Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4SVV4COo04YU9WCgoqeA4r50HZw.roa
File: 4SVV4COo04YU9WCgoqeA4r50HZw.roa (raw, json)
Hash identifier: Q70tWVHdg/WMuhLC7RJ0gS8vJcEy97Mgoo/u+y6jFls=
Subject key identifier: E1:25:55:E0:23:A8:D3:86:14:F5:60:A0:A2:A7:80:E2:BE:74:1D:9C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826C0E9CE88C249BEA144D48133BEEB
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4SVV4COo04YU9WCgoqeA4r50HZw.roa
Signing time: Thu 02 Jan 2025 17:53:35 +0000
ROA not before: Thu 02 Jan 2025 17:53:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204770
IP address blocks: 84.32.32.0/24 maxlen: 24
84.32.34.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.128.0/22 maxlen: 32
84.32.220.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Mar 2025 20:27:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:c0:e9:ce:88:c2:49:be:a1:44:d4:81:33:be:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e12555e023a8d38614f560a0a2a780e2be741d9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:cd:e3:5c:24:9c:de:88:e6:38:d4:46:17:58:
bd:bf:ad:61:b0:95:b0:8c:33:cb:49:80:de:85:1d:
c8:f7:ef:88:b3:87:0b:ee:d2:b0:27:c0:50:7c:ff:
31:05:1a:49:90:78:b1:65:b9:c3:ff:44:ba:e7:d5:
22:41:07:2c:55:25:e4:cf:ce:4f:0b:27:1a:aa:95:
82:51:36:a0:04:f1:94:9b:14:85:ba:cd:94:ef:23:
d9:ff:88:e5:17:62:a1:a1:68:5a:93:62:49:ec:2b:
38:94:22:9e:4a:4e:5c:85:27:e9:75:2a:d3:b1:97:
a3:d4:45:27:53:da:be:d1:7e:a6:e3:d8:5c:3a:22:
da:fd:5f:fe:20:8b:f3:e3:af:c9:2b:12:08:d3:9b:
b8:07:44:76:21:09:9e:48:65:b3:05:9b:20:41:51:
b9:b3:a7:ea:b7:13:a9:91:fc:4a:4d:f7:5a:ac:94:
b2:2d:7c:c3:38:ae:e0:2e:29:51:0d:2f:4d:0e:a9:
4f:65:9b:3f:7c:05:f7:da:e9:95:29:1a:41:bf:b9:
0b:c5:fa:d4:ff:df:6a:f7:e6:31:d1:6d:2b:ce:d4:
25:02:8e:93:7d:79:4e:94:fb:52:2b:3d:1f:10:6c:
e5:15:bd:f5:29:72:4a:b8:89:43:d8:14:67:06:fc:
f6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:25:55:E0:23:A8:D3:86:14:F5:60:A0:A2:A7:80:E2:BE:74:1D:9C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4SVV4COo04YU9WCgoqeA4r50HZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.32.0/24
84.32.34.0/24
84.32.70.0/23
84.32.128.0/22
84.32.220.0/24
88.216.39.0/24
88.216.198.0/24
88.216.210.0/24
88.216.222.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:3a:f1:ac:a4:97:1d:5e:fe:bf:66:ee:6b:68:e2:02:3b:87:
50:52:99:b8:dd:fc:32:fa:6d:ab:da:b0:6c:56:6e:5e:56:b7:
2f:8a:89:25:17:23:55:fb:b8:2a:d6:78:5c:94:a6:32:01:97:
5a:ef:19:81:ef:48:31:38:51:69:53:5c:bf:b3:d3:f8:64:b8:
ac:75:19:fa:24:ea:a6:1c:a3:cf:b2:c1:d0:7a:c7:ff:6e:e6:
47:75:43:6a:d0:44:b2:a8:23:af:a6:a5:eb:e9:01:0b:3a:e6:
56:db:ec:7d:f1:2b:ec:b6:2b:21:8f:4b:c3:bb:30:88:d3:48:
74:c2:68:62:7d:be:29:7d:aa:29:2a:a5:3d:9f:fc:e7:2b:97:
91:31:a5:1e:00:65:d0:55:4b:3e:6f:29:08:82:29:b3:9b:19:
e7:df:e2:10:d1:bf:a4:fa:de:64:c0:0d:a6:0c:f9:35:27:78:
2b:f7:30:aa:a4:89:03:f1:b5:62:12:42:6c:a4:f6:cd:95:58:
5f:f8:f8:6b:ec:78:95:50:81:a0:90:d9:62:a5:9e:7a:4e:6e:
0b:a2:0f:10:01:1a:e2:54:32:2f:22:15:78:a0:57:b7:1b:37:
98:45:6a:38:ea:1a:0b:4b:50:81:b2:b9:ad:1f:be:d4:3c:d7:
f8:3e:86:f2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQoJsDpzojCSb6hRNSBM77rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTI1NTVlMDIzYThkMzg2MTRmNTYwYTBhMmE3ODBlMmJlNzQxZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM3jXCSc3ojmONRGF1i9v61hsJWw
jDPLSYDehR3I9++Is4cL7tKwJ8BQfP8xBRpJkHixZbnD/0S659UiQQcsVSXkz85P
CycaqpWCUTagBPGUmxSFus2U7yPZ/4jlF2KhoWhak2JJ7Cs4lCKeSk5chSfpdSrT
sZej1EUnU9q+0X6m49hcOiLa/V/+IIvz46/JKxII05u4B0R2IQmeSGWzBZsgQVG5
s6fqtxOpkfxKTfdarJSyLXzDOK7gLilRDS9NDqlPZZs/fAX32umVKRpBv7kLxfrU
/99q9+Yx0W0rztQlAo6TfXlOlPtSKz0fEGzlFb31KXJKuIlD2BRnBvz2GwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOElVeAjqNOGFPVgoKKngOK+dB2cMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNFNWVjRDT28wNFlVOVdDZ29xZUE0cjUwSFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVCAgAwQA
VCAiAwQBVCBGAwQCVCCAAwQAVCDcAwQAWNgnAwQAWNjGAwQAWNjSAwQAWNjeMA0G
CSqGSIb3DQEBCwUAA4IBAQAfOvGspJcdXv6/Zu5raOICO4dQUpm43fwy+m2r2rBs
Vm5eVrcvioklFyNV+7gq1nhclKYyAZda7xmB70gxOFFpU1y/s9P4ZLisdRn6JOqm
HKPPssHQesf/buZHdUNq0ESyqCOvpqXr6QELOuZW2+x98Svstishj0vDuzCI00h0
wmhifb4pfaopKqU9n/znK5eRMaUeAGXQVUs+bykIgimzmxnn3+IQ0b+k+t5kwA2m
DPk1J3gr9zCqpIkD8bViEkJspPbNlVhf+Phr7HiVUIGgkNlipZ56Tm4Log8QARri
VDIvIhV4oFe3GzeYRWo46hoLS1CBsrmtH77UPNf4Poby
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:03:19 2025 by rpki-client