Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uLTAAJG9xNpTRiOR6v0vPEx-uM0.roa
File: uLTAAJG9xNpTRiOR6v0vPEx-uM0.roa (raw, json)
Hash identifier: +mHVTqGTUUWpt14P4jFu5+Ge1zxitJqC0hps8WPpYBI=
Subject key identifier: B8:B4:C0:00:91:BD:C4:DA:53:46:23:91:EA:FD:2F:3C:4C:7E:B8:CD
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018595445790B0501B4251FA455F4AA4D425
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uLTAAJG9xNpTRiOR6v0vPEx-uM0.roa
Signing time: Mon 09 Jan 2023 06:42:42 +0000
ROA not before: Mon 09 Jan 2023 06:42:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 88.216.208.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.246.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jan 2023 21:19:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:44:57:90:b0:50:1b:42:51:fa:45:5f:4a:a4:d4:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 9 06:42:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8b4c00091bdc4da53462391eafd2f3c4c7eb8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fd:38:83:13:fe:8d:c3:0f:d7:97:ee:cf:c3:
ff:f6:c7:f1:71:9f:1d:4c:13:b7:a1:1b:27:04:16:
df:35:69:c0:16:ca:be:eb:04:c7:b2:00:b0:c3:64:
f7:8c:e3:49:76:53:4e:d4:83:31:83:5b:fa:b3:d8:
34:8c:b8:f9:04:a2:94:0f:64:2d:2b:99:73:4c:7d:
ac:30:3c:46:18:95:b6:ec:86:ae:60:3d:44:63:9a:
0f:96:b6:ae:f8:43:da:13:88:74:17:e8:40:f2:33:
80:28:96:70:05:30:6e:56:e9:db:0c:07:be:2a:d5:
b5:ad:a6:da:f2:60:32:de:9f:b4:4f:e8:9e:1a:ce:
23:df:ca:70:44:f5:18:e4:a1:e2:20:1d:9f:5b:be:
23:15:5e:dc:74:a9:9b:18:20:30:9e:77:27:f7:ab:
33:ee:1c:f2:79:37:9b:49:c6:c4:da:5c:36:bf:4f:
05:b4:d8:d3:2f:5a:de:22:1c:75:10:df:38:8f:41:
a4:87:bc:64:51:4f:a2:fb:ff:96:c2:8e:fd:cf:0a:
8e:6b:5a:57:03:ec:e9:74:9a:26:33:35:3f:0f:b5:
e2:e4:be:5c:e3:0b:32:cc:76:1e:37:87:44:22:80:
17:2d:d6:91:97:16:48:ce:2e:2f:22:3f:74:5a:02:
cc:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B4:C0:00:91:BD:C4:DA:53:46:23:91:EA:FD:2F:3C:4C:7E:B8:CD
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uLTAAJG9xNpTRiOR6v0vPEx-uM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/22
84.32.246.0/23
88.216.208.0/24
Signature Algorithm: sha256WithRSAEncryption
22:5e:41:39:47:f8:11:0d:21:7c:f5:a2:23:6a:f2:12:db:ee:
b6:ee:84:f6:0d:6f:70:fc:18:41:a0:a0:bf:3b:68:62:47:9f:
06:38:44:54:50:b5:71:47:ee:e5:d7:fd:d4:fd:86:be:8b:d1:
06:7f:69:41:df:db:d6:85:ec:ff:08:7c:9f:84:c0:2e:48:9e:
c2:3f:6e:3c:8d:7e:b7:ad:b4:84:c6:5c:12:e1:4a:5c:96:89:
78:8a:c2:2a:e8:01:59:fe:3f:b6:05:b9:4e:66:16:c4:f0:d9:
b5:d7:e2:08:b1:98:3f:d3:5f:7b:52:63:b1:3a:56:7c:ff:7b:
50:33:12:fb:9f:ca:b3:74:a3:fd:55:b4:17:5b:d8:eb:a4:e4:
9b:58:85:07:28:ce:92:a0:b4:9f:20:9a:9d:27:8e:5e:05:f1:
34:11:a4:66:59:2a:79:20:5b:44:12:9e:33:ff:4e:07:b0:f5:
77:df:06:5d:d0:25:99:ac:bd:2f:b8:f6:2d:48:16:75:1c:c0:
99:cf:a8:e8:02:2b:fd:ed:83:e1:56:20:5e:04:f0:cf:1b:fc:
e6:d8:2c:8d:9b:da:e8:7f:ed:ca:29:1a:76:45:df:0e:b0:b8:
2a:1f:89:36:a2:6e:43:a9:e9:04:59:ec:e5:1c:b1:ce:4b:c8:
3d:38:33:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWVRFeQsFAbQlH6RV9KpNQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTA5MDY0MjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGI0YzAwMDkxYmRjNGRhNTM0NjIzOTFlYWZkMmYzYzRjN2ViOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1f04gxP+jcMP15fuz8P/9sfxcZ8d
TBO3oRsnBBbfNWnAFsq+6wTHsgCww2T3jONJdlNO1IMxg1v6s9g0jLj5BKKUD2Qt
K5lzTH2sMDxGGJW27IauYD1EY5oPlrau+EPaE4h0F+hA8jOAKJZwBTBuVunbDAe+
KtW1raba8mAy3p+0T+ieGs4j38pwRPUY5KHiIB2fW74jFV7cdKmbGCAwnncn96sz
7hzyeTebScbE2lw2v08FtNjTL1reIhx1EN84j0Gkh7xkUU+i+/+Wwo79zwqOa1pX
A+zpdJomMzU/D7Xi5L5c4wsyzHYeN4dEIoAXLdaRlxZIzi4vIj90WgLM/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLi0wACRvcTaU0Yjker9LzxMfrjNMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdUxUQUFKRzl4TnBUUmlPUjZ2MHZQRXgtdU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVCAUAwQB
VCD2AwQAWNjQMA0GCSqGSIb3DQEBCwUAA4IBAQAiXkE5R/gRDSF89aIjavIS2+62
7oT2DW9w/BhBoKC/O2hiR58GOERUULVxR+7l1/3U/Ya+i9EGf2lB39vWhez/CHyf
hMAuSJ7CP248jX63rbSExlwS4Upclol4isIq6AFZ/j+2BblOZhbE8Nm11+IIsZg/
0197UmOxOlZ8/3tQMxL7n8qzdKP9VbQXW9jrpOSbWIUHKM6SoLSfIJqdJ45eBfE0
EaRmWSp5IFtEEp4z/04HsPV33wZd0CWZrL0vuPYtSBZ1HMCZz6joAiv97YPhViBe
BPDPG/zm2CyNm9rof+3KKRp2Rd8OsLgqH4k2om5DqekEWezlHLHOS8g9ODND
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:32 2024 by rpki-client on console-ams.rpki-client.org