Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5rcmGHmNbv10RelDOI2OrzNM2ko.roa
File: 5rcmGHmNbv10RelDOI2OrzNM2ko.roa (raw, json)
Hash identifier: 8mcAzuP5KGGjUlo3/TbQMRQjT8ukrMB8cflb8fhX4SU=
Subject key identifier: E6:B7:26:18:79:8D:6E:FD:74:45:E9:43:38:8D:8E:AF:33:4C:DA:4A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826AC9C230CF1E4B3AE82558B762746
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5rcmGHmNbv10RelDOI2OrzNM2ko.roa
Signing time: Thu 02 Jan 2025 17:53:30 +0000
ROA not before: Thu 02 Jan 2025 17:53:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 84.32.9.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 08:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:ac:9c:23:0c:f1:e4:b3:ae:82:55:8b:76:27:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6b72618798d6efd7445e943388d8eaf334cda4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a3:ab:72:f6:c4:cc:dd:c5:39:e1:e4:89:82:
b6:eb:96:6c:b6:9c:ef:10:1b:4f:e3:ed:8f:6d:5b:
94:61:ef:d1:0d:98:9d:2a:df:23:c7:d5:6c:03:e0:
eb:bd:b0:ae:8d:8e:b2:b7:c5:55:a0:b1:17:ce:02:
b4:31:9a:68:03:a2:76:74:3d:9d:07:19:c7:f8:36:
84:0b:23:d9:c7:20:58:bd:dd:d8:1c:fd:f8:a5:b7:
c4:57:92:7e:7b:39:f3:5e:4f:7d:f9:a0:e1:aa:4c:
68:fd:e3:99:c9:f3:56:48:d7:63:e1:2c:26:79:67:
62:70:94:d5:9d:29:dc:33:88:bf:23:ff:7f:92:dd:
a4:d6:d7:f1:33:e1:a4:26:b1:6f:f8:5d:9f:38:3a:
be:7a:1c:9f:40:c4:be:05:ce:3b:d9:4d:d1:5f:05:
52:34:e2:a2:98:eb:14:41:1b:85:3b:bd:98:d2:32:
01:8d:98:ec:5a:06:14:24:7a:c0:b0:3e:16:bd:b3:
84:1a:41:99:f3:92:66:f0:fe:fb:5a:78:51:ec:d9:
f4:08:0a:09:71:35:f6:03:49:bb:42:d0:9d:22:6b:
9d:08:53:85:34:e6:1e:50:d3:0c:47:ea:6e:81:96:
46:a5:6e:b2:57:d6:b4:d0:ca:0e:5b:07:a2:2b:3f:
33:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:B7:26:18:79:8D:6E:FD:74:45:E9:43:38:8D:8E:AF:33:4C:DA:4A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5rcmGHmNbv10RelDOI2OrzNM2ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.9.0/24
88.216.220.0/24
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:f6:e9:d1:c4:ae:56:e7:18:77:e8:ce:08:6d:e8:a1:94:06:
ba:5d:de:61:30:b8:69:f4:9d:b1:e1:14:68:e4:9f:92:9e:d5:
74:4d:0e:85:10:49:55:76:3c:cf:54:45:09:08:15:00:1f:c9:
fc:c3:4a:38:45:ba:c1:d4:a7:76:69:ba:6a:a1:14:84:50:b6:
dd:4e:f6:68:48:fe:2e:ed:77:20:c2:84:36:b5:14:b3:fd:b2:
ee:47:aa:fb:8f:eb:dd:69:98:d2:6e:95:83:d9:d0:a7:98:bb:
8c:41:91:51:05:d1:3f:82:1c:0a:59:d5:2f:b6:64:45:b4:ee:
56:85:80:8b:96:e6:b9:c4:bd:94:93:d5:7a:83:83:e8:48:42:
cd:bc:fd:bb:87:f2:70:86:08:3e:95:c1:e6:21:43:36:0e:20:
73:75:1b:dd:e7:c3:ab:5a:c0:7c:3f:1f:2e:6b:80:73:ed:6c:
31:a6:bd:80:7d:7b:7f:a8:fd:86:1f:e0:6f:5b:45:9a:ca:2d:
06:84:f7:23:37:be:ae:a5:98:54:ec:d4:a1:98:cf:b0:77:55:
3b:23:f6:59:6b:11:03:af:93:e3:e0:b6:24:e7:77:3b:fb:d1:
1e:d3:73:b0:21:36:56:f0:3e:0f:44:90:1a:1f:fa:b2:3a:a1:
01:0a:f4:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJqycIwzx5LOuglWLdidGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmI3MjYxODc5OGQ2ZWZkNzQ0NWU5NDMzODhkOGVhZjMzNGNkYTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qOrcvbEzN3FOeHkiYK265Zstpzv
EBtP4+2PbVuUYe/RDZidKt8jx9VsA+DrvbCujY6yt8VVoLEXzgK0MZpoA6J2dD2d
BxnH+DaECyPZxyBYvd3YHP34pbfEV5J+eznzXk99+aDhqkxo/eOZyfNWSNdj4Swm
eWdicJTVnSncM4i/I/9/kt2k1tfxM+GkJrFv+F2fODq+ehyfQMS+Bc472U3RXwVS
NOKimOsUQRuFO72Y0jIBjZjsWgYUJHrAsD4WvbOEGkGZ85Jm8P77WnhR7Nn0CAoJ
cTX2A0m7QtCdImudCFOFNOYeUNMMR+pugZZGpW6yV9a00MoOWweiKz8zzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOa3Jhh5jW79dEXpQziNjq8zTNpKMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNXJjbUdIbU5idjEwUmVsRE9JMk9yek5NMmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAJAwQA
WNjcAwQAWNjfMA0GCSqGSIb3DQEBCwUAA4IBAQBM9unRxK5W5xh36M4IbeihlAa6
Xd5hMLhp9J2x4RRo5J+SntV0TQ6FEElVdjzPVEUJCBUAH8n8w0o4RbrB1Kd2abpq
oRSEULbdTvZoSP4u7XcgwoQ2tRSz/bLuR6r7j+vdaZjSbpWD2dCnmLuMQZFRBdE/
ghwKWdUvtmRFtO5WhYCLlua5xL2Uk9V6g4PoSELNvP27h/Jwhgg+lcHmIUM2DiBz
dRvd58OrWsB8Px8ua4Bz7Wwxpr2AfXt/qP2GH+BvW0Wayi0GhPcjN76upZhU7NSh
mM+wd1U7I/ZZaxEDr5Pj4LYk53c7+9Ee03OwITZW8D4PRJAaH/qyOqEBCvSl
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:59:35 2025 by rpki-client