Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sXJ2tQGl66ZOIYys9DRN_9gI38w.roa
File: sXJ2tQGl66ZOIYys9DRN_9gI38w.roa (raw, json)
Hash identifier: AfEy2mKtjY0uEDsVzpUd1Q+fV9PG4SB/HAKDO7/deMM=
Subject key identifier: B1:72:76:B5:01:A5:EB:A6:4E:21:8C:AC:F4:34:4D:FF:D8:08:DF:CC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018C449FC3232ABDB0AA342C98F715978980
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sXJ2tQGl66ZOIYys9DRN_9gI38w.roa
Signing time: Thu 07 Dec 2023 14:12:50 +0000
ROA not before: Thu 07 Dec 2023 14:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 88.216.57.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:9f:c3:23:2a:bd:b0:aa:34:2c:98:f7:15:97:89:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 7 14:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b17276b501a5eba64e218cacf4344dffd808dfcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0a:a7:38:4c:0f:90:18:27:a7:ef:47:55:1b:
31:a2:bf:a7:99:32:9b:6e:2d:a2:04:15:43:20:5e:
cc:3f:e8:73:a8:da:3c:0d:76:41:fd:10:f1:94:d5:
e4:24:29:20:89:13:61:22:7d:00:38:1a:b7:70:b7:
7c:55:27:aa:ec:66:96:cf:f4:5e:63:b7:74:59:9b:
45:fc:37:a7:bc:f7:45:b9:5f:d5:4b:63:8e:17:5a:
6a:f5:e5:41:3f:08:2d:40:c9:81:7c:54:62:cf:c9:
89:bd:8c:12:57:76:42:ea:df:a5:3e:af:36:c1:2b:
46:2e:90:59:a6:55:fc:a1:9d:89:6d:7e:6d:b4:c0:
8d:34:6a:16:8d:d6:f7:ca:61:27:76:a2:f8:1e:65:
3d:4e:45:f2:a6:fb:ef:38:00:f2:52:bd:59:86:2a:
8c:a1:59:9e:0b:a5:7c:5c:bb:a5:29:49:35:15:a0:
d8:55:46:1e:dd:f5:79:fe:0e:e9:6c:d4:f4:32:7d:
2b:10:88:55:07:9a:96:27:be:a8:e7:9c:98:eb:87:
b2:83:1b:62:e6:40:fe:2a:a9:16:8c:03:b8:95:4f:
79:17:bb:8d:37:f6:8d:64:b1:d9:ce:c4:d9:b0:a0:
28:8b:82:08:db:c1:d0:d4:86:93:15:60:be:cf:f9:
97:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:72:76:B5:01:A5:EB:A6:4E:21:8C:AC:F4:34:4D:FF:D8:08:DF:CC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sXJ2tQGl66ZOIYys9DRN_9gI38w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.57.0/24
88.216.228.0/22
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:20:67:c5:c2:e7:5f:fa:be:c7:c2:71:5a:58:9d:09:9f:40:
c4:dd:eb:09:61:fc:62:2d:ed:f2:3d:72:55:be:d2:7e:7d:b3:
c2:67:5e:44:df:1d:34:ab:e3:a3:f7:ed:7d:f5:36:fd:a1:31:
91:ed:2f:1d:23:b8:15:61:33:1f:b8:b8:cf:46:de:1c:84:97:
86:ac:5d:fa:82:45:f9:57:2f:63:f7:43:76:bb:f1:d7:d7:68:
17:de:70:5c:50:91:f7:a8:8a:4e:f2:d6:a9:72:96:7b:fd:f5:
26:a5:1a:12:25:fa:b4:2e:6b:ed:82:88:9e:33:b8:05:01:3d:
05:c9:65:d5:c0:30:e8:41:b8:63:dd:67:23:5b:0f:a6:d4:0e:
82:73:3b:24:fb:5c:a5:96:a2:af:f0:02:70:df:86:05:37:cf:
9f:97:f1:bd:fe:63:d2:42:7e:2c:95:6f:02:3d:69:12:28:97:
81:f4:3c:bb:d1:bc:38:f9:ed:51:52:b2:2d:18:35:e8:a5:69:
f6:62:0f:df:0c:57:5e:d6:bc:5e:53:35:56:23:a9:16:48:19:
80:f5:1f:7b:1a:61:bb:f0:95:ca:8d:47:bc:2d:83:1a:35:1e:
a5:6e:e1:8c:03:8c:88:e0:b1:25:bb:13:82:4a:65:6c:6a:1f:
3b:34:bb:a9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxEn8MjKr2wqjQsmPcVl4mAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMjA3MTQxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTcyNzZiNTAxYTVlYmE2NGUyMThjYWNmNDM0NGRmZmQ4MDhkZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwqnOEwPkBgnp+9HVRsxor+nmTKb
bi2iBBVDIF7MP+hzqNo8DXZB/RDxlNXkJCkgiRNhIn0AOBq3cLd8VSeq7GaWz/Re
Y7d0WZtF/DenvPdFuV/VS2OOF1pq9eVBPwgtQMmBfFRiz8mJvYwSV3ZC6t+lPq82
wStGLpBZplX8oZ2JbX5ttMCNNGoWjdb3ymEndqL4HmU9TkXypvvvOADyUr1ZhiqM
oVmeC6V8XLulKUk1FaDYVUYe3fV5/g7pbNT0Mn0rEIhVB5qWJ76o55yY64eygxti
5kD+KqkWjAO4lU95F7uNN/aNZLHZzsTZsKAoi4II28HQ1IaTFWC+z/mX0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLFydrUBpeumTiGMrPQ0Tf/YCN/MMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvc1hKMnRRR2w2NlpPSVl5czlEUk5fOWdJMzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNg5AwQC
WNjkAwQCWNjsMA0GCSqGSIb3DQEBCwUAA4IBAQBLIGfFwudf+r7HwnFaWJ0Jn0DE
3esJYfxiLe3yPXJVvtJ+fbPCZ15E3x00q+Oj9+199Tb9oTGR7S8dI7gVYTMfuLjP
Rt4chJeGrF36gkX5Vy9j90N2u/HX12gX3nBcUJH3qIpO8tapcpZ7/fUmpRoSJfq0
LmvtgoieM7gFAT0FyWXVwDDoQbhj3WcjWw+m1A6Cczsk+1yllqKv8AJw34YFN8+f
l/G9/mPSQn4slW8CPWkSKJeB9Dy70bw4+e1RUrItGDXopWn2Yg/fDFde1rxeUzVW
I6kWSBmA9R97GmG78JXKjUe8LYMaNR6lbuGMA4yI4LEluxOCSmVsah87NLup
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org