Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/T64nL0D8HStHLpS9DXkeVg6mT-s.roa
File: T64nL0D8HStHLpS9DXkeVg6mT-s.roa (raw, json)
Hash identifier: 6Ppe7OMzcvtaX4QX63lQi38XYd3JmHyI33T/B4EGB9w=
Subject key identifier: 4F:AE:27:2F:40:FC:1D:2B:47:2E:94:BD:0D:79:1E:56:0E:A6:4F:EB
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018708B311ABCD928D5D7916F73E364C5C95
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/T64nL0D8HStHLpS9DXkeVg6mT-s.roa
Signing time: Wed 22 Mar 2023 09:42:45 +0000
ROA not before: Wed 22 Mar 2023 09:42:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48851
IP address blocks: 94.188.222.0/24 maxlen: 24
94.188.233.0/24 maxlen: 24
94.188.232.0/24 maxlen: 24
94.188.234.0/24 maxlen: 24
94.188.235.0/24 maxlen: 24
94.188.236.0/24 maxlen: 24
92.61.238.0/24 maxlen: 24
94.188.210.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:b3:11:ab:cd:92:8d:5d:79:16:f7:3e:36:4c:5c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Mar 22 09:42:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fae272f40fc1d2b472e94bd0d791e560ea64feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:35:99:e8:83:83:30:d7:b9:d6:a2:43:ff:f7:
69:3f:1c:a8:2f:8c:93:3e:38:b7:85:c0:48:7d:24:
01:7a:d8:d8:66:a2:7a:e3:ea:c1:81:93:61:db:42:
0e:67:23:cb:d6:01:d9:bd:10:7d:7e:a4:d7:47:58:
de:fd:27:4d:25:13:ac:e7:90:8f:4c:70:a6:fe:ec:
1d:25:16:80:ce:23:a5:34:c9:78:08:b3:d3:2e:88:
c6:cc:0c:54:2f:e2:cc:1a:b8:3d:42:51:e8:18:d6:
c8:b3:79:31:28:df:b4:24:31:d9:a0:3c:49:d3:d2:
89:53:d9:85:37:87:13:94:ac:d5:e3:04:68:d0:2d:
37:26:ba:95:c0:9b:62:52:1f:6e:64:ec:be:4b:a8:
e9:a1:a4:4a:e4:51:39:c8:33:17:c8:2e:ca:fc:9c:
e0:db:1b:6a:fb:9f:50:58:67:1c:4c:88:e8:be:f5:
5e:4a:3d:5c:3a:37:d0:67:84:bf:79:ec:48:e9:a0:
fd:66:61:03:88:c4:69:e7:91:ef:df:5d:e8:17:cb:
33:d0:7e:76:23:30:fa:8f:3f:c3:72:b6:c1:3c:b7:
75:bc:af:d5:1f:f4:0a:4b:20:4b:f0:d5:88:a6:98:
50:54:cf:8a:81:00:57:f5:25:a6:05:12:6e:46:88:
d7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:AE:27:2F:40:FC:1D:2B:47:2E:94:BD:0D:79:1E:56:0E:A6:4F:EB
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/T64nL0D8HStHLpS9DXkeVg6mT-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.61.238.0/24
94.188.210.0/24
94.188.222.0/24
94.188.232.0-94.188.236.255
Signature Algorithm: sha256WithRSAEncryption
08:d2:51:4d:6f:4d:dc:97:ff:38:50:5c:80:c4:78:f1:f5:85:
8c:70:50:ca:10:bc:cb:ed:1e:4e:23:d4:e7:22:d8:7f:2d:c5:
9f:80:f4:6a:b6:c6:c8:4f:34:d6:88:21:01:ed:aa:0f:9d:9b:
e5:fe:38:ff:81:5d:61:a4:b6:ea:62:42:ba:94:0d:af:85:9a:
e2:29:4f:49:23:01:60:b6:be:b6:4b:e4:82:06:c5:3b:a3:b2:
6f:f2:aa:04:8f:20:d1:ef:19:48:5a:92:51:3c:84:bf:b1:d6:
86:55:31:35:10:c1:e1:e0:9a:71:36:05:2b:3e:31:cc:71:33:
44:67:4b:f7:21:1a:db:e2:2f:6e:71:c4:68:e0:dd:2e:ba:a7:
73:65:aa:08:f8:2e:8d:84:b1:cf:21:83:53:39:f0:24:d3:08:
8c:9d:e4:44:64:d8:f9:c2:f4:bf:f5:f8:2d:b7:96:0a:92:2d:
f7:60:92:14:e1:0b:bd:dc:a9:b6:a8:63:a7:a8:04:b5:1a:82:
42:8f:fb:c5:07:07:f1:16:0e:98:eb:83:af:67:56:09:cc:ac:
9b:3b:c6:0c:67:ca:41:f8:59:2c:00:ee:cd:44:b6:22:66:58:
28:d8:17:78:dd:ad:36:a1:ec:cd:fa:12:99:c1:7d:09:c8:1d:
21:17:88:68
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYcIsxGrzZKNXXkW9z42TFyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjMwMzIyMDk0MjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmFlMjcyZjQwZmMxZDJiNDcyZTk0YmQwZDc5MWU1NjBlYTY0ZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTWZ6IODMNe51qJD//dpPxyoL4yT
Pji3hcBIfSQBetjYZqJ64+rBgZNh20IOZyPL1gHZvRB9fqTXR1je/SdNJROs55CP
THCm/uwdJRaAziOlNMl4CLPTLojGzAxUL+LMGrg9QlHoGNbIs3kxKN+0JDHZoDxJ
09KJU9mFN4cTlKzV4wRo0C03JrqVwJtiUh9uZOy+S6jpoaRK5FE5yDMXyC7K/Jzg
2xtq+59QWGccTIjovvVeSj1cOjfQZ4S/eexI6aD9ZmEDiMRp55Hv313oF8sz0H52
IzD6jz/DcrbBPLd1vK/VH/QKSyBL8NWIpphQVM+KgQBX9SWmBRJuRojX5wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFE+uJy9A/B0rRy6UvQ15HlYOpk/rMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvVDY0bkwwRDhIU3RITHBTOURYa2VWZzZtVC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAXD3uAwQA
XrzSAwQAXrzeMAwDBANevOgDBABevOwwDQYJKoZIhvcNAQELBQADggEBAAjSUU1v
TdyX/zhQXIDEePH1hYxwUMoQvMvtHk4j1Oci2H8txZ+A9Gq2xshPNNaIIQHtqg+d
m+X+OP+BXWGktupiQrqUDa+FmuIpT0kjAWC2vrZL5IIGxTujsm/yqgSPINHvGUha
klE8hL+x1oZVMTUQweHgmnE2BSs+McxxM0RnS/chGtviL25xxGjg3S66p3Nlqgj4
Lo2Esc8hg1M58CTTCIyd5ERk2PnC9L/1+C23lgqSLfdgkhThC73cqbaoY6eoBLUa
gkKP+8UHB/EWDpjrg69nVgnMrJs7xgxnykH4WSwA7s1EtiJmWCjYF3jdrTah7M36
EpnBfQnIHSEXiGg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:30 2024 by rpki-client on console-fra.rpki-client.org