Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tEpCjJSdW71_m6JOhamc3lGC1xo.roa
File: tEpCjJSdW71_m6JOhamc3lGC1xo.roa (raw, json)
Hash identifier: ygZaPmVAUkLWWoH3at4ZsGLXlWnDcTMDLu4mEu+zKyE=
Subject key identifier: B4:4A:42:8C:94:9D:5B:BD:7F:9B:A2:4E:85:A9:9C:DE:51:82:D7:1A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018BB7DCBA57AFFDE956BCCE5BDC10D93D8F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tEpCjJSdW71_m6JOhamc3lGC1xo.roa
Signing time: Fri 10 Nov 2023 06:12:57 +0000
ROA not before: Fri 10 Nov 2023 06:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19437
IP address blocks: 88.216.133.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b7:dc:ba:57:af:fd:e9:56:bc:ce:5b:dc:10:d9:3d:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 10 06:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b44a428c949d5bbd7f9ba24e85a99cde5182d71a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5a:7f:50:be:f5:3f:a3:c6:30:98:8d:46:5f:
18:30:9f:b3:c6:13:5a:e2:46:df:3d:71:c5:36:88:
76:09:db:86:72:70:97:22:9d:e2:7d:9c:88:ec:39:
9b:ad:d1:7f:32:c8:26:98:ed:85:d9:9f:75:c7:2d:
fd:c4:39:6a:14:58:d2:4e:a0:67:db:9e:03:26:e8:
e3:43:a5:03:d7:1a:d9:1e:3e:be:3f:ea:46:84:f5:
2f:ba:a2:ee:ba:2b:d6:a6:cd:99:c4:63:14:dd:09:
2a:be:43:96:d0:7c:e6:fc:84:fb:23:0f:67:39:89:
ab:b7:66:e8:fc:fb:22:42:6c:fe:7f:37:58:56:55:
29:ec:21:44:cf:d9:6e:23:c6:45:32:e7:15:47:f6:
d7:94:02:95:c3:30:2d:df:a4:cc:39:b4:08:b3:ab:
f0:21:56:1b:81:7d:85:1f:59:d5:98:e7:36:ed:ff:
7a:05:15:7e:2c:e2:b8:cc:43:34:71:a3:65:07:83:
bd:80:16:c9:22:c2:e2:25:d1:b7:e6:0b:7d:3f:32:
7e:fd:c3:67:f4:30:62:3e:2c:fb:91:23:18:e6:36:
26:8f:91:66:a8:ad:e1:9d:2c:c9:4b:be:00:10:be:
9d:0b:25:7a:70:d5:84:88:e9:0a:0b:fc:ef:c1:fc:
61:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:4A:42:8C:94:9D:5B:BD:7F:9B:A2:4E:85:A9:9C:DE:51:82:D7:1A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tEpCjJSdW71_m6JOhamc3lGC1xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.40.0/24
88.216.133.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:64:05:43:1d:40:e7:fd:6e:e0:77:20:2a:48:4d:3f:58:4f:
35:59:9c:db:e6:31:1e:36:e7:fe:78:1f:ca:8c:ac:7d:e6:60:
3f:ea:7f:7c:d8:78:34:8a:97:f4:53:ac:d0:0e:18:6b:8e:0c:
b3:c5:08:bd:8a:66:4a:b9:47:bf:8b:0c:e1:34:33:e9:5f:e2:
63:6a:e8:af:ba:5c:dd:b0:f5:33:b9:e1:27:93:79:bc:80:0a:
97:54:0c:2a:85:45:4d:1e:f0:96:7a:4d:9e:cf:a4:be:49:cd:
ff:b6:b8:9a:97:ce:6e:7b:92:2f:ef:a2:9c:e1:b8:17:cd:68:
af:e2:47:0c:07:54:a4:56:74:94:ac:d1:52:d4:f2:42:8c:06:
17:34:cd:09:c6:7f:52:60:f0:df:64:ff:2c:ae:a1:6d:44:e9:
e1:76:d9:ee:97:cf:d5:72:c0:89:0e:1d:4f:14:1d:02:be:1f:
01:48:61:b2:72:ae:96:ac:5d:9b:7c:06:7a:29:6c:41:2b:f8:
ba:2c:af:9f:b2:86:4a:a4:cb:b6:d4:19:e5:de:fd:da:6e:3d:
f1:cd:94:5e:3f:63:c6:05:50:b5:65:da:f3:00:70:21:95:2a:
51:99:3a:d6:82:59:da:ff:22:4d:cc:ee:19:9e:4d:af:97:83:
6e:ea:6b:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYu33LpXr/3pVrzOW9wQ2T2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMTEwMDYxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDRhNDI4Yzk0OWQ1YmJkN2Y5YmEyNGU4NWE5OWNkZTUxODJkNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplp/UL71P6PGMJiNRl8YMJ+zxhNa
4kbfPXHFNoh2CduGcnCXIp3ifZyI7DmbrdF/MsgmmO2F2Z91xy39xDlqFFjSTqBn
254DJujjQ6UD1xrZHj6+P+pGhPUvuqLuuivWps2ZxGMU3QkqvkOW0Hzm/IT7Iw9n
OYmrt2bo/PsiQmz+fzdYVlUp7CFEz9luI8ZFMucVR/bXlAKVwzAt36TMObQIs6vw
IVYbgX2FH1nVmOc27f96BRV+LOK4zEM0caNlB4O9gBbJIsLiJdG35gt9PzJ+/cNn
9DBiPiz7kSMY5jYmj5FmqK3hnSzJS74AEL6dCyV6cNWEiOkKC/zvwfxhfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLRKQoyUnVu9f5uiToWpnN5RgtcaMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdEVwQ2pKU2RXNzFfbTZKT2hhbWMzbEdDMXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAoAwQA
WNiFMA0GCSqGSIb3DQEBCwUAA4IBAQB+ZAVDHUDn/W7gdyAqSE0/WE81WZzb5jEe
Nuf+eB/KjKx95mA/6n982Hg0ipf0U6zQDhhrjgyzxQi9imZKuUe/iwzhNDPpX+Jj
auivulzdsPUzueEnk3m8gAqXVAwqhUVNHvCWek2ez6S+Sc3/trial85ue5Iv76Kc
4bgXzWiv4kcMB1SkVnSUrNFS1PJCjAYXNM0Jxn9SYPDfZP8srqFtROnhdtnul8/V
csCJDh1PFB0Cvh8BSGGycq6WrF2bfAZ6KWxBK/i6LK+fsoZKpMu21Bnl3v3abj3x
zZReP2PGBVC1ZdrzAHAhlSpRmTrWglna/yJNzO4Znk2vl4Nu6muH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:32 2024 by rpki-client on console-ams.rpki-client.org