Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9DDhfe5yU52e4adWCPjxVdc8NPg.roa
File: 9DDhfe5yU52e4adWCPjxVdc8NPg.roa (raw, json)
Hash identifier: a+GYAen8rRzFALN0AE4E1xtYVx7LnRkWs7mayC6iCbA=
Subject key identifier: F4:30:E1:7D:EE:72:53:9D:9E:E1:A7:56:08:F8:F1:55:D7:3C:34:F8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CE32566A63AE6F57DF570F98A49027114
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9DDhfe5yU52e4adWCPjxVdc8NPg.roa
Signing time: Sun 07 Jan 2024 08:58:48 +0000
ROA not before: Sun 07 Jan 2024 08:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
84.32.59.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.26.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.178.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 06:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e3:25:66:a6:3a:e6:f5:7d:f5:70:f9:8a:49:02:71:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 7 08:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f430e17dee72539d9ee1a75608f8f155d73c34f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5e:60:98:92:6d:eb:56:42:d5:87:5d:db:b5:
bb:2f:fb:3a:53:ef:4d:0f:78:5b:cb:3c:e4:1d:6c:
04:f3:ec:94:19:62:fb:d5:e5:10:84:3d:a9:ae:a2:
d3:f8:1d:88:01:96:50:6e:fa:71:66:4a:74:80:5f:
eb:02:00:44:c3:9a:74:97:da:7c:1c:fb:4c:a3:49:
a6:87:3e:5a:fc:92:d8:1b:ce:77:5a:bb:e6:64:0e:
b0:3c:c7:4b:ef:16:38:15:37:6f:c9:26:66:d4:e7:
4f:d8:d5:8f:8f:23:48:e2:5a:ff:8f:77:82:17:d4:
b0:9b:69:15:e5:8b:3a:43:76:43:ee:b6:c2:6d:b4:
7a:19:aa:fa:43:5a:91:1a:72:8e:27:7f:b2:da:be:
0f:50:43:10:14:f5:39:fb:60:21:86:83:82:9d:b9:
f8:19:5d:83:d9:37:5e:c8:69:2f:e8:f6:7c:34:46:
32:b0:2b:15:a8:d5:18:09:84:25:2c:55:d8:34:20:
c9:61:ff:1d:de:bc:b3:64:5b:18:d2:ca:1c:6d:5e:
6b:27:bf:c8:eb:49:63:3f:77:2b:f1:dd:3d:48:d9:
ac:51:ac:b2:e3:68:a9:a7:f7:7a:ad:81:d5:88:ee:
05:d9:8a:e3:bd:28:6a:95:63:dc:5e:9c:f4:d9:2b:
02:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:30:E1:7D:EE:72:53:9D:9E:E1:A7:56:08:F8:F1:55:D7:3C:34:F8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9DDhfe5yU52e4adWCPjxVdc8NPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.39.0/24
84.32.46.0/23
84.32.59.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.188.0/22
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
59:d2:49:28:71:3a:e3:66:d3:ae:e1:64:7f:68:25:d8:15:c3:
41:84:1c:50:55:ac:6b:f1:f4:37:88:9a:e8:b7:62:22:7e:fc:
62:85:55:ed:1a:32:e7:3c:5e:05:24:e2:10:90:41:79:7b:7e:
93:08:39:c8:44:08:01:26:5a:be:b2:20:41:f1:d2:bf:5d:6f:
54:a1:56:1c:a9:6a:f2:89:5b:f0:fa:c1:74:9a:41:ca:2d:b6:
1a:99:20:61:a7:d4:a2:b5:23:24:a8:c5:97:d9:98:51:1d:b8:
74:e9:be:86:59:c9:46:3e:da:f3:41:9f:b3:2c:40:fa:f5:ef:
22:4e:e8:98:5f:cd:e2:bc:b6:ce:04:31:de:7c:5f:12:28:80:
75:b3:fc:cd:3a:39:28:5d:fc:b7:07:b4:0f:36:40:69:d9:27:
4b:79:f6:83:20:84:03:43:e1:73:f2:62:b8:51:ba:bb:76:ef:
85:1a:56:4d:8a:42:3c:c4:a8:78:91:7d:a2:cf:e2:e3:8c:15:
e9:31:aa:d3:60:18:63:0e:42:8c:67:de:d5:e7:27:a0:1b:11:
9f:08:f2:82:eb:57:5a:de:0c:e5:62:a8:06:34:9d:6a:08:5a:
48:68:c8:7b:00:03:c8:75:24:47:a8:59:f5:e9:ec:7b:47:9f:
0b:0e:66:a7
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYzjJWamOub1ffVw+YpJAnEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTA3MDg1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDMwZTE3ZGVlNzI1MzlkOWVlMWE3NTYwOGY4ZjE1NWQ3M2MzNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhF5gmJJt61ZC1Ydd27W7L/s6U+9N
D3hbyzzkHWwE8+yUGWL71eUQhD2prqLT+B2IAZZQbvpxZkp0gF/rAgBEw5p0l9p8
HPtMo0mmhz5a/JLYG853WrvmZA6wPMdL7xY4FTdvySZm1OdP2NWPjyNI4lr/j3eC
F9Swm2kV5Ys6Q3ZD7rbCbbR6Gar6Q1qRGnKOJ3+y2r4PUEMQFPU5+2AhhoOCnbn4
GV2D2TdeyGkv6PZ8NEYysCsVqNUYCYQlLFXYNCDJYf8d3ryzZFsY0socbV5rJ7/I
60ljP3cr8d09SNmsUayy42ipp/d6rYHViO4F2YrjvShqlWPcXpz02SsC5wIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFPQw4X3uclOdnuGnVgj48VXXPDT4MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOUREaGZlNXlVNTJlNGFkV0NQanhWZGM4TlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQwDAME
AFQgBwMEAFQgCDAMAwQCVCAUAwQCVCAYAwQAVCAnAwQBVCAuAwQAVCA7AwQAVCBf
AwQCVCCUAwQBVCCuAwQBVCCyAwQBVCDWAwQCVCD0AwQBWNgWAwQBWNgsAwQAWNhd
MAwDBAFY2IIDBABY2IQDBAFY2IYDBAJY2LwDBAJY2NQwDQYJKoZIhvcNAQELBQAD
ggEBAFnSSShxOuNm067hZH9oJdgVw0GEHFBVrGvx9DeImui3YiJ+/GKFVe0aMuc8
XgUk4hCQQXl7fpMIOchECAEmWr6yIEHx0r9db1ShVhypavKJW/D6wXSaQcotthqZ
IGGn1KK1IySoxZfZmFEduHTpvoZZyUY+2vNBn7MsQPr17yJO6JhfzeK8ts4EMd58
XxIogHWz/M06OShd/LcHtA82QGnZJ0t59oMghAND4XPyYrhRurt274UaVk2KQjzE
qHiRfaLP4uOMFekxqtNgGGMOQoxn3tXnJ6AbEZ8I8oLrV1reDOViqAY0nWoIWkho
yHsAA8h1JEeoWfXp7HtHnwsOZqc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org