Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/4Y2HIAXwCGHizqdTt460dKCuNs4.roa
File: 4Y2HIAXwCGHizqdTt460dKCuNs4.roa (raw, json)
Hash identifier: ly49Dwn0CCHSTZuTrEvE7rkuJ4frGKb6kh6Po4OjlkI=
Subject key identifier: E1:8D:87:20:05:F0:08:61:E2:CE:A7:53:B7:8E:B4:74:A0:AE:36:CE
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018570F0CBF5A6A30FC2EB8FEC75E74F8B35
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/4Y2HIAXwCGHizqdTt460dKCuNs4.roa
Signing time: Mon 02 Jan 2023 05:25:07 +0000
ROA not before: Mon 02 Jan 2023 05:25:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210587
IP address blocks: 88.220.138.0/24 maxlen: 24
2a00:4120:8005::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:cb:f5:a6:a3:0f:c2:eb:8f:ec:75:e7:4f:8b:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 2 05:25:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e18d872005f00861e2cea753b78eb474a0ae36ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:37:62:5c:b7:c4:a2:a9:7c:d8:f1:1f:ed:52:
35:f7:79:fa:4c:f9:59:9f:ce:2a:1c:e1:98:b6:b1:
e2:5a:fd:f0:ee:9a:24:eb:a3:62:3d:97:a3:5a:00:
13:6b:4f:53:42:03:94:1e:74:c2:cc:50:23:68:c9:
3e:e2:6b:11:c9:a3:36:c7:db:ea:03:aa:05:ed:2a:
46:aa:33:d9:93:13:73:b0:08:24:8f:aa:80:e2:b7:
de:23:7f:4c:82:1b:70:4b:af:a9:76:98:79:1c:aa:
b9:f7:1b:3c:71:9f:fc:f3:be:2b:ee:ce:d4:13:24:
91:ea:db:4e:16:d8:5d:9f:4f:7b:4f:d3:14:72:17:
d6:c9:6e:43:78:a3:e6:3f:60:90:bd:75:86:d3:1c:
9d:66:99:bd:86:5c:ed:a3:49:9b:80:ef:6e:cc:82:
97:57:93:69:a6:3c:e9:b1:d2:52:34:7e:28:e5:2a:
c0:3b:1b:39:cf:4d:75:ff:01:d6:a2:05:03:30:95:
c4:b0:eb:f8:b7:f8:38:db:e8:4b:e3:ba:61:cc:5d:
81:f7:a1:24:ed:a9:54:15:3f:f5:dc:7a:b6:76:9f:
46:ca:45:86:bd:2c:90:60:79:07:2a:d0:58:96:bf:
5f:f1:b4:6e:a9:59:cf:f3:1b:1d:05:2a:79:fb:48:
90:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8D:87:20:05:F0:08:61:E2:CE:A7:53:B7:8E:B4:74:A0:AE:36:CE
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/4Y2HIAXwCGHizqdTt460dKCuNs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.138.0/24
IPv6:
2a00:4120:8005::/48
Signature Algorithm: sha256WithRSAEncryption
4b:d9:d0:f2:ea:0d:39:a1:25:08:fd:de:d5:52:5f:b6:2d:b3:
2f:4c:c4:df:6d:75:9a:2b:44:5a:7e:b6:cd:52:95:d9:46:4e:
d7:a3:3a:08:5f:d8:da:19:f2:50:92:7d:5e:91:f5:9d:a3:27:
26:7b:c5:d4:e9:53:75:84:f1:3b:6e:23:0f:22:bc:2e:cf:bb:
22:c7:2c:b9:cf:e2:ad:f4:6e:2b:27:44:f0:54:a0:e9:b5:1f:
4d:1f:d0:fd:06:ed:8f:76:47:85:89:8d:46:bb:81:83:19:0f:
a7:5e:af:66:1d:47:9f:f0:37:5b:81:da:08:de:86:1c:95:d7:
24:21:50:e2:31:32:aa:30:37:60:94:3c:88:4c:5f:a1:84:ff:
51:4c:e6:a5:6c:c0:44:cd:e3:6b:5d:cc:4e:c2:34:11:e4:ca:
7c:a0:3d:9b:62:0a:20:cb:09:90:50:6b:63:1a:5c:30:d8:ee:
62:3f:7f:40:aa:ba:b5:6e:d8:52:65:7f:36:1c:21:41:73:28:
bb:45:d4:c1:88:26:7b:15:00:45:35:5f:00:88:4b:a8:14:00:
04:0e:3f:97:af:37:70:b8:fe:1a:77:9f:b5:cc:33:e5:8c:f8:
e9:13:8c:49:70:d9:5b:c7:1b:65:b8:46:69:ac:71:50:d6:11:
2d:d0:14:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVw8Mv1pqMPwuuP7HXnT4s1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMTAyMDUyNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMThkODcyMDA1ZjAwODYxZTJjZWE3NTNiNzhlYjQ3NGEwYWUzNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTdiXLfEoql82PEf7VI193n6TPlZ
n84qHOGYtrHiWv3w7pok66NiPZejWgATa09TQgOUHnTCzFAjaMk+4msRyaM2x9vq
A6oF7SpGqjPZkxNzsAgkj6qA4rfeI39MghtwS6+pdph5HKq59xs8cZ/8874r7s7U
EySR6ttOFthdn097T9MUchfWyW5DeKPmP2CQvXWG0xydZpm9hlzto0mbgO9uzIKX
V5NppjzpsdJSNH4o5SrAOxs5z011/wHWogUDMJXEsOv4t/g42+hL47phzF2B96Ek
7alUFT/13Hq2dp9GykWGvSyQYHkHKtBYlr9f8bRuqVnP8xsdBSp5+0iQhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOGNhyAF8Ahh4s6nU7eOtHSgrjbOMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvNFkySElBWHdDR0hpenFkVHQ0NjBkS0N1TnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWNyKMA8E
AgACMAkDBwAqAEEggAUwDQYJKoZIhvcNAQELBQADggEBAEvZ0PLqDTmhJQj93tVS
X7Ytsy9MxN9tdZorRFp+ts1SldlGTtejOghf2NoZ8lCSfV6R9Z2jJyZ7xdTpU3WE
8TtuIw8ivC7PuyLHLLnP4q30bisnRPBUoOm1H00f0P0G7Y92R4WJjUa7gYMZD6de
r2YdR5/wN1uB2gjehhyV1yQhUOIxMqowN2CUPIhMX6GE/1FM5qVswETN42tdzE7C
NBHkynygPZtiCiDLCZBQa2MaXDDY7mI/f0CqurVu2FJlfzYcIUFzKLtF1MGIJnsV
AEU1XwCIS6gUAAQOP5evN3C4/hp3n7XMM+WM+OkTjElw2VvHG2W4RmmscVDWES3Q
FIc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:20 2024 by rpki-client on console-ams.rpki-client.org