Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tijBlOG2Wd8CeaP2j_POIJ0lM5c.roa
File: tijBlOG2Wd8CeaP2j_POIJ0lM5c.roa (raw, json)
Hash identifier: ybfFHKeW01jR3kzM7NSaQWPB+9C6g39Ra8QkGUKvK0g=
Subject key identifier: B6:28:C1:94:E1:B6:59:DF:02:79:A3:F6:8F:F3:CE:20:9D:25:33:97
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188758CA8FE345C03423875BD7794B475C3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tijBlOG2Wd8CeaP2j_POIJ0lM5c.roa
Signing time: Thu 01 Jun 2023 06:02:12 +0000
ROA not before: Thu 01 Jun 2023 06:02:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 88.216.105.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Jun 2023 11:35:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:75:8c:a8:fe:34:5c:03:42:38:75:bd:77:94:b4:75:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 1 06:02:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b628c194e1b659df0279a3f68ff3ce209d253397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:98:96:54:68:ef:43:26:ce:0a:36:61:47:1b:
ad:40:27:0a:b9:ea:bd:c1:8f:f8:70:b8:d3:ff:2d:
91:d6:0e:92:4d:32:fb:39:24:1d:d9:5e:9a:7c:ee:
72:f9:9d:35:4f:75:f3:74:50:ae:cd:9a:d2:41:13:
57:c1:e2:5f:9a:23:4f:74:59:d2:c8:a7:ca:aa:4b:
15:f5:b5:aa:60:9c:60:40:55:64:ea:09:6d:9e:fe:
3b:c8:a1:9a:3f:18:6f:ef:7a:8d:3c:97:d6:a7:76:
6a:eb:3f:74:6f:2f:38:35:d6:d1:a7:a3:1b:03:17:
10:99:73:f5:b3:c4:4c:43:04:41:e8:c6:fc:74:56:
6b:bb:cc:20:11:1f:b5:b9:ba:8f:30:aa:ed:bd:3e:
43:5b:e3:ea:ca:2c:81:40:ba:62:1d:6e:49:be:1a:
2a:88:51:bd:79:1c:40:d0:04:81:9d:68:bc:16:cf:
07:60:01:9f:46:de:84:c4:5c:b8:bc:0f:26:c7:6f:
36:a4:87:bf:e9:53:47:6a:cf:fd:3f:1b:47:98:29:
7c:c3:5d:5c:92:c9:a4:4d:20:09:f6:9d:5e:a6:13:
da:78:c2:b8:d6:5f:8d:4e:27:a0:74:04:fa:2a:7d:
96:d4:1a:c7:0e:dc:a1:0a:ee:58:62:ef:4a:5e:43:
e6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:28:C1:94:E1:B6:59:DF:02:79:A3:F6:8F:F3:CE:20:9D:25:33:97
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tijBlOG2Wd8CeaP2j_POIJ0lM5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.242.0/24
88.216.105.0/24
88.216.128.0/24
Signature Algorithm: sha256WithRSAEncryption
71:94:5a:d8:e0:dc:66:0f:3c:4e:81:03:3a:27:de:d9:1b:f0:
31:13:a2:6e:d4:80:d7:8a:09:38:6b:bc:fd:75:f2:ca:a6:bf:
5d:a2:6f:42:7f:2e:68:34:ff:63:c5:1f:7c:3c:21:74:c9:56:
f4:60:21:37:37:dc:a1:d3:5b:ce:9a:ce:56:8a:66:1c:b5:96:
27:f9:00:76:8b:b9:5a:e3:99:e9:4a:61:8e:76:2f:80:a0:dc:
2d:fe:19:91:05:c9:df:f0:0d:66:55:af:cc:70:6a:57:6f:72:
ea:35:5a:8e:fc:9a:df:bd:27:ed:db:0b:82:6b:cd:49:eb:f9:
ba:06:6c:d1:d1:44:a7:1b:ea:da:11:69:b7:b1:b0:8a:df:d9:
ea:d4:b7:1c:89:cc:23:32:ee:d3:33:3d:8b:3a:2a:94:5c:4d:
57:da:9d:52:4b:b2:cd:2e:a4:4d:79:2e:51:1b:8a:be:49:85:
12:21:4e:d6:b6:c2:95:8b:36:5c:b5:72:06:3d:44:f1:63:c4:
cb:47:e9:ca:1f:29:1d:71:4d:a8:7a:a9:22:9b:8c:6e:57:23:
5f:c1:92:e6:c4:d2:5a:c5:ff:05:80:db:54:0e:2c:72:35:78:
c0:f6:5a:df:10:65:d0:32:56:6a:81:23:35:77:d9:6a:5c:7c:
0b:0f:51:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh1jKj+NFwDQjh1vXeUtHXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjAxMDYwMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjI4YzE5NGUxYjY1OWRmMDI3OWEzZjY4ZmYzY2UyMDlkMjUzMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JiWVGjvQybOCjZhRxutQCcKueq9
wY/4cLjT/y2R1g6STTL7OSQd2V6afO5y+Z01T3XzdFCuzZrSQRNXweJfmiNPdFnS
yKfKqksV9bWqYJxgQFVk6gltnv47yKGaPxhv73qNPJfWp3Zq6z90by84NdbRp6Mb
AxcQmXP1s8RMQwRB6Mb8dFZru8wgER+1ubqPMKrtvT5DW+PqyiyBQLpiHW5Jvhoq
iFG9eRxA0ASBnWi8Fs8HYAGfRt6ExFy4vA8mx282pIe/6VNHas/9PxtHmCl8w11c
ksmkTSAJ9p1ephPaeMK41l+NTiegdAT6Kn2W1BrHDtyhCu5YYu9KXkPm8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLYowZThtlnfAnmj9o/zziCdJTOXMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdGlqQmxPRzJXZDhDZWFQMmpfUE9JSjBsTTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCDyAwQA
WNhpAwQAWNiAMA0GCSqGSIb3DQEBCwUAA4IBAQBxlFrY4NxmDzxOgQM6J97ZG/Ax
E6Ju1IDXigk4a7z9dfLKpr9dom9Cfy5oNP9jxR98PCF0yVb0YCE3N9yh01vOms5W
imYctZYn+QB2i7la45npSmGOdi+AoNwt/hmRBcnf8A1mVa/McGpXb3LqNVqO/Jrf
vSft2wuCa81J6/m6BmzR0USnG+raEWm3sbCK39nq1LccicwjMu7TMz2LOiqUXE1X
2p1SS7LNLqRNeS5RG4q+SYUSIU7WtsKVizZctXIGPUTxY8TLR+nKHykdcU2oeqki
m4xuVyNfwZLmxNJaxf8FgNtUDixyNXjA9lrfEGXQMlZqgSM1d9lqXHwLD1Fv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org