Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/szRMGYNU_NIjuvvOZtkNfdbEOSk.roa
File: szRMGYNU_NIjuvvOZtkNfdbEOSk.roa (raw, json)
Hash identifier: BdHWe9A15+GZiq8TBVOWzBA8bq86jHyPrDyLXqshn2c=
Subject key identifier: B3:34:4C:19:83:54:FC:D2:23:BA:FB:CE:66:D9:0D:7D:D6:C4:39:29
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018649701979110BF48DA5C8B095E73C5E8F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/szRMGYNU_NIjuvvOZtkNfdbEOSk.roa
Signing time: Mon 13 Feb 2023 06:22:08 +0000
ROA not before: Mon 13 Feb 2023 06:22:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 88.216.104.0/24 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.111.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Feb 2023 09:07:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:70:19:79:11:0b:f4:8d:a5:c8:b0:95:e7:3c:5e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 13 06:22:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3344c198354fcd223bafbce66d90d7dd6c43929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6c:de:64:33:04:1a:d1:d7:6d:64:a6:4d:d9:
02:3f:95:67:fd:3b:db:72:f4:46:3b:a9:9c:e1:fb:
6a:fb:1f:a9:8b:80:4c:9f:5e:5f:c7:ee:78:76:93:
dc:4e:8b:d0:16:7a:2a:34:4c:59:6f:1a:01:58:26:
7e:ec:1e:c8:b3:5d:80:d2:c6:cd:90:86:87:f0:19:
f8:82:7c:3d:95:49:ab:32:47:48:8b:3f:ac:27:f6:
73:9a:a2:64:5e:5a:eb:f3:fc:68:3e:28:77:10:61:
7c:85:90:3b:6e:f6:f2:fe:37:58:9b:59:34:a5:19:
50:0c:2c:10:ff:b0:3e:e3:9f:1c:6c:24:d2:9d:fa:
d5:ce:68:7a:50:25:5d:7c:cd:1b:56:cd:96:94:4c:
ea:78:63:a1:5b:63:91:4e:0f:e1:7e:9a:09:ce:98:
85:85:8c:60:18:a3:e6:ab:85:e1:e9:6e:2d:0e:17:
1b:df:6a:77:98:53:ff:e5:e3:a2:ca:4b:f8:ff:f7:
1d:62:d0:b2:6a:f2:a0:2d:67:75:51:4d:63:8b:d9:
78:79:fc:eb:d3:a5:72:62:6a:4e:80:09:45:f9:78:
f8:b6:7d:8c:ca:b0:74:4b:49:aa:1f:d2:1b:44:96:
c8:2c:fd:99:4a:ea:12:8a:18:6d:e5:ac:49:74:86:
2c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:34:4C:19:83:54:FC:D2:23:BA:FB:CE:66:D9:0D:7D:D6:C4:39:29
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/szRMGYNU_NIjuvvOZtkNfdbEOSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.110.0/23
88.216.104.0/24
88.216.130.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:9a:6d:5f:46:bc:24:c7:cf:d0:bf:28:30:ff:62:48:45:2a:
a6:7e:ac:e8:bf:27:63:03:fb:0f:04:b9:d2:80:35:5b:b9:c3:
b7:ff:87:b8:97:6e:29:0b:23:f4:de:fe:0e:84:95:ab:7d:10:
dd:07:43:d3:dc:a3:0d:85:d5:7d:7a:7b:2e:e9:d9:e8:47:bc:
91:44:72:a9:15:bb:02:6e:08:0b:99:32:3d:be:c7:97:b3:67:
a1:8e:ff:bc:a6:77:a9:09:af:89:82:00:ea:74:30:c1:0a:a4:
70:ab:83:3f:fd:f3:b3:8f:c3:28:44:c6:72:f6:57:77:42:55:
a9:f6:36:90:b5:5a:c7:0f:01:fe:d1:e6:07:3a:66:69:00:cc:
7b:f6:cf:e2:f1:d5:19:e8:c5:bc:dc:45:b3:b5:3a:e1:34:f2:
74:9d:66:c6:11:e0:6c:bd:35:23:c1:81:00:3c:e5:2e:ea:8b:
86:ff:54:15:a5:d1:51:be:db:ba:9f:2d:a2:7d:eb:36:9f:30:
84:c4:93:65:07:8f:5a:62:4c:37:2e:7c:e3:33:f5:db:c0:1e:
ee:af:fb:52:27:ab:2f:51:29:08:68:7f:bd:26:8c:8d:6a:e6:
32:aa:39:07:68:e6:3f:e3:7e:5e:2b:88:74:7b:74:7a:af:a2:
43:cf:98:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZJcBl5EQv0jaXIsJXnPF6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjEzMDYyMjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzM0NGMxOTgzNTRmY2QyMjNiYWZiY2U2NmQ5MGQ3ZGQ2YzQzOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWzeZDMEGtHXbWSmTdkCP5Vn/Tvb
cvRGO6mc4ftq+x+pi4BMn15fx+54dpPcTovQFnoqNExZbxoBWCZ+7B7Is12A0sbN
kIaH8Bn4gnw9lUmrMkdIiz+sJ/ZzmqJkXlrr8/xoPih3EGF8hZA7bvby/jdYm1k0
pRlQDCwQ/7A+458cbCTSnfrVzmh6UCVdfM0bVs2WlEzqeGOhW2ORTg/hfpoJzpiF
hYxgGKPmq4Xh6W4tDhcb32p3mFP/5eOiykv4//cdYtCyavKgLWd1UU1ji9l4efzr
06VyYmpOgAlF+Xj4tn2MyrB0S0mqH9IbRJbILP2ZSuoSihht5axJdIYs8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLM0TBmDVPzSI7r7zmbZDX3WxDkpMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvc3pSTUdZTlVfTklqdXZ2T1p0a05mZGJFT1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVCBuAwQA
WNhoAwQAWNiCMA0GCSqGSIb3DQEBCwUAA4IBAQChmm1fRrwkx8/Qvygw/2JIRSqm
fqzovydjA/sPBLnSgDVbucO3/4e4l24pCyP03v4OhJWrfRDdB0PT3KMNhdV9ensu
6dnoR7yRRHKpFbsCbggLmTI9vseXs2ehjv+8pnepCa+JggDqdDDBCqRwq4M//fOz
j8MoRMZy9ld3QlWp9jaQtVrHDwH+0eYHOmZpAMx79s/i8dUZ6MW83EWztTrhNPJ0
nWbGEeBsvTUjwYEAPOUu6ouG/1QVpdFRvtu6ny2ifes2nzCExJNlB49aYkw3Lnzj
M/XbwB7ur/tSJ6svUSkIaH+9JoyNauYyqjkHaOY/435eK4h0e3R6r6JDz5hr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org