Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xi3h-1Ovr6on8KeZwdNTmr-aG6M.roa
File: xi3h-1Ovr6on8KeZwdNTmr-aG6M.roa (raw, json)
Hash identifier: qmUhBnn69dRg4P4FZ6gzfm6ATU0au+Lxtl8zYpftn54=
Subject key identifier: C6:2D:E1:FB:53:AF:AF:AA:27:F0:A7:99:C1:D3:53:9A:BF:9A:1B:A3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0192CE8F670254CDA83B7627435A510FAFA5
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xi3h-1Ovr6on8KeZwdNTmr-aG6M.roa
Signing time: Sun 27 Oct 2024 15:19:17 +0000
ROA not before: Sun 27 Oct 2024 15:19:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 88.216.17.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 08:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ce:8f:67:02:54:cd:a8:3b:76:27:43:5a:51:0f:af:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 27 15:19:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c62de1fb53afafaa27f0a799c1d3539abf9a1ba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:99:a6:ae:80:4e:28:1e:73:8e:1e:21:f8:bb:
f0:07:6b:7d:9b:f7:05:c1:ca:22:d1:f5:de:d3:11:
7b:ae:31:41:ab:03:bc:8d:c2:86:71:7e:cf:73:de:
45:06:b4:23:3d:d3:8b:d6:00:e5:2b:ad:10:af:e8:
10:ab:cc:30:63:89:4a:5a:ff:b5:7b:c4:6a:27:9c:
be:e4:ad:48:85:c6:df:69:5c:71:d4:84:70:4f:90:
e9:07:de:45:f9:3f:d2:06:62:04:d9:cd:15:c9:09:
12:3e:d4:7d:2a:96:42:5d:f8:b6:84:d7:49:a1:f1:
97:e6:73:bd:d6:a1:18:be:d4:56:ad:04:c8:8a:94:
a8:34:b4:a9:d7:9a:be:d1:e5:c6:1c:2a:31:78:70:
e9:61:c7:05:af:1b:96:c2:b9:a7:03:5e:03:25:7f:
14:5e:16:76:37:a0:8e:d7:1e:4c:29:5a:ee:8e:d6:
89:19:19:fe:a5:63:50:d8:19:f8:3f:1d:a9:63:1a:
9c:c0:46:24:ea:84:39:22:b3:b9:94:14:40:71:dc:
0e:7d:2a:09:da:ee:ef:01:4f:ee:20:a5:f6:d8:7e:
50:48:14:59:a2:d9:07:9c:21:c0:04:08:e9:be:fe:
67:41:12:c0:91:72:f7:f3:b9:cd:02:cb:04:0e:ee:
a5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:2D:E1:FB:53:AF:AF:AA:27:F0:A7:99:C1:D3:53:9A:BF:9A:1B:A3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xi3h-1Ovr6on8KeZwdNTmr-aG6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.17.0/24
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
26:39:9b:29:df:e7:33:2e:e7:36:70:82:8e:85:29:70:75:48:
91:c7:6a:66:37:15:bb:ea:96:84:98:4d:37:c9:6f:58:a2:16:
ef:19:ed:32:21:f8:8a:91:12:ad:be:0d:d6:62:7c:43:16:e5:
7b:90:e4:78:45:c2:af:3f:e9:a6:e3:2d:18:ae:0b:c0:57:dc:
cf:84:46:34:1c:c8:65:e6:5d:50:3d:e5:c1:2d:aa:2d:6e:9e:
9d:9e:dd:dd:87:6b:c8:71:36:2f:14:49:df:b3:f3:46:82:1c:
a5:95:45:2f:b5:4c:a3:8d:50:da:06:42:0c:f0:cf:4f:06:b2:
c1:f9:7b:27:93:57:c8:ed:83:2e:6d:ed:3a:de:0e:30:57:8d:
96:c3:34:c5:4b:f1:39:6e:17:cc:f5:fd:53:94:6b:64:16:14:
72:20:67:1d:58:33:dd:01:f0:a5:89:1e:ab:9a:fc:c9:3e:45:
a2:49:e7:bd:f5:25:79:b7:73:c9:c9:f2:29:e9:ed:3f:71:62:
c9:fc:ea:37:1a:c0:42:ae:23:55:0d:bd:e6:65:31:ba:6b:8a:
7b:60:bb:97:14:1d:92:95:99:dc:e2:2b:b9:0a:30:84:0b:74:
5b:fd:fc:80:af:18:58:ba:58:c1:37:aa:ce:97:8c:2e:ff:c5:
45:5d:94:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLOj2cCVM2oO3YnQ1pRD6+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQxMDI3MTUxOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjJkZTFmYjUzYWZhZmFhMjdmMGE3OTljMWQzNTM5YWJmOWExYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5mmroBOKB5zjh4h+LvwB2t9m/cF
wcoi0fXe0xF7rjFBqwO8jcKGcX7Pc95FBrQjPdOL1gDlK60Qr+gQq8wwY4lKWv+1
e8RqJ5y+5K1IhcbfaVxx1IRwT5DpB95F+T/SBmIE2c0VyQkSPtR9KpZCXfi2hNdJ
ofGX5nO91qEYvtRWrQTIipSoNLSp15q+0eXGHCoxeHDpYccFrxuWwrmnA14DJX8U
XhZ2N6CO1x5MKVrujtaJGRn+pWNQ2Bn4Px2pYxqcwEYk6oQ5IrO5lBRAcdwOfSoJ
2u7vAU/uIKX22H5QSBRZotkHnCHABAjpvv5nQRLAkXL387nNAssEDu6lVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMYt4ftTr6+qJ/CnmcHTU5q/mhujMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveGkzaC0xT3ZyNm9uOEtlWndkTlRtci1hRzZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNgRAwQC
WNjUMA0GCSqGSIb3DQEBCwUAA4IBAQAmOZsp3+czLuc2cIKOhSlwdUiRx2pmNxW7
6paEmE03yW9YohbvGe0yIfiKkRKtvg3WYnxDFuV7kOR4RcKvP+mm4y0YrgvAV9zP
hEY0HMhl5l1QPeXBLaotbp6dnt3dh2vIcTYvFEnfs/NGghyllUUvtUyjjVDaBkIM
8M9PBrLB+Xsnk1fI7YMube063g4wV42WwzTFS/E5bhfM9f1TlGtkFhRyIGcdWDPd
AfCliR6rmvzJPkWiSee99SV5t3PJyfIp6e0/cWLJ/Oo3GsBCriNVDb3mZTG6a4p7
YLuXFB2SlZnc4iu5CjCEC3Rb/fyArxhYuljBN6rOl4wu/8VFXZRj
-----END CERTIFICATE-----
Generated at Tue Oct 29 11:58:33 2024 by rpki-client on console-ams.rpki-client.org