Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xl-1hP-n78ExY2ZA_cegY4By1Z4.roa
File: xl-1hP-n78ExY2ZA_cegY4By1Z4.roa (raw, json)
Hash identifier: 01Uoeict8rXjOW7t+TzVWJzziemMEzsj9nu3c1ZGzCw=
Subject key identifier: C6:5F:B5:84:FF:A7:EF:C1:31:63:66:40:FD:C7:A0:63:80:72:D5:9E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC501377613617BF4F93FB8DBB0258D78
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xl-1hP-n78ExY2ZA_cegY4By1Z4.roa
Signing time: Mon 01 Jan 2024 12:30:40 +0000
ROA not before: Mon 01 Jan 2024 12:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 996
IP address blocks: 88.216.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 01:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:37:76:13:61:7b:f4:f9:3f:b8:db:b0:25:8d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c65fb584ffa7efc131636640fdc7a0638072d59e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:eb:8a:4a:73:94:46:0c:41:e3:55:d0:6e:c7:
ce:23:1c:8f:b2:f4:8e:d1:bb:31:d6:83:df:c8:db:
b3:7d:04:64:92:95:14:82:62:76:b6:92:dd:47:ea:
f6:8e:27:9f:16:81:95:77:53:9b:aa:62:b2:08:78:
4c:2b:c4:49:77:fb:be:26:82:41:29:8f:9d:14:d2:
6c:cc:c6:67:db:ce:64:2e:79:43:e7:50:d0:55:e7:
ca:08:9d:90:09:6c:6b:c6:22:5a:83:96:03:ed:a8:
11:26:e4:b1:c4:22:21:12:e4:05:24:c6:26:b0:40:
5b:11:3d:4d:89:c5:5e:25:58:ec:df:cc:0a:3c:c6:
1a:1c:4d:5b:f5:62:7f:e9:69:5f:c5:09:0d:68:b6:
21:ff:94:49:9f:54:ad:35:78:ac:48:1c:a0:7b:b3:
6b:09:4f:81:a3:23:ef:71:7f:f5:53:7f:b1:2a:76:
43:06:aa:99:86:c8:8a:f6:ad:79:ac:0d:28:c0:2a:
1d:9f:65:a0:5b:58:8b:0a:b8:09:1e:41:85:39:4c:
d6:06:f6:e6:33:c0:43:1d:76:cf:0a:05:fc:e8:d5:
a4:3d:fc:84:62:00:ae:01:a3:86:04:b4:bf:ff:04:
cf:a1:14:cf:bc:2f:51:9e:e1:b1:6e:00:1b:56:8a:
66:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:5F:B5:84:FF:A7:EF:C1:31:63:66:40:FD:C7:A0:63:80:72:D5:9E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xl-1hP-n78ExY2ZA_cegY4By1Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.129.0/24
Signature Algorithm: sha256WithRSAEncryption
70:5d:92:72:15:84:62:a6:01:2d:88:29:86:f8:12:f5:7f:8a:
7c:dc:63:47:e1:e9:00:23:7e:f8:46:5c:9c:f8:c0:88:4e:ea:
c1:d9:7e:5c:6c:cc:96:61:67:53:11:ca:28:b8:7b:7a:cc:a7:
af:a1:1f:29:aa:84:1e:3f:9a:b1:07:de:42:10:17:a8:32:df:
5a:78:6f:e1:8e:99:2f:4d:87:79:f0:1b:f7:d0:60:5e:1d:b4:
45:79:23:77:43:71:a6:a0:45:68:ac:7b:10:dd:74:68:7a:f3:
af:01:ea:2a:ec:22:44:4f:31:98:46:f4:df:d5:0b:a9:ff:cf:
11:33:6c:7f:aa:4d:42:f1:e0:ba:e7:8f:aa:f8:b8:d9:4d:40:
32:a9:4e:01:36:fa:a7:cc:45:84:92:80:2c:03:cf:4c:5f:53:
30:89:bd:55:1e:a0:0c:af:be:19:2b:7b:7a:02:c3:f8:cb:3d:
3b:52:f9:03:93:1f:43:b4:9d:02:bd:4d:93:0b:94:c8:b8:5d:
06:8d:f5:cd:60:01:4e:c9:61:c8:13:16:fb:e7:55:b8:2c:21:
d7:52:93:a2:64:60:1f:46:54:ea:a9:50:be:0e:98:2c:24:7a:
8f:ad:28:12:b4:22:83:60:5a:9a:7b:f7:31:ff:a3:ce:e3:dd:
b0:89:ee:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFATd2E2F79Pk/uNuwJY14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjVmYjU4NGZmYTdlZmMxMzE2MzY2NDBmZGM3YTA2MzgwNzJkNTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+uKSnOURgxB41XQbsfOIxyPsvSO
0bsx1oPfyNuzfQRkkpUUgmJ2tpLdR+r2jiefFoGVd1ObqmKyCHhMK8RJd/u+JoJB
KY+dFNJszMZn285kLnlD51DQVefKCJ2QCWxrxiJag5YD7agRJuSxxCIhEuQFJMYm
sEBbET1NicVeJVjs38wKPMYaHE1b9WJ/6WlfxQkNaLYh/5RJn1StNXisSByge7Nr
CU+BoyPvcX/1U3+xKnZDBqqZhsiK9q15rA0owCodn2WgW1iLCrgJHkGFOUzWBvbm
M8BDHXbPCgX86NWkPfyEYgCuAaOGBLS//wTPoRTPvC9RnuGxbgAbVopmKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZftYT/p+/BMWNmQP3HoGOActWeMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveGwtMWhQLW43OEV4WTJaQV9jZWdZNEJ5MVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNiBMA0G
CSqGSIb3DQEBCwUAA4IBAQBwXZJyFYRipgEtiCmG+BL1f4p83GNH4ekAI374Rlyc
+MCITurB2X5cbMyWYWdTEcoouHt6zKevoR8pqoQeP5qxB95CEBeoMt9aeG/hjpkv
TYd58Bv30GBeHbRFeSN3Q3GmoEVorHsQ3XRoevOvAeoq7CJETzGYRvTf1Qup/88R
M2x/qk1C8eC654+q+LjZTUAyqU4BNvqnzEWEkoAsA89MX1Mwib1VHqAMr74ZK3t6
AsP4yz07UvkDkx9DtJ0CvU2TC5TIuF0GjfXNYAFOyWHIExb751W4LCHXUpOiZGAf
RlTqqVC+DpgsJHqPrSgStCKDYFqae/cx/6PO492wie58
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:02:53 2024 by rpki-client on console-ams.rpki-client.org