Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4-NWtaAoBhcmCcU1yahdIZomcv4.roa
File: 4-NWtaAoBhcmCcU1yahdIZomcv4.roa (raw, json)
Hash identifier: IsoNruISD7rbvtH0ZSrDDTbSr529eUmOywrHG7wBpEw=
Subject key identifier: E3:E3:56:B5:A0:28:06:17:26:09:C5:35:C9:A8:5D:21:9A:26:72:FE
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185ED0DA9BD4B68534F1A6DE93C362770FC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4-NWtaAoBhcmCcU1yahdIZomcv4.roa
Signing time: Thu 26 Jan 2023 07:49:33 +0000
ROA not before: Thu 26 Jan 2023 07:49:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.63.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.34.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ed:0d:a9:bd:4b:68:53:4f:1a:6d:e9:3c:36:27:70:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 26 07:49:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3e356b5a02806172609c535c9a85d219a2672fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:16:84:41:e5:67:c4:71:66:7f:b3:55:08:07:
ef:a4:37:c6:f5:93:be:b4:74:1d:a3:16:cb:c7:f0:
9c:9c:33:cd:3b:e5:6b:76:28:be:71:a9:95:b1:36:
df:45:7e:b6:2c:79:95:2b:12:89:cc:fe:3c:e3:99:
c0:0a:4f:91:a7:a3:f4:5b:19:65:5f:6a:aa:c0:01:
1d:a5:46:1e:43:63:46:42:77:48:e9:86:b7:69:a6:
1a:9f:3e:38:95:ba:22:25:57:27:56:59:e4:8f:e1:
86:eb:90:fa:56:c9:09:79:c0:33:36:c3:79:b0:cc:
69:74:3e:79:46:62:72:0a:36:7c:cf:54:39:4e:f4:
40:56:6d:cc:30:41:12:cc:b6:fc:3d:6d:d2:29:77:
4b:a0:60:14:d0:9e:74:e4:96:d6:ab:9e:37:37:d6:
1e:3f:4b:d2:f6:4f:04:ff:ee:43:e7:ac:ac:92:a5:
b4:b3:c3:4b:7b:fb:95:e8:ac:ca:0f:44:29:9f:e1:
d5:4a:ed:89:c4:ea:54:3e:a7:dc:94:0d:39:7f:cc:
11:d9:4d:4b:42:cb:6c:dd:8e:d9:ff:36:19:29:40:
6f:0b:72:0a:ac:8d:f7:61:e2:f6:38:42:9c:57:0c:
cb:e6:59:b7:c4:f8:fe:a9:8f:75:29:9d:fc:db:c2:
8f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E3:56:B5:A0:28:06:17:26:09:C5:35:C9:A8:5D:21:9A:26:72:FE
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4-NWtaAoBhcmCcU1yahdIZomcv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.63.0/24
84.32.95.0/24
84.32.214.0/23
88.216.2.0/24
88.216.34.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
27:14:8c:a6:46:57:a9:12:50:b8:4b:5c:13:6a:a2:e7:41:81:
93:3b:f6:b8:9d:50:39:ec:45:99:14:b3:6e:ea:a4:95:09:a9:
73:8d:18:7e:40:3d:37:79:02:55:4f:a1:a9:2b:1f:14:8c:ef:
1b:c1:a2:87:3c:c6:19:6c:c8:07:70:1b:2e:fb:09:c2:a8:d9:
4c:d5:29:34:9f:6a:2e:18:e3:c3:b5:ce:89:42:37:23:fd:0d:
8f:ff:21:53:e6:91:23:36:73:ff:1e:e1:1b:df:98:c3:7a:ed:
db:02:df:83:69:d3:20:ef:03:e1:d1:3d:69:79:c8:32:70:4f:
e5:16:c4:33:c7:66:c6:a9:93:98:f9:f8:50:54:33:9f:f3:f2:
a1:e0:e3:ca:e5:e3:d2:3b:68:64:a4:91:5e:9a:da:97:63:02:
33:b2:35:ea:44:9b:89:1f:e3:45:ba:f4:c3:c3:d3:ff:7c:50:
6b:af:44:ea:f8:a7:30:1f:00:47:05:09:d0:2b:a0:f9:55:83:
c4:20:24:4b:64:8d:d7:86:ce:f4:ef:00:16:3e:1e:05:8a:f5:
4b:77:01:1b:c2:fb:8f:0d:94:08:2d:d8:9c:a3:2a:62:59:ab:
36:df:ff:52:32:47:6d:db:36:ae:d9:53:85:17:af:ed:6e:cd:
46:51:f2:5c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYXtDam9S2hTTxpt6Tw2J3D8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTI2MDc0OTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2UzNTZiNWEwMjgwNjE3MjYwOWM1MzVjOWE4NWQyMTlhMjY3MmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBaEQeVnxHFmf7NVCAfvpDfG9ZO+
tHQdoxbLx/CcnDPNO+Vrdii+camVsTbfRX62LHmVKxKJzP4845nACk+Rp6P0Wxll
X2qqwAEdpUYeQ2NGQndI6Ya3aaYanz44lboiJVcnVlnkj+GG65D6VskJecAzNsN5
sMxpdD55RmJyCjZ8z1Q5TvRAVm3MMEESzLb8PW3SKXdLoGAU0J505JbWq543N9Ye
P0vS9k8E/+5D56yskqW0s8NLe/uV6KzKD0Qpn+HVSu2JxOpUPqfclA05f8wR2U1L
Qsts3Y7Z/zYZKUBvC3IKrI33YeL2OEKcVwzL5lm3xPj+qY91KZ3828KPjwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOPjVrWgKAYXJgnFNcmoXSGaJnL+MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNC1OV3RhQW9CaGNtQ2NVMXlhaGRJWm9tY3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCA/AwQA
VCBfAwQBVCDWAwQAWNgCAwQAWNgiAwQAWNjFMA0GCSqGSIb3DQEBCwUAA4IBAQAn
FIymRlepElC4S1wTaqLnQYGTO/a4nVA57EWZFLNu6qSVCalzjRh+QD03eQJVT6Gp
Kx8UjO8bwaKHPMYZbMgHcBsu+wnCqNlM1Sk0n2ouGOPDtc6JQjcj/Q2P/yFT5pEj
NnP/HuEb35jDeu3bAt+DadMg7wPh0T1pecgycE/lFsQzx2bGqZOY+fhQVDOf8/Kh
4OPK5ePSO2hkpJFemtqXYwIzsjXqRJuJH+NFuvTDw9P/fFBrr0Tq+KcwHwBHBQnQ
K6D5VYPEICRLZI3Xhs707wAWPh4FivVLdwEbwvuPDZQILdicoypiWas23/9SMkdt
2zau2VOFF6/tbs1GUfJc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:27 2023 by rpki-client on console-ams.rpki-client.org