Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/06Vc0omYzi0ImL84Q0MfR0Ywmfs.roa
File: 06Vc0omYzi0ImL84Q0MfR0Ywmfs.roa (raw, json)
Hash identifier: ChzZyYRD/ZiiOv/gp0b27ZnB9/zz6CsiFzfEPZajd1o=
Subject key identifier: D3:A5:5C:D2:89:98:CE:2D:08:98:BF:38:43:43:1F:47:46:30:99:FB
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018B19EFEC1CFE562B6718FD7042B8E90F2D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/06Vc0omYzi0ImL84Q0MfR0Ywmfs.roa
Signing time: Tue 10 Oct 2023 14:13:55 +0000
ROA not before: Tue 10 Oct 2023 14:13:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 84.32.67.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
88.216.240.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:ef:ec:1c:fe:56:2b:67:18:fd:70:42:b8:e9:0f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 10 14:13:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3a55cd28998ce2d0898bf3843431f47463099fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9f:10:28:34:97:7a:e5:f9:0e:d2:08:23:01:
5e:9c:b5:3c:39:66:01:32:38:bc:85:4c:3b:23:8a:
65:45:1c:be:76:9a:5e:53:b9:b1:5e:37:cf:ee:4a:
e7:32:4d:7e:93:f9:54:04:c1:dc:19:6e:da:f2:84:
9b:c2:ff:f0:d2:50:4a:51:d5:d4:9f:bf:f7:5a:52:
01:99:39:df:ec:ad:29:d7:07:6a:7d:c7:cb:ec:05:
e1:91:31:30:0c:dc:ce:04:dd:14:2f:af:4d:c8:b1:
cc:12:e0:3c:59:73:1a:ef:2d:5e:da:69:2b:e0:5a:
24:8c:d8:14:55:9c:d5:43:21:fe:1f:26:29:74:87:
7d:55:1b:4d:dd:3b:76:d1:31:6f:47:9c:43:a6:be:
5c:05:ce:cf:17:1b:57:2d:23:dd:be:d3:9e:38:5b:
a9:46:4c:c7:c7:20:29:40:97:3e:ec:d2:6d:a9:9c:
e9:22:c6:69:32:1c:17:9e:9d:3d:d6:ba:61:cb:26:
22:79:f6:c3:12:f6:80:53:3c:c2:a5:b0:f7:18:18:
0d:a8:07:a4:a5:c5:76:13:6b:e7:ba:06:90:cb:d4:
80:63:08:ae:8a:39:c2:4b:ef:e8:52:c3:13:f4:e8:
25:fd:8b:0f:79:89:a6:5c:d4:ae:4c:d4:3a:64:6c:
23:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A5:5C:D2:89:98:CE:2D:08:98:BF:38:43:43:1F:47:46:30:99:FB
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/06Vc0omYzi0ImL84Q0MfR0Ywmfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.67.0/24
84.32.225.0/24
88.216.240.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:95:6f:b8:7c:7b:9b:61:3e:2b:12:b2:bb:f5:84:6c:87:14:
d8:7e:d6:9b:ac:59:e3:96:90:1a:a7:d3:da:cd:a7:61:a7:39:
37:e9:10:cf:bd:b8:b0:68:2c:e4:74:b7:e8:b4:12:c4:00:8c:
6c:2b:91:41:5a:3c:2f:d3:e4:47:d4:db:aa:c4:c3:73:fd:a9:
97:f8:1e:e8:44:b2:8b:2e:be:c1:43:c8:89:c2:44:5e:78:5e:
de:83:8e:37:27:40:15:c0:a4:6d:93:bc:60:d8:ae:26:5b:5e:
97:ea:dc:98:eb:fa:e4:c9:5d:fc:1a:f2:04:01:20:76:51:f9:
12:a4:e0:63:64:54:16:07:34:9b:87:a8:67:43:74:11:8b:43:
61:c6:7f:9d:f7:7c:a4:42:3c:c4:19:46:bb:d8:f4:49:35:a1:
c0:9a:ef:97:fd:cc:98:32:5e:8b:4a:8c:60:e3:f8:08:de:ce:
dd:a1:00:6d:9d:f7:96:90:f3:22:92:96:ef:fa:ff:a4:51:75:
e7:c1:d1:eb:a1:fd:06:35:d7:df:34:59:69:54:88:ed:38:2e:
ec:e2:c1:cd:db:d2:2a:84:15:67:f6:10:53:ee:0c:63:16:f7:
2d:b6:e8:ae:68:62:74:e4:9c:fa:c9:d0:b0:39:39:f7:99:b4:
82:c6:04:44
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsZ7+wc/lYrZxj9cEK46Q8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDEwMTQxMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2E1NWNkMjg5OThjZTJkMDg5OGJmMzg0MzQzMWY0NzQ2MzA5OWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3p8QKDSXeuX5DtIIIwFenLU8OWYB
Mji8hUw7I4plRRy+dppeU7mxXjfP7krnMk1+k/lUBMHcGW7a8oSbwv/w0lBKUdXU
n7/3WlIBmTnf7K0p1wdqfcfL7AXhkTEwDNzOBN0UL69NyLHMEuA8WXMa7y1e2mkr
4FokjNgUVZzVQyH+HyYpdId9VRtN3Tt20TFvR5xDpr5cBc7PFxtXLSPdvtOeOFup
RkzHxyApQJc+7NJtqZzpIsZpMhwXnp091rphyyYiefbDEvaAUzzCpbD3GBgNqAek
pcV2E2vnugaQy9SAYwiuijnCS+/oUsMT9Ogl/YsPeYmmXNSuTNQ6ZGwjDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNOlXNKJmM4tCJi/OENDH0dGMJn7MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMDZWYzBvbVl6aTBJbUw4NFEwTWZSMFl3bWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCBDAwQA
VCDhAwQDWNjwMA0GCSqGSIb3DQEBCwUAA4IBAQCKlW+4fHubYT4rErK79YRshxTY
ftabrFnjlpAap9Pazadhpzk36RDPvbiwaCzkdLfotBLEAIxsK5FBWjwv0+RH1Nuq
xMNz/amX+B7oRLKLLr7BQ8iJwkReeF7eg443J0AVwKRtk7xg2K4mW16X6tyY6/rk
yV38GvIEASB2UfkSpOBjZFQWBzSbh6hnQ3QRi0Nhxn+d93ykQjzEGUa72PRJNaHA
mu+X/cyYMl6LSoxg4/gI3s7doQBtnfeWkPMikpbv+v+kUXXnwdHrof0GNdffNFlp
VIjtOC7s4sHN29IqhBVn9hBT7gxjFvcttuiuaGJ05Jz6ydCwOTn3mbSCxgRE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:23 2024 by rpki-client on console-ams.rpki-client.org