Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4M48PL0WSa6maUrJwXiqBNEAS50.roa
File: 4M48PL0WSa6maUrJwXiqBNEAS50.roa (raw, json)
Hash identifier: 6xK8/gbxAmTbW4i9FfFe3nCrm7mvp1dqYI6cgkT3UxU=
Subject key identifier: E0:CE:3C:3C:BD:16:49:AE:A6:69:4A:C9:C1:78:AA:04:D1:00:4B:9D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185CE01C138A83797791E6BDB057FB8173E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4M48PL0WSa6maUrJwXiqBNEAS50.roa
Signing time: Fri 20 Jan 2023 07:08:19 +0000
ROA not before: Fri 20 Jan 2023 07:08:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.214.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.36.0/24 maxlen: 24
88.216.252.0/22 maxlen: 24
84.32.42.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Feb 2023 19:14:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ce:01:c1:38:a8:37:97:79:1e:6b:db:05:7f:b8:17:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 20 07:08:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0ce3c3cbd1649aea6694ac9c178aa04d1004b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bc:aa:ed:eb:a6:77:ca:24:e6:50:e6:b1:cf:
15:07:ee:5f:95:0c:92:b9:f7:29:e2:9c:1a:ed:fb:
f1:0e:37:f3:0e:45:21:23:0c:ab:c9:cb:0d:e2:cd:
6d:95:4d:f7:88:50:d0:e6:78:03:41:7c:fc:64:51:
22:ca:78:a6:e5:45:e2:f7:04:27:24:51:dd:5b:2b:
3c:23:ff:e9:00:93:c9:cf:e4:40:6a:0d:f1:30:06:
eb:1e:0c:d8:36:c4:de:c2:6b:b7:9a:d2:dc:33:85:
d2:ea:8e:e4:cc:8c:4a:2b:09:de:f9:e3:9f:8f:97:
ee:bd:dc:c0:a1:8d:5f:ad:57:a4:0c:b9:2c:ff:f5:
f4:05:f0:46:c0:5f:cc:c0:88:aa:2f:04:a5:79:22:
ee:ef:bb:4c:10:cf:2a:fb:da:00:86:79:4f:b2:47:
dd:c0:7b:93:96:32:b0:ad:db:a2:24:3c:36:49:7a:
98:75:bf:48:9f:6d:60:8d:bf:25:82:43:39:19:76:
95:2b:33:4a:6f:2c:7b:b3:a7:eb:12:f1:09:64:15:
15:c5:5e:8d:c2:d3:2a:4a:e8:08:de:92:ed:d8:ac:
6b:af:62:6a:05:5b:10:bc:a6:ef:bd:c6:b8:a5:b1:
32:ed:20:2a:15:50:fd:e8:21:53:f2:c8:e7:ad:33:
a4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CE:3C:3C:BD:16:49:AE:A6:69:4A:C9:C1:78:AA:04:D1:00:4B:9D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4M48PL0WSa6maUrJwXiqBNEAS50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.42.0/24
84.32.52.0/22
88.216.36.0/24
88.216.40.0/24
88.216.43.0/24
88.216.98.0/24
88.216.214.0/24
88.216.240.0/21
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
88:aa:4c:e3:82:e9:34:41:1c:61:3a:62:a3:e6:d0:c8:11:14:
55:8f:60:d2:d5:6f:e1:3e:10:69:bb:94:66:7b:74:12:27:7e:
ad:41:8c:fb:e6:78:43:11:66:ca:76:86:01:a6:01:69:19:67:
4a:f9:73:a3:6b:0d:e1:d3:62:ef:64:bf:d6:9e:37:1c:5e:8b:
32:2a:46:e6:a7:1f:52:6f:2e:ee:23:09:51:5d:7d:00:bd:cc:
87:e1:f9:fa:f5:10:c5:e3:88:c9:1a:1d:5a:69:fb:5f:35:e3:
fa:86:b3:d8:dd:c8:db:2a:e0:46:97:6b:c5:09:60:30:66:b4:
5e:dd:70:ac:80:3f:78:e5:6b:f6:5d:78:23:d6:40:4f:90:27:
0e:c4:e3:1b:65:61:c7:a7:47:e8:f7:c6:23:5d:5e:35:04:a6:
bc:9e:fe:b1:0e:fc:7e:b1:89:32:14:d0:63:48:44:d6:a2:4f:
c2:7d:a6:20:86:91:6b:bc:04:21:44:e1:c9:f5:13:ca:be:fa:
12:05:49:bb:bf:e2:6e:52:23:e4:5e:5d:3e:2d:1f:91:fe:08:
97:54:e7:db:05:98:c8:6f:6c:83:1a:a7:87:5c:6e:f8:c7:30:
43:25:4d:7d:7e:b9:2f:64:af:d6:87:99:ea:99:44:b4:33:aa:
4d:7f:b1:b4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYXOAcE4qDeXeR5r2wV/uBc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTIwMDcwODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGNlM2MzY2JkMTY0OWFlYTY2OTRhYzljMTc4YWEwNGQxMDA0YjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArryq7eumd8ok5lDmsc8VB+5flQyS
ufcp4pwa7fvxDjfzDkUhIwyrycsN4s1tlU33iFDQ5ngDQXz8ZFEiynim5UXi9wQn
JFHdWys8I//pAJPJz+RAag3xMAbrHgzYNsTewmu3mtLcM4XS6o7kzIxKKwne+eOf
j5fuvdzAoY1frVekDLks//X0BfBGwF/MwIiqLwSleSLu77tMEM8q+9oAhnlPskfd
wHuTljKwrduiJDw2SXqYdb9In21gjb8lgkM5GXaVKzNKbyx7s6frEvEJZBUVxV6N
wtMqSugI3pLt2Kxrr2JqBVsQvKbvvca4pbEy7SAqFVD96CFT8sjnrTOkZQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFODOPDy9FkmupmlKycF4qgTRAEudMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNE00OFBMMFdTYTZtYVVySndYaXFCTkVBUzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAVCAGAwQA
VCAqAwQCVCA0AwQAWNgkAwQAWNgoAwQAWNgrAwQAWNhiAwQAWNjWAwQDWNjwAwQC
WNj8MA0GCSqGSIb3DQEBCwUAA4IBAQCIqkzjguk0QRxhOmKj5tDIERRVj2DS1W/h
PhBpu5Rme3QSJ36tQYz75nhDEWbKdoYBpgFpGWdK+XOjaw3h02LvZL/WnjccXosy
Kkbmpx9Sby7uIwlRXX0AvcyH4fn69RDF44jJGh1aaftfNeP6hrPY3cjbKuBGl2vF
CWAwZrRe3XCsgD945Wv2XXgj1kBPkCcOxOMbZWHHp0fo98YjXV41BKa8nv6xDvx+
sYkyFNBjSETWok/CfaYghpFrvAQhROHJ9RPKvvoSBUm7v+JuUiPkXl0+LR+R/giX
VOfbBZjIb2yDGqeHXG74xzBDJU19frkvZK/Wh5nqmUS0M6pNf7G0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org