Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1--kEIwtnhxtDjclvpnOzhlLnii0.roa
File: 1--kEIwtnhxtDjclvpnOzhlLnii0.roa (raw, json)
Hash identifier: h2Lkvl/fkc9R0Tp/yuTaVJxvk5/JOyZB1x/uvckE+qM=
Subject key identifier: FB:E9:04:23:0B:67:87:1B:43:8D:C9:6F:A6:73:B3:86:52:E7:8A:2D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01867CF37CCE0E52B26C25CCB961DB8EB24D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1--kEIwtnhxtDjclvpnOzhlLnii0.roa
Signing time: Thu 23 Feb 2023 06:26:17 +0000
ROA not before: Thu 23 Feb 2023 06:26:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 84.32.208.0/23 maxlen: 24
88.216.208.0/24 maxlen: 24
88.216.108.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 05:45:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7c:f3:7c:ce:0e:52:b2:6c:25:cc:b9:61:db:8e:b2:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 23 06:26:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbe904230b67871b438dc96fa673b38652e78a2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ca:80:3b:3b:81:7c:a5:a2:1b:85:d5:f0:45:
72:7f:38:81:8b:66:21:a9:15:8b:43:c3:8e:09:89:
17:0f:e9:7c:c2:62:c7:55:9c:80:d7:16:d5:e8:20:
a0:02:88:92:92:2c:58:1e:91:5c:8d:4e:c7:59:8a:
89:82:21:4a:50:5a:11:66:a6:f1:88:5e:ea:0c:f9:
2b:16:a6:10:67:fc:3e:ac:04:de:a8:da:a2:8a:4a:
ea:e5:94:36:04:e1:f4:16:27:95:49:0a:c9:30:f4:
97:25:08:c3:ca:43:04:b1:54:90:88:96:bc:dc:77:
86:1e:7a:d0:f6:1a:7a:1a:df:f3:b5:b6:52:8b:c8:
06:2c:d3:d2:ef:a3:df:49:96:b2:39:56:57:1a:80:
10:04:5d:c0:0b:02:89:d3:15:5c:bc:d9:eb:da:12:
43:24:13:11:83:1c:7a:61:3f:95:58:a0:ae:04:48:
7c:ff:46:de:82:f0:a9:ea:4a:4d:18:bf:1f:af:e4:
66:01:00:4c:f3:c5:24:2a:f1:a0:79:f5:04:21:92:
b3:05:c2:db:f8:25:f1:bd:eb:0e:05:31:f1:df:24:
eb:56:ab:80:f8:62:0c:d2:a3:61:ea:8b:e8:50:3c:
f1:c0:21:53:a9:11:54:b6:9c:6f:75:8e:86:53:af:
64:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E9:04:23:0B:67:87:1B:43:8D:C9:6F:A6:73:B3:86:52:E7:8A:2D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1--kEIwtnhxtDjclvpnOzhlLnii0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/22
84.32.27.0/24
84.32.208.0/23
84.32.246.0/23
88.216.108.0/24
88.216.208.0/24
Signature Algorithm: sha256WithRSAEncryption
64:1c:f6:d4:d8:70:a5:a8:7a:f0:9e:6a:86:c9:13:d6:f9:70:
7e:9c:5b:19:b1:cf:26:6f:46:e5:ca:e5:d9:41:77:9b:d9:8b:
ce:a2:84:6a:26:44:c3:be:2c:c3:82:ac:a5:00:ed:4a:04:ff:
2c:98:87:9a:c2:8b:36:1b:55:7c:fe:41:43:aa:ff:db:05:79:
c2:b8:8a:e5:7e:8a:61:f0:5c:0a:06:e1:59:1c:a5:c4:de:14:
e6:03:9b:89:fa:4f:51:ea:85:c1:f3:26:52:b1:2a:7e:f7:72:
a8:80:19:76:79:fb:06:93:e9:6a:9b:af:0c:2e:49:57:0d:c2:
89:b4:48:66:f0:9c:09:76:67:38:bc:8c:69:8a:60:e4:fb:ee:
9a:02:d5:5e:ab:f2:34:6a:a9:95:a7:e8:20:5e:21:ea:ac:9f:
13:6a:26:78:04:b8:a8:2e:bb:60:31:e8:ad:d8:ac:f6:1a:27:
fe:ab:f2:bc:f7:55:d5:71:5b:1c:67:fb:2f:a1:0d:30:6c:cb:
0b:4b:60:80:71:f1:cc:02:89:23:5e:02:65:9f:ad:65:be:57:
77:01:69:94:15:87:d6:80:ed:08:1d:44:42:35:42:59:24:38:
6c:31:39:4a:53:f0:d7:9e:ba:a9:e8:32:9f:5f:cc:e2:67:f3:
46:52:77:33
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYZ883zODlKybCXMuWHbjrJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIzMDYyNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmU5MDQyMzBiNjc4NzFiNDM4ZGM5NmZhNjczYjM4NjUyZTc4YTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksqAOzuBfKWiG4XV8EVyfziBi2Yh
qRWLQ8OOCYkXD+l8wmLHVZyA1xbV6CCgAoiSkixYHpFcjU7HWYqJgiFKUFoRZqbx
iF7qDPkrFqYQZ/w+rATeqNqiikrq5ZQ2BOH0FieVSQrJMPSXJQjDykMEsVSQiJa8
3HeGHnrQ9hp6Gt/ztbZSi8gGLNPS76PfSZayOVZXGoAQBF3ACwKJ0xVcvNnr2hJD
JBMRgxx6YT+VWKCuBEh8/0begvCp6kpNGL8fr+RmAQBM88UkKvGgefUEIZKzBcLb
+CXxvesOBTHx3yTrVquA+GIM0qNh6ovoUDzxwCFTqRFUtpxvdY6GU69kfwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPvpBCMLZ4cbQ43Jb6Zzs4ZS54otMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS0ta0VJd3RuaHh0RGpjbHZwbk96aGxMbmlpMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAlQgFAME
AFQgGwMEAVQg0AMEAVQg9gMEAFjYbAMEAFjY0DANBgkqhkiG9w0BAQsFAAOCAQEA
ZBz21Nhwpah68J5qhskT1vlwfpxbGbHPJm9G5crl2UF3m9mLzqKEaiZEw74sw4Ks
pQDtSgT/LJiHmsKLNhtVfP5BQ6r/2wV5wriK5X6KYfBcCgbhWRylxN4U5gObifpP
UeqFwfMmUrEqfvdyqIAZdnn7BpPpapuvDC5JVw3CibRIZvCcCXZnOLyMaYpg5Pvu
mgLVXqvyNGqplafoIF4h6qyfE2omeAS4qC67YDHordis9hon/qvyvPdV1XFbHGf7
L6ENMGzLC0tggHHxzAKJI14CZZ+tZb5XdwFplBWH1oDtCB1EQjVCWSQ4bDE5SlPw
1566qegyn1/M4mfzRlJ3Mw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org