Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/22RVKoMDBQK6q3xSPqrUShtmn_M.roa
File: 22RVKoMDBQK6q3xSPqrUShtmn_M.roa (raw, json)
Hash identifier: aXGYkpw1xgWt48EP60T84gPVnn7/cc1nMJgPOwXMB3M=
Subject key identifier: DB:64:55:2A:83:03:05:02:BA:AB:7C:52:3E:AA:D4:4A:1B:66:9F:F3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186822A54704324A3978A25A5B52113B59F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/22RVKoMDBQK6q3xSPqrUShtmn_M.roa
Signing time: Fri 24 Feb 2023 06:44:17 +0000
ROA not before: Fri 24 Feb 2023 06:44:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.63.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
84.32.32.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Mar 2023 07:05:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:2a:54:70:43:24:a3:97:8a:25:a5:b5:21:13:b5:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 24 06:44:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db64552a83030502baab7c523eaad44a1b669ff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b5:76:d9:e9:ab:5d:d6:d5:1e:e3:f7:29:a2:
ff:98:99:1b:b2:a2:67:e2:3c:08:64:7e:34:71:61:
1a:06:de:45:c8:80:89:c5:39:e7:49:e2:25:a1:7b:
d7:f5:a8:dd:e3:53:d9:24:6a:22:57:6b:64:1c:11:
1a:e7:a2:35:7f:27:aa:39:c1:7e:2f:3e:99:02:57:
34:af:ff:8d:6f:23:b4:90:1a:f9:7e:f6:7c:bf:53:
29:7c:6a:38:e4:31:85:e2:2a:c0:09:1f:d8:1e:ae:
e5:39:36:ba:e8:20:90:07:0a:43:e7:a7:2b:7a:ff:
a6:24:21:f2:83:92:be:79:37:a7:56:c7:b1:4f:cc:
38:a1:7b:60:66:a2:06:4e:1d:64:23:e6:fa:89:04:
f7:f0:bf:85:62:1e:aa:78:b5:14:7c:c4:cd:96:4e:
70:42:cf:52:5e:b4:86:08:bc:cd:fd:f2:20:c2:6f:
05:95:0f:c8:71:de:9b:ed:e5:68:ad:c8:af:02:a3:
ea:6a:b3:dd:50:b2:2f:60:e5:cb:c2:56:aa:0a:6d:
5c:4c:3e:b4:f3:df:66:f1:a4:42:39:23:83:d2:b9:
d2:af:d9:6d:7a:a0:68:70:ae:e5:7e:80:af:e5:48:
3b:29:71:69:e5:87:85:4d:73:d9:50:70:27:85:13:
01:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:64:55:2A:83:03:05:02:BA:AB:7C:52:3E:AA:D4:4A:1B:66:9F:F3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/22RVKoMDBQK6q3xSPqrUShtmn_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.32.0/24
84.32.63.0/24
84.32.95.0/24
88.216.2.0/24
88.216.34.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
61:cf:78:c5:06:31:71:e1:b0:95:5e:e4:6d:c6:da:c8:35:95:
c0:41:18:22:dd:93:10:bf:db:a3:e7:b8:61:69:fd:27:46:bf:
8a:0b:bc:a6:f1:a2:b8:30:60:ad:cf:cf:50:a5:9c:08:30:5e:
6f:b5:76:90:e0:00:ae:b6:4a:67:2e:18:d7:e3:2c:cc:90:93:
19:9a:bb:da:cc:62:77:59:46:74:a3:cc:08:87:df:88:24:39:
d4:af:35:7d:77:e3:b3:66:ef:72:d9:14:2f:26:c2:54:ee:ba:
4a:20:72:d2:19:82:c2:17:0a:cc:50:da:76:94:d0:98:62:f4:
5d:47:b2:48:a6:da:e6:0f:0d:1a:42:a3:7a:11:87:ae:2a:08:
a3:d1:1a:cc:98:41:29:9e:86:20:1d:e2:67:cb:73:ee:27:d1:
9f:5d:70:f1:36:c6:ac:0a:4c:9a:68:83:36:1b:53:d8:b7:db:
fa:df:46:d8:b4:d7:56:68:c5:ad:81:6a:6f:6d:0d:55:dc:cf:
19:3f:13:30:13:d4:ed:6f:b0:d5:ce:75:56:12:69:5c:ea:8e:
fc:ca:b1:9e:05:8a:c2:9f:36:f2:85:63:b7:bf:12:16:fe:0c:
57:73:df:b7:1d:a7:e6:5a:de:d1:5b:91:a5:6d:7e:ae:f4:f0:
b8:81:b4:c2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYaCKlRwQySjl4olpbUhE7WfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjI0MDY0NDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjY0NTUyYTgzMDMwNTAyYmFhYjdjNTIzZWFhZDQ0YTFiNjY5ZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbV22emrXdbVHuP3KaL/mJkbsqJn
4jwIZH40cWEaBt5FyICJxTnnSeIloXvX9ajd41PZJGoiV2tkHBEa56I1fyeqOcF+
Lz6ZAlc0r/+NbyO0kBr5fvZ8v1MpfGo45DGF4irACR/YHq7lOTa66CCQBwpD56cr
ev+mJCHyg5K+eTenVsexT8w4oXtgZqIGTh1kI+b6iQT38L+FYh6qeLUUfMTNlk5w
Qs9SXrSGCLzN/fIgwm8FlQ/Icd6b7eVorcivAqPqarPdULIvYOXLwlaqCm1cTD60
899m8aRCOSOD0rnSr9lteqBocK7lfoCv5Ug7KXFp5YeFTXPZUHAnhRMBEwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNtkVSqDAwUCuqt8Uj6q1EobZp/zMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMjJSVktvTURCUUs2cTN4U1BxclVTaHRtbl9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCAgAwQA
VCA/AwQAVCBfAwQAWNgCAwQAWNgiAwQAWNjFMA0GCSqGSIb3DQEBCwUAA4IBAQBh
z3jFBjFx4bCVXuRtxtrINZXAQRgi3ZMQv9uj57hhaf0nRr+KC7ym8aK4MGCtz89Q
pZwIMF5vtXaQ4ACutkpnLhjX4yzMkJMZmrvazGJ3WUZ0o8wIh9+IJDnUrzV9d+Oz
Zu9y2RQvJsJU7rpKIHLSGYLCFwrMUNp2lNCYYvRdR7JIptrmDw0aQqN6EYeuKgij
0RrMmEEpnoYgHeJny3PuJ9GfXXDxNsasCkyaaIM2G1PYt9v630bYtNdWaMWtgWpv
bQ1V3M8ZPxMwE9Ttb7DVznVWEmlc6o78yrGeBYrCnzbyhWO3vxIW/gxXc9+3Hafm
Wt7RW5GlbX6u9PC4gbTC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org