a:0a:bd:bb:82:84:91:9c:e7:64:
25:4a:d4:7c:bf:83:ef:9c:61:5c:83:a2:77:99:d3:
97:93:51:4e:2c:9c:c5:29:3a:44:7a:80:19:7d:d3:
08:24:7f:dc:a0:cc:2d:5d:39:72:7d:2d:eb:06:0c:
0b:5a:cf:99:a0:bc:9e:7c:80:4e:44:ca:8d:75:02:
3a:fc:39:60:15:d2:be:af:6f:45:22:87:af:a4:59:
54:a2:fe:6c:0f:0e:17:2b:99:f1:0d:b0:a4:ec:ba:
70:24:1d:1c:bf:00:92:6e:df:52:59:71:47:fb:76:
f7:98:f8:50:49:7a:d4:ea:b4:96:f4:07:a6:19:d5:
26:44:9c:e2:5c:7f:8d:54:ed:96:9e:70:85:30:1f:
d1:3c:a2:fd:23:41:f9:3b:bc:9d:af:43:39:63:e7:
2a:af:94:17:98:fc:94:b7:67:a3:32:11:7e:ae:cd:
a4:f1:7b:0c:38:1a:35:e2:e1:89:75:42:3a:54:85:
88:b1:d3:48:16:c6:1f:16:35:a3:ad:5f:5a:70:e9:
49:56:90:56:8f:26:a1:46:de:d2:43:68:41:26:84:
42:e2:b1:0d:21:d3:17:43:21:51:75:a1:c9:ec:5d:
d1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:7D:94:02:DE:26:B7:AC:74:EC:E0:DB:E6:AF:BF:3F:94:7D:F4:1C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/s32UAt4mt6x07ODb5q-_P5R99Bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.246.0/24
88.216.2.0/24
88.216.93.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:a8:e6:a2:bb:9c:0c:c8:e9:93:d2:8a:7d:25:59:c1:aa:f6:
57:7e:58:a0:e8:39:8c:67:f3:9e:a7:57:86:53:0d:e6:b5:1c:
40:84:fa:d8:84:1d:96:4a:10:3d:13:4d:e5:b0:7e:db:a4:a9:
35:5c:9b:9b:99:8d:39:fd:bc:aa:51:1d:ed:25:5a:62:08:74:
90:14:1d:5d:2f:38:63:c0:48:6f:60:5a:39:28:90:fa:5b:80:
ab:61:d5:dc:07:c1:55:67:3b:08:57:0c:ac:35:4a:62:a9:68:
0f:fb:0a:e5:09:0b:bd:8e:12:30:52:86:5b:66:a5:96:34:87:
cd:0b:28:83:2d:0f:72:30:99:cb:8c:87:fc:c1:fa:4b:6e:c5:
c4:40:fa:76:55:82:24:c1:4b:77:b8:20:71:4e:9d:62:67:e7:
60:12:2f:40:f4:f3:1d:28:7d:9c:7a:b3:9a:ad:1d:08:88:1d:
89:00:ac:a7:6d:40:c7:18:d0:66:30:43:2f:25:d8:63:d7:b6:
3a:e2:9a:b6:cc:26:f8:da:a0:b3:dc:05:60:49:64:7a:26:a7:
42:87:8e:7c:ce:4a:2b:83:60:1f:d5:88:e2:f9:af:8f:03:f2:
7c:47:90:bf:80:6c:18:46:cc:6d:37:e3:a3:fd:1d:da:85:fa:
4d:85:8e:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjDAtnfL0PppmDUd2gMAAiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjE2MDcwMjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzdkOTQwMmRlMjZiN2FjNzRlY2UwZGJlNmFmYmYzZjk0N2RmNDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg52zMClHChnyozowbwIjbstQzgoK
vbuChJGc52QlStR8v4PvnGFcg6J3mdOXk1FOLJzFKTpEeoAZfdMIJH/coMwtXTly
fS3rBgwLWs+ZoLyefIBORMqNdQI6/DlgFdK+r29FIoevpFlUov5sDw4XK5nxDbCk
7LpwJB0cvwCSbt9SWXFH+3b3mPhQSXrU6rSW9AemGdUmRJziXH+NVO2WnnCFMB/R
PKL9I0H5O7ydr0M5Y+cqr5QXmPyUt2ejMhF+rs2k8XsMOBo14uGJdUI6VIWIsdNI
FsYfFjWjrV9acOlJVpBWjyahRt7SQ2hBJoRC4rENIdMXQyFRdaHJ7F3RpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLN9lALeJresdOzg2+avvz+UffQcMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvczMyVUF0NG10NngwN09EYjVxLV9QNVI5OUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCD2AwQA
WNgCAwQAWNhdMA0GCSqGSIb3DQEBCwUAA4IBAQBPqOaiu5wMyOmT0op9JVnBqvZX
flig6DmMZ/Oep1eGUw3mtRxAhPrYhB2WShA9E03lsH7bpKk1XJubmY05/byqUR3t
JVpiCHSQFB1dLzhjwEhvYFo5KJD6W4CrYdXcB8FVZzsIVwysNUpiqWgP+wrlCQu9
jhIwUoZbZqWWNIfNCyiDLQ9yMJnLjIf8wfpLbsXEQPp2VYIkwUt3uCBxTp1iZ+dg
Ei9A9PMdKH2cerOarR0IiB2JAKynbUDHGNBmMEMvJdhj17Y64pq2zCb42qCz3AVg
SWR6JqdCh458zkorg2Af1Yji+a+PA/J8R5C/gGwYRsxtN+Oj/R3ahfpNhY4x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:32 2024 by rpki-client on console-ams.rpki-client.org