Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3xjdNAlN2pAUgC1a9HsCvjfb2NU.roa
File: 3xjdNAlN2pAUgC1a9HsCvjfb2NU.roa (raw, json)
Hash identifier: Q0vLtLTTHbjxyybtJt4tTnTRzsGBqlituy6MWH+BCR8=
Subject key identifier: DF:18:DD:34:09:4D:DA:90:14:80:2D:5A:F4:7B:02:BE:37:DB:D8:D5
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018F71289907E228C69879580DBF94EAA032
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3xjdNAlN2pAUgC1a9HsCvjfb2NU.roa
Signing time: Mon 13 May 2024 08:53:56 +0000
ROA not before: Mon 13 May 2024 08:53:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.220.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 10:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:71:28:99:07:e2:28:c6:98:79:58:0d:bf:94:ea:a0:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 13 08:53:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df18dd34094dda9014802d5af47b02be37dbd8d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:12:ab:cf:b0:31:22:a9:85:6b:2e:6f:1f:53:
1d:4b:d3:89:b9:f0:89:0e:d3:60:92:4d:1b:6c:46:
c1:fa:9c:1c:37:b0:8b:40:4c:22:7e:4b:83:e9:6e:
15:4d:2c:fe:07:8f:fb:70:72:db:00:0d:46:7a:ae:
44:3d:2b:4c:90:da:f7:9b:da:de:5d:ff:ed:e3:9f:
34:4b:a0:69:02:a1:d6:7f:6f:96:ec:37:33:03:12:
e3:2a:61:73:71:04:ac:8c:33:36:da:77:22:d8:af:
5e:ba:d2:dc:8b:b6:8b:7a:7d:ca:30:99:b0:94:59:
01:2a:4c:e9:7e:61:4d:aa:58:fb:e5:49:ab:c4:0e:
06:f6:6a:2f:0c:e2:d7:9e:04:48:db:49:66:ed:54:
24:35:ff:4e:e8:42:25:79:64:58:d3:58:a6:1b:f8:
c5:cf:37:5a:03:64:eb:08:65:47:c8:54:e8:df:ce:
58:51:d7:be:f8:79:a8:84:f0:02:69:b1:ee:74:00:
f2:94:74:cb:f5:3a:89:67:44:cf:9c:77:21:37:b8:
62:39:4c:01:be:1c:12:8c:1c:e8:33:0f:a5:cb:f2:
37:2d:18:fc:14:fb:96:3c:60:87:9d:2c:79:75:8a:
d3:72:32:87:d4:47:27:2a:d7:7d:b7:78:ca:00:a7:
ab:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:18:DD:34:09:4D:DA:90:14:80:2D:5A:F4:7B:02:BE:37:DB:D8:D5
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3xjdNAlN2pAUgC1a9HsCvjfb2NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.220.0/24
84.32.244.0/22
88.216.22.0/23
88.216.39.0/24
88.216.44.0/23
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.188.0/22
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:a5:4e:cc:86:a7:16:c7:05:7d:73:fb:e0:05:b4:00:11:47:
a5:e1:3a:ee:d0:3d:f5:e9:84:62:dc:66:a9:51:b6:0e:d4:17:
1a:c4:de:db:43:9a:bf:91:6b:a6:1c:48:04:08:b0:8e:86:23:
1d:a7:4c:f5:23:0e:9d:a5:c5:af:32:45:56:3c:d7:0d:d5:05:
18:c2:22:b6:79:0c:ad:f9:3d:73:75:fd:66:db:52:32:d2:4d:
b1:4e:aa:5f:68:13:7d:3b:44:b9:34:cd:a5:34:fa:d5:b7:64:
30:00:e9:48:59:bc:0e:d4:bf:1c:68:ae:e9:50:09:6e:fb:e3:
a2:b1:ff:a5:0e:ff:df:f9:b8:d7:74:c6:8f:bb:a8:85:7c:70:
f2:d7:75:a9:20:5f:08:f7:10:d5:f3:74:d9:a9:04:0b:f4:70:
9c:e9:06:63:e0:e7:bd:6a:bf:3b:cd:f0:6f:97:7f:72:c7:db:
de:8d:61:60:cd:27:2b:9b:73:79:e3:bd:85:60:78:44:c8:2a:
3a:f4:a5:34:d9:74:cd:f4:7e:c4:23:86:ac:2a:eb:b7:da:4b:
f8:64:53:78:6b:b7:0e:1f:66:f3:0d:59:39:3f:d2:b6:12:08:
78:6d:1c:f3:b2:60:1d:9a:f0:c6:78:a1:57:1f:a9:63:70:ea:
f6:6a:45:7a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY9xKJkH4ijGmHlYDb+U6qAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNTEzMDg1MzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjE4ZGQzNDA5NGRkYTkwMTQ4MDJkNWFmNDdiMDJiZTM3ZGJkOGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxKrz7AxIqmFay5vH1MdS9OJufCJ
DtNgkk0bbEbB+pwcN7CLQEwifkuD6W4VTSz+B4/7cHLbAA1Geq5EPStMkNr3m9re
Xf/t4580S6BpAqHWf2+W7DczAxLjKmFzcQSsjDM22nci2K9eutLci7aLen3KMJmw
lFkBKkzpfmFNqlj75UmrxA4G9movDOLXngRI20lm7VQkNf9O6EIleWRY01imG/jF
zzdaA2TrCGVHyFTo385YUde++HmohPACabHudADylHTL9TqJZ0TPnHchN7hiOUwB
vhwSjBzoMw+ly/I3LRj8FPuWPGCHnSx5dYrTcjKH1EcnKtd9t3jKAKer8wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFN8Y3TQJTdqQFIAtWvR7Ar4329jVMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvM3hqZE5BbE4ycEFVZ0MxYTlIc0N2amZiMk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfjAMAwQA
VCAHAwQAVCAIMAwDBAJUIBQDBAJUIBgDBAFUIC4DBABUIF8DBAJUIJQDBAFUIK4D
BAFUINYDBABUINwDBAJUIPQDBAFY2BYDBABY2CcDBAFY2CwDBABY2F0wDAMEAVjY
ggMEAFjYhAMEAVjYhgMEAljYvAMEAljY1DANBgkqhkiG9w0BAQsFAAOCAQEAO6VO
zIanFscFfXP74AW0ABFHpeE67tA99emEYtxmqVG2DtQXGsTe20Oav5FrphxIBAiw
joYjHadM9SMOnaXFrzJFVjzXDdUFGMIitnkMrfk9c3X9ZttSMtJNsU6qX2gTfTtE
uTTNpTT61bdkMADpSFm8DtS/HGiu6VAJbvvjorH/pQ7/3/m413TGj7uohXxw8td1
qSBfCPcQ1fN02akEC/RwnOkGY+DnvWq/O83wb5d/csfb3o1hYM0nK5tzeeO9hWB4
RMgqOvSlNNl0zfR+xCOGrCrrt9pL+GRTeGu3Dh9m8w1ZOT/SthIIeG0c87JgHZrw
xnihVx+pY3Dq9mpFeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org