Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3A9A3r9GRUYSPL9GSAlu8kfYKls.roa
File: 3A9A3r9GRUYSPL9GSAlu8kfYKls.roa (raw, json)
Hash identifier: 3Ttdamb2wbRCsjjoIX7YhMTF5gDSZ1sgUBIpGZ2iFAQ=
Subject key identifier: DC:0F:40:DE:BF:46:45:46:12:3C:BF:46:48:09:6E:F2:47:D8:2A:5B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186703F8DFF2D6C0717B5759EA8C620D1BD
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3A9A3r9GRUYSPL9GSAlu8kfYKls.roa
Signing time: Mon 20 Feb 2023 19:14:18 +0000
ROA not before: Mon 20 Feb 2023 19:14:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
88.216.213.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.214.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.36.0/24 maxlen: 24
88.216.252.0/22 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Mar 2023 10:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:70:3f:8d:ff:2d:6c:07:17:b5:75:9e:a8:c6:20:d1:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 20 19:14:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc0f40debf464546123cbf4648096ef247d82a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:41:89:3c:19:29:85:72:82:00:16:45:98:df:
a7:6d:b1:ef:0d:b2:07:e4:82:28:ea:54:3d:1a:28:
89:76:99:96:ed:d2:ed:92:10:fd:7a:7b:c4:a3:13:
61:c9:13:ed:75:25:eb:71:3f:b6:8a:60:03:ca:98:
ea:ef:b7:c8:df:ca:ae:e4:18:d3:f0:08:fe:60:53:
e0:00:a2:ac:c9:d6:55:21:a3:55:d7:72:c7:c2:47:
b2:8f:b0:67:d8:d8:ac:d0:3e:81:03:d4:fe:01:1e:
c4:8a:97:99:54:8e:98:e3:5b:d9:a8:3e:00:b2:4c:
de:a1:28:62:71:5d:61:61:cd:ba:cb:81:bf:8f:86:
8b:50:c7:3c:a8:4d:ba:c0:80:e4:7b:99:ea:f2:cf:
36:32:c4:e3:2b:30:23:7e:35:16:3c:a8:55:c3:c6:
f0:69:41:f5:59:8d:4c:35:f4:f0:a8:27:af:36:47:
cf:5b:43:48:b9:bb:ce:5d:25:75:93:8e:9f:81:e0:
78:31:d6:a9:53:99:03:06:10:c9:51:fd:3b:fc:54:
8b:cc:92:9d:82:e4:99:82:cd:91:fb:ed:3b:5a:41:
5f:55:cb:64:49:29:a4:dc:c0:b0:ff:49:23:9f:d1:
f4:3f:c3:d3:07:7b:42:a1:8c:71:21:0d:a6:24:c9:
4d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:0F:40:DE:BF:46:45:46:12:3C:BF:46:48:09:6E:F2:47:D8:2A:5B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3A9A3r9GRUYSPL9GSAlu8kfYKls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.42.0/24
84.32.52.0/22
88.216.20.0/24
88.216.36.0/24
88.216.40.0/24
88.216.43.0/24
88.216.98.0/24
88.216.213.0-88.216.214.255
88.216.240.0/21
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
54:1b:69:92:51:d3:ab:23:36:a9:ab:98:32:57:22:b5:38:25:
fe:ed:1d:d8:bd:8a:bc:95:fd:58:df:8e:4c:2a:a5:37:bc:44:
f7:4f:c7:b3:29:a2:04:98:61:b7:b6:d8:79:00:08:df:74:78:
bf:bc:a8:bc:52:7d:d8:f2:95:e5:13:bb:99:15:55:76:69:a4:
4f:91:b0:d1:30:5d:ec:da:3f:69:7c:a1:20:e8:95:4e:e4:05:
01:bf:1c:ff:d5:8c:75:32:e2:3e:38:ef:34:c1:b8:14:51:b6:
b8:39:af:de:21:5b:63:41:c9:cd:4f:af:96:5c:bc:c9:6b:10:
62:38:f7:ee:7a:bf:de:1b:2e:41:61:00:70:81:7c:4f:41:27:
d7:49:c9:84:ab:f5:5b:e6:2b:01:1c:33:e1:17:bf:63:07:27:
46:94:85:2e:10:93:42:98:08:d4:fa:d6:d8:80:2b:9c:71:00:
7d:b7:83:ab:b5:e3:e3:2e:9a:63:13:54:76:5b:f4:7d:f3:57:
df:2a:b3:58:4a:5b:d0:e9:c3:c7:77:33:0d:fe:21:37:b2:c5:
b2:17:77:ac:8f:8b:d7:db:9b:99:d4:8c:eb:e1:90:9a:99:87:
54:51:04:0c:9e:d9:39:5d:72:86:38:69:77:32:42:b0:3f:19:
fd:a9:9f:b8
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYZwP43/LWwHF7V1nqjGING9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIwMTkxNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzBmNDBkZWJmNDY0NTQ2MTIzY2JmNDY0ODA5NmVmMjQ3ZDgyYTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EGJPBkphXKCABZFmN+nbbHvDbIH
5IIo6lQ9GiiJdpmW7dLtkhD9envEoxNhyRPtdSXrcT+2imADypjq77fI38qu5BjT
8Aj+YFPgAKKsydZVIaNV13LHwkeyj7Bn2Nis0D6BA9T+AR7EipeZVI6Y41vZqD4A
skzeoShicV1hYc26y4G/j4aLUMc8qE26wIDke5nq8s82MsTjKzAjfjUWPKhVw8bw
aUH1WY1MNfTwqCevNkfPW0NIubvOXSV1k46fgeB4MdapU5kDBhDJUf07/FSLzJKd
guSZgs2R++07WkFfVctkSSmk3MCw/0kjn9H0P8PTB3tCoYxxIQ2mJMlN1wIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFNwPQN6/RkVGEjy/RkgJbvJH2CpbMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvM0E5QTNyOUdSVVlTUEw5R1NBbHU4a2ZZS2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAVCAGAwQA
VCAqAwQCVCA0AwQAWNgUAwQAWNgkAwQAWNgoAwQAWNgrAwQAWNhiMAwDBABY2NUD
BABY2NYDBANY2PADBAJY2PwwDQYJKoZIhvcNAQELBQADggEBAFQbaZJR06sjNqmr
mDJXIrU4Jf7tHdi9iryV/VjfjkwqpTe8RPdPx7MpogSYYbe22HkACN90eL+8qLxS
fdjyleUTu5kVVXZppE+RsNEwXezaP2l8oSDolU7kBQG/HP/VjHUy4j447zTBuBRR
trg5r94hW2NByc1Pr5ZcvMlrEGI49+56v94bLkFhAHCBfE9BJ9dJyYSr9VvmKwEc
M+EXv2MHJ0aUhS4Qk0KYCNT61tiAK5xxAH23g6u14+MummMTVHZb9H3zV98qs1hK
W9Dpw8d3Mw3+ITeyxbIXd6yPi9fbm5nUjOvhkJqZh1RRBAye2TldcoY4aXcyQrA/
Gf2pn7g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org