Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/x58Q4tbREdJXlZiEr4LFwzLZNqE.roa
File: x58Q4tbREdJXlZiEr4LFwzLZNqE.roa (raw, json)
Hash identifier: 72xbIrItaIiFbmKCeeLUrFvK1JvXfrQdhIzowxRDS3g=
Subject key identifier: C7:9F:10:E2:D6:D1:11:D2:57:95:98:84:AF:82:C5:C3:32:D9:36:A1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC5013E046ED7608C64A8BCABB178311A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/x58Q4tbREdJXlZiEr4LFwzLZNqE.roa
Signing time: Mon 01 Jan 2024 12:30:42 +0000
ROA not before: Mon 01 Jan 2024 12:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33922
IP address blocks: 88.216.164.0/24 maxlen: 24
88.216.165.0/24 maxlen: 24
88.216.166.0/24 maxlen: 24
88.216.167.0/24 maxlen: 24
88.216.148.0/24 maxlen: 24
88.216.68.0/22 maxlen: 24
84.32.182.0/24 maxlen: 24
84.32.183.0/24 maxlen: 24
88.216.76.0/22 maxlen: 24
84.32.180.0/24 maxlen: 24
84.32.181.0/24 maxlen: 24
84.32.116.0/23 maxlen: 24
84.32.114.0/23 maxlen: 24
88.216.24.0/23 maxlen: 24
88.216.26.0/23 maxlen: 24
88.216.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 18:52:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3e:04:6e:d7:60:8c:64:a8:bc:ab:b1:78:31:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c79f10e2d6d111d257959884af82c5c332d936a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f4:82:c2:41:49:16:f2:e3:33:67:40:c8:97:
5f:ee:68:8f:fc:43:bd:46:9b:02:48:83:62:7f:0f:
e6:95:fe:89:cf:e1:84:05:0e:b6:55:c0:30:1d:cb:
f0:77:e7:ea:d4:21:b4:30:22:d1:ca:d9:b4:9d:a2:
4b:3d:88:ee:5f:d5:cc:34:bd:88:1a:cc:3f:7a:60:
83:ee:53:fc:78:5b:ad:22:cf:92:81:df:11:f2:b5:
ab:d6:af:a1:df:76:35:ac:70:3c:2a:7d:54:fd:f9:
40:80:ae:64:13:8a:bc:2a:f1:63:45:26:c4:e0:02:
3a:3a:5b:a6:cc:ac:29:6b:ec:9f:5d:7f:05:b9:c1:
d4:91:df:b8:29:68:63:a6:ef:40:8a:84:6d:27:99:
ea:d1:d3:c0:e8:2c:0e:75:f2:24:1a:ea:16:bc:9f:
e4:f1:8c:d0:3b:50:f2:b0:f0:47:b3:dd:ad:dd:cf:
ae:1d:bb:f4:c5:74:aa:fb:bb:56:70:41:22:e1:9a:
a4:ad:66:88:4a:02:2c:93:d4:60:07:fd:b7:a2:af:
dd:22:fc:88:cb:e1:53:08:9e:69:c7:45:f1:a0:3d:
d7:d7:48:22:e8:44:53:f3:47:ea:2b:e4:34:d9:f6:
77:5f:32:7a:70:ee:ec:81:3e:94:dd:fe:7b:36:18:
a7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:9F:10:E2:D6:D1:11:D2:57:95:98:84:AF:82:C5:C3:32:D9:36:A1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/x58Q4tbREdJXlZiEr4LFwzLZNqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.114.0-84.32.117.255
84.32.180.0/22
88.216.24.0/21
88.216.68.0/22
88.216.76.0/22
88.216.148.0/24
88.216.164.0/22
Signature Algorithm: sha256WithRSAEncryption
96:15:62:46:d6:42:04:80:5c:4d:14:95:80:8c:ea:ae:a4:0f:
ad:fe:aa:e7:ff:be:e4:36:f3:1f:6c:35:68:6f:5c:9a:3b:f3:
d7:93:d8:4a:26:3f:db:27:d6:a1:6a:64:35:b1:e4:ac:41:40:
13:12:e8:4e:7c:d6:08:11:25:d5:02:69:d3:36:75:e3:54:e9:
5f:54:96:00:04:dc:28:2d:9f:bb:db:39:9e:5b:15:f1:66:a6:
c9:1c:a4:ea:a4:9d:16:92:66:30:13:89:95:3a:e6:09:ee:66:
24:7c:dc:59:f6:62:a4:7d:91:54:51:13:73:42:92:68:05:64:
b9:d9:72:7d:35:ec:89:6e:88:c1:81:39:ca:ca:e6:20:6b:db:
a8:f6:8c:8f:2b:4c:74:07:f7:84:3c:4c:24:88:c5:9f:b3:2c:
8b:59:96:f5:45:0a:fc:c7:25:50:ab:26:00:a6:0b:bb:91:54:
c2:36:68:95:e5:84:ee:ba:b9:25:55:86:99:cf:8b:20:c9:62:
ae:c7:06:1c:2e:21:78:f6:07:88:f4:1f:78:9b:c8:a5:dd:14:
e6:b5:f3:7d:61:33:91:25:5a:dc:0b:6b:0a:40:a5:2d:ad:91:
89:96:f9:63:31:da:72:08:78:59:17:d7:2d:53:0d:d3:f2:87:
ae:bb:16:58
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzFAT4EbtdgjGSovKuxeDEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzlmMTBlMmQ2ZDExMWQyNTc5NTk4ODRhZjgyYzVjMzMyZDkzNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfSCwkFJFvLjM2dAyJdf7miP/EO9
RpsCSINifw/mlf6Jz+GEBQ62VcAwHcvwd+fq1CG0MCLRytm0naJLPYjuX9XMNL2I
Gsw/emCD7lP8eFutIs+Sgd8R8rWr1q+h33Y1rHA8Kn1U/flAgK5kE4q8KvFjRSbE
4AI6OlumzKwpa+yfXX8FucHUkd+4KWhjpu9AioRtJ5nq0dPA6CwOdfIkGuoWvJ/k
8YzQO1DysPBHs92t3c+uHbv0xXSq+7tWcEEi4ZqkrWaISgIsk9RgB/23oq/dIvyI
y+FTCJ5px0XxoD3X10gi6ERT80fqK+Q02fZ3XzJ6cO7sgT6U3f57NhincQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFMefEOLW0RHSV5WYhK+CxcMy2TahMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveDU4UTR0YlJFZEpYbFppRXI0TEZ3ekxaTnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAFUIHID
BAFUIHQDBAJUILQDBANY2BgDBAJY2EQDBAJY2EwDBABY2JQDBAJY2KQwDQYJKoZI
hvcNAQELBQADggEBAJYVYkbWQgSAXE0UlYCM6q6kD63+quf/vuQ28x9sNWhvXJo7
89eT2EomP9sn1qFqZDWx5KxBQBMS6E581ggRJdUCadM2deNU6V9UlgAE3Cgtn7vb
OZ5bFfFmpskcpOqknRaSZjATiZU65gnuZiR83Fn2YqR9kVRRE3NCkmgFZLnZcn01
7IluiMGBOcrK5iBr26j2jI8rTHQH94Q8TCSIxZ+zLItZlvVFCvzHJVCrJgCmC7uR
VMI2aJXlhO66uSVVhpnPiyDJYq7HBhwuIXj2B4j0H3ibyKXdFOa1831hM5ElWtwL
awpApS2tkYmW+WMx2nIIeFkX1y1TDdPyh667Flg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org