Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/u1va8VBHtNThfoGc3_pCBMY4a1w.roa
File: u1va8VBHtNThfoGc3_pCBMY4a1w.roa (raw, json)
Hash identifier: 7nS7HYKHb+T1toAM4CFQTc9l9S5GX3JoV9AT0ccBtkw=
Subject key identifier: BB:5B:DA:F1:50:47:B4:D4:E1:7E:81:9C:DF:FA:42:04:C6:38:6B:5C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC501518987681547DAD289B6BA86CF49
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/u1va8VBHtNThfoGc3_pCBMY4a1w.roa
Signing time: Mon 01 Jan 2024 12:30:46 +0000
ROA not before: Mon 01 Jan 2024 12:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400529
IP address blocks: 88.216.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 19:41:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:51:89:87:68:15:47:da:d2:89:b6:ba:86:cf:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb5bdaf15047b4d4e17e819cdffa4204c6386b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8f:f8:3b:52:30:d5:4d:d6:8f:33:e6:1c:49:
b6:8f:ac:ce:aa:8e:19:3e:a0:df:43:ab:16:db:8a:
92:60:68:60:3b:4f:6b:d0:99:03:dc:51:06:37:59:
78:8e:ef:16:06:95:cc:a5:b3:a1:f9:76:57:23:88:
21:ee:8f:91:35:59:94:d7:76:cf:04:43:b7:1a:6f:
20:42:f4:8e:a6:f2:76:08:7b:e0:46:80:65:95:db:
c2:1e:6b:13:49:28:6d:51:99:a6:e8:ba:ec:d0:e0:
45:37:07:49:ed:6a:76:56:c9:80:fe:5c:51:cb:6c:
e6:86:e9:b2:da:04:47:69:38:59:68:c7:5a:b7:cf:
93:14:64:e9:df:17:62:94:0f:88:6c:7e:c7:5c:72:
f0:c9:8d:02:d3:a5:31:ce:2e:af:5b:9e:23:52:49:
f1:1c:45:df:02:d2:ed:5e:8f:09:e7:a5:45:fb:b8:
f3:3b:25:83:c8:dd:d7:40:b6:3d:bc:2c:84:d0:80:
43:79:5f:05:06:92:42:7d:19:15:c1:b5:15:56:93:
11:88:e8:47:b6:5d:f7:9a:f8:07:e2:2f:46:f9:11:
d4:d9:ba:f6:27:eb:8c:7b:29:1f:ee:ea:58:75:bc:
79:89:53:77:08:58:eb:7f:18:83:13:b6:0b:2c:e1:
68:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:5B:DA:F1:50:47:B4:D4:E1:7E:81:9C:DF:FA:42:04:C6:38:6B:5C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/u1va8VBHtNThfoGc3_pCBMY4a1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.214.0/24
Signature Algorithm: sha256WithRSAEncryption
23:f8:86:26:2d:9b:41:67:81:0a:c9:fa:50:d3:10:07:ca:87:
2e:ef:25:e3:68:97:18:44:24:c2:99:92:f0:4f:77:cf:01:70:
3d:c4:1d:bb:0c:95:7d:fc:f4:73:c7:40:d9:b8:66:62:83:c2:
56:05:32:aa:3d:3e:2f:cd:fc:8b:35:49:58:d0:a3:a8:5d:ca:
83:5e:16:91:55:c7:d8:bb:f6:8f:c3:45:bb:05:30:f8:c9:f8:
86:d0:88:a6:46:c2:f5:6a:68:f2:83:da:ea:7f:35:31:55:b8:
8d:32:ea:d6:ca:f2:3b:d8:75:83:3c:08:24:30:5f:5d:92:02:
a7:02:10:51:3f:d7:4c:b3:f2:5a:80:94:08:bf:8c:0e:80:d9:
89:31:58:58:7c:66:83:38:d7:cb:06:77:8a:49:af:50:3b:90:
4d:bb:70:0b:a6:55:13:e6:d1:4d:66:d5:9d:6d:11:36:b2:7c:
62:6a:b4:91:7a:a2:dc:52:fd:e9:51:08:65:d0:a2:82:b8:72:
46:8a:09:21:f3:79:68:70:62:fb:a7:bb:6e:75:e1:76:2e:db:
29:d2:9c:7a:6a:68:84:cb:8e:b2:80:20:5d:6e:4b:b6:13:23:
56:57:6d:7f:4d:42:2c:c6:6f:a2:cd:e2:12:3f:3b:d2:48:84:
fc:75:42:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAVGJh2gVR9rSiba6hs9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjViZGFmMTUwNDdiNGQ0ZTE3ZTgxOWNkZmZhNDIwNGM2Mzg2YjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo/4O1Iw1U3WjzPmHEm2j6zOqo4Z
PqDfQ6sW24qSYGhgO09r0JkD3FEGN1l4ju8WBpXMpbOh+XZXI4gh7o+RNVmU13bP
BEO3Gm8gQvSOpvJ2CHvgRoBlldvCHmsTSShtUZmm6Lrs0OBFNwdJ7Wp2VsmA/lxR
y2zmhumy2gRHaThZaMdat8+TFGTp3xdilA+IbH7HXHLwyY0C06Uxzi6vW54jUknx
HEXfAtLtXo8J56VF+7jzOyWDyN3XQLY9vCyE0IBDeV8FBpJCfRkVwbUVVpMRiOhH
tl33mvgH4i9G+RHU2br2J+uMeykf7upYdbx5iVN3CFjrfxiDE7YLLOFoXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtb2vFQR7TU4X6BnN/6QgTGOGtcMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdTF2YThWQkh0TlRoZm9HYzNfcENCTVk0YTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNjWMA0G
CSqGSIb3DQEBCwUAA4IBAQAj+IYmLZtBZ4EKyfpQ0xAHyocu7yXjaJcYRCTCmZLw
T3fPAXA9xB27DJV9/PRzx0DZuGZig8JWBTKqPT4vzfyLNUlY0KOoXcqDXhaRVcfY
u/aPw0W7BTD4yfiG0IimRsL1amjyg9rqfzUxVbiNMurWyvI72HWDPAgkMF9dkgKn
AhBRP9dMs/JagJQIv4wOgNmJMVhYfGaDONfLBneKSa9QO5BNu3ALplUT5tFNZtWd
bRE2snxiarSReqLcUv3pUQhl0KKCuHJGigkh83locGL7p7tudeF2Ltsp0px6amiE
y46ygCBdbku2EyNWV21/TUIsxm+izeISPzvSSIT8dUKy
-----END CERTIFICATE-----
Generated at Tue Jan 23 23:03:37 2024 by rpki-client on console-fra.rpki-client.org