Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vox7ohXDqTjFu7QaBiaQDiWrHZw.roa
File: vox7ohXDqTjFu7QaBiaQDiWrHZw.roa (raw, json)
Hash identifier: kc/+H6nUgV1F4Mi46biQu1t55/DZ38pLuRTcSv5Mmu0=
Subject key identifier: BE:8C:7B:A2:15:C3:A9:38:C5:BB:B4:1A:06:26:90:0E:25:AB:1D:9C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018BDDCA41B1CD96231E224CB9EF0805269F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vox7ohXDqTjFu7QaBiaQDiWrHZw.roa
Signing time: Fri 17 Nov 2023 14:58:21 +0000
ROA not before: Fri 17 Nov 2023 14:58:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 88.216.60.0/22 maxlen: 24
84.32.208.0/23 maxlen: 24
84.32.108.0/22 maxlen: 24
84.32.48.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Dec 2023 06:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:ca:41:b1:cd:96:23:1e:22:4c:b9:ef:08:05:26:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 17 14:58:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be8c7ba215c3a938c5bbb41a0626900e25ab1d9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b5:f2:75:18:76:44:6b:4f:6f:b4:2b:da:6b:
77:2a:ae:bd:b0:8c:8e:7c:4d:30:69:33:af:9d:11:
c7:8e:7c:0c:c1:70:a7:3f:57:d1:f9:50:f6:5a:9b:
f9:88:b8:ac:cf:8a:7a:19:f1:bc:b9:08:e4:63:d8:
11:07:b8:dd:4a:ab:83:6b:33:3c:cb:82:8e:cb:3b:
5c:71:b8:30:d4:24:ba:0e:c4:36:43:b0:d6:59:69:
85:c0:c2:4d:5e:8b:2d:04:a5:af:2f:e7:ee:f2:45:
4b:a4:25:f3:9e:06:b7:2e:22:94:ba:a9:47:ff:d0:
70:3a:bd:65:ae:72:f8:4d:a6:2c:4a:c2:8e:e0:ee:
87:ac:ec:c4:3b:b1:94:9b:4a:ad:39:ad:ba:f8:b8:
61:2a:2e:4f:e2:74:9f:2e:45:37:23:8c:46:29:13:
69:e3:f4:88:9a:e2:71:ac:49:ea:2d:4a:3c:4e:c0:
7a:d8:62:67:6d:78:a5:05:1c:db:4a:cb:03:aa:9f:
f6:44:f7:6f:c7:bf:d6:40:a5:3e:2a:eb:68:bf:d9:
d3:48:26:68:e5:d4:54:99:b1:bf:58:53:e1:ee:3c:
6b:14:bc:94:f1:e4:fd:14:1a:0d:f4:7e:c4:68:07:
76:4b:f2:b1:f8:e8:1c:51:cc:64:bf:07:12:5e:1a:
f2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:8C:7B:A2:15:C3:A9:38:C5:BB:B4:1A:06:26:90:0E:25:AB:1D:9C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vox7ohXDqTjFu7QaBiaQDiWrHZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.48.0/22
84.32.108.0/22
84.32.208.0/23
88.216.60.0/22
Signature Algorithm: sha256WithRSAEncryption
12:db:6a:e8:e3:53:24:f0:cc:bd:b5:37:ec:92:91:cc:0f:2f:
cd:55:98:79:af:8c:d0:b8:15:8d:5e:cd:7b:2c:c9:9a:8c:0c:
f8:04:42:5b:5a:38:6e:fa:13:f4:75:86:e8:af:c8:3f:12:1c:
b4:c0:08:9d:68:12:91:c6:2e:46:29:00:58:c0:cb:98:38:75:
18:2f:05:08:2e:95:d0:30:84:49:ba:14:a2:27:2b:42:5b:db:
66:20:cb:28:1c:a1:9c:7e:22:98:d4:71:e2:82:7b:66:7e:a8:
69:6a:11:e5:24:d1:4c:ab:5f:96:4f:f7:3c:f5:96:23:36:ea:
6a:6d:87:25:d5:dc:46:bb:5e:25:d4:d2:c2:fe:ff:5e:37:10:
44:16:fb:a0:bd:da:b4:9d:be:af:28:78:b0:7e:4e:ab:71:98:
4f:ef:3a:e8:86:d7:b5:4e:a8:0d:68:86:91:4d:8d:ed:ce:01:
bf:61:0b:6a:c7:73:cc:e8:0e:6b:c0:51:4f:6a:ca:11:a9:c0:
d5:76:d9:93:b3:00:f2:52:14:a0:27:6c:b7:cc:72:2f:30:f5:
04:50:ef:af:9f:ec:28:77:64:ff:cc:31:1c:d5:6a:53:a7:e6:
a3:b3:10:3a:55:49:3f:13:87:d0:d3:24:03:6c:eb:de:02:3c:
01:2e:f2:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvdykGxzZYjHiJMue8IBSafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMTE3MTQ1ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZThjN2JhMjE1YzNhOTM4YzViYmI0MWEwNjI2OTAwZTI1YWIxZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7XydRh2RGtPb7Qr2mt3Kq69sIyO
fE0waTOvnRHHjnwMwXCnP1fR+VD2Wpv5iLisz4p6GfG8uQjkY9gRB7jdSquDazM8
y4KOyztccbgw1CS6DsQ2Q7DWWWmFwMJNXostBKWvL+fu8kVLpCXznga3LiKUuqlH
/9BwOr1lrnL4TaYsSsKO4O6HrOzEO7GUm0qtOa26+LhhKi5P4nSfLkU3I4xGKRNp
4/SImuJxrEnqLUo8TsB62GJnbXilBRzbSssDqp/2RPdvx7/WQKU+Kutov9nTSCZo
5dRUmbG/WFPh7jxrFLyU8eT9FBoN9H7EaAd2S/Kx+OgcUcxkvwcSXhry5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL6Me6IVw6k4xbu0GgYmkA4lqx2cMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdm94N29oWERxVGpGdTdRYUJpYVFEaVdySFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVCAwAwQC
VCBsAwQBVCDQAwQCWNg8MA0GCSqGSIb3DQEBCwUAA4IBAQAS22ro41Mk8My9tTfs
kpHMDy/NVZh5r4zQuBWNXs17LMmajAz4BEJbWjhu+hP0dYbor8g/Ehy0wAidaBKR
xi5GKQBYwMuYOHUYLwUILpXQMIRJuhSiJytCW9tmIMsoHKGcfiKY1HHigntmfqhp
ahHlJNFMq1+WT/c89ZYjNupqbYcl1dxGu14l1NLC/v9eNxBEFvugvdq0nb6vKHiw
fk6rcZhP7zrohte1TqgNaIaRTY3tzgG/YQtqx3PM6A5rwFFPasoRqcDVdtmTswDy
UhSgJ2y3zHIvMPUEUO+vn+wod2T/zDEc1WpTp+ajsxA6VUk/E4fQ0yQDbOveAjwB
LvJD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org