Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/B1JKQiUC0Tp9KbXKnXyo8yk0ypk.roa
File: B1JKQiUC0Tp9KbXKnXyo8yk0ypk.roa (raw, json)
Hash identifier: WzxOOcik8XvF33QpfTvpVC9/bfWg2SKei6fVSOUVO2c=
Subject key identifier: 07:52:4A:42:25:02:D1:3A:7D:29:B5:CA:9D:7C:A8:F3:29:34:CA:99
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019586BCF969086991B2AC990E463CFE93C4
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/B1JKQiUC0Tp9KbXKnXyo8yk0ypk.roa
Signing time: Tue 11 Mar 2025 19:44:46 +0000
ROA not before: Tue 11 Mar 2025 19:44:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Mar 2025 19:16:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:86:bc:f9:69:08:69:91:b2:ac:99:0e:46:3c:fe:93:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 11 19:44:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07524a422502d13a7d29b5ca9d7ca8f32934ca99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:83:4f:58:a2:13:76:4e:a9:9b:19:bb:b0:e1:
1a:39:c5:88:ed:1c:e3:b8:eb:5b:38:56:c3:70:fe:
81:d4:93:bc:df:9c:00:3f:cc:bc:c8:7d:67:a2:a2:
a7:6d:ed:36:af:35:4c:bb:01:d5:e0:a8:23:b6:84:
26:68:8a:59:bf:7f:67:e4:52:ba:c7:56:74:70:a2:
d9:a3:01:af:ce:7e:f4:d2:ab:c4:e3:2a:e4:aa:6c:
3b:fa:3c:f6:2b:bd:da:95:45:e9:63:19:39:4c:27:
6c:b6:a3:78:da:09:ba:97:b9:c9:76:27:0e:2c:39:
e2:0a:a6:7f:bb:cc:5f:7e:49:b3:44:92:56:74:40:
96:1c:40:3f:56:b3:e1:8e:ff:86:7d:01:86:b5:e6:
10:d8:aa:17:6c:dd:48:31:2a:f9:ef:a2:fd:10:5a:
18:f4:eb:54:89:85:48:b0:0c:c3:fa:9c:61:31:dd:
49:8b:0f:09:f0:d5:cf:bb:70:2c:81:31:ee:ad:89:
fd:ef:29:c0:00:3e:43:d3:d7:06:e7:71:d3:2c:78:
a7:1c:94:29:24:02:b0:00:65:9c:e7:ff:71:c3:7b:
6e:b3:df:18:1d:e7:83:7c:73:60:a0:80:b9:d2:b6:
23:44:71:be:c8:42:be:60:f3:0e:de:5e:23:7b:9f:
5f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:52:4A:42:25:02:D1:3A:7D:29:B5:CA:9D:7C:A8:F3:29:34:CA:99
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/B1JKQiUC0Tp9KbXKnXyo8yk0ypk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.66.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
65:5e:2c:35:29:9f:7c:e9:03:a3:a5:b2:e0:08:3a:00:06:b0:
b5:77:b4:cf:16:ca:20:d5:ca:8b:e6:94:a9:3a:2e:dc:50:89:
75:2c:bb:60:ae:75:14:0e:ea:23:0d:91:6f:74:52:07:eb:40:
d8:6a:a3:d5:b3:35:36:ba:62:44:55:ba:90:93:52:7c:b9:89:
01:e6:b3:f3:6e:63:97:d2:0a:b9:c5:ea:38:21:0e:f9:be:1c:
63:11:1a:03:81:09:6b:9c:c3:24:0c:e3:e7:11:34:6a:71:e4:
4f:0b:70:9c:50:60:e3:45:38:d7:9d:46:be:34:30:df:dc:5c:
c5:4e:ed:2e:48:ce:72:6e:a7:e0:67:27:4f:c3:94:f1:77:27:
9b:8a:b0:ba:c5:47:75:33:fc:13:ec:0d:c5:2d:f9:03:63:52:
93:2d:f6:bb:fd:31:45:0a:57:8f:28:3b:8a:30:42:92:24:36:
c5:2d:21:93:4e:3e:6c:95:b4:84:d4:15:a3:f1:d1:c7:23:dd:
bf:bf:a4:bf:84:09:73:ce:08:b5:e9:a4:6d:40:14:3b:d5:65:
c6:b3:a6:ce:33:da:2d:ad:00:8f:9e:ce:c6:ee:db:9f:e4:6d:
cc:c0:82:8c:2e:b4:2b:a2:a4:99:51:35:84:43:28:29:00:fb:
33:b8:97:6a
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZWGvPlpCGmRsqyZDkY8/pPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMzExMTk0NDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzUyNGE0MjI1MDJkMTNhN2QyOWI1Y2E5ZDdjYThmMzI5MzRjYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4NPWKITdk6pmxm7sOEaOcWI7Rzj
uOtbOFbDcP6B1JO835wAP8y8yH1noqKnbe02rzVMuwHV4KgjtoQmaIpZv39n5FK6
x1Z0cKLZowGvzn700qvE4yrkqmw7+jz2K73alUXpYxk5TCdstqN42gm6l7nJdicO
LDniCqZ/u8xffkmzRJJWdECWHEA/VrPhjv+GfQGGteYQ2KoXbN1IMSr576L9EFoY
9OtUiYVIsAzD+pxhMd1Jiw8J8NXPu3AsgTHurYn97ynAAD5D09cG53HTLHinHJQp
JAKwAGWc5/9xw3tus98YHeeDfHNgoIC50rYjRHG+yEK+YPMO3l4je59fSQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFAdSSkIlAtE6fSm1yp18qPMpNMqZMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQjFKS1FpVUMwVHA5S2JYS25YeW84eWsweXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcMAwDBABUIAcD
BABUIAgDBAJUIBQDBAFUIC4DBAJUIJQDBAFUIK4DBAFUINYDBAJUIPQDBAFY2BYD
BAFY2CwDBAFY2EIDBABY2F0DBAFY2IIDBAFY2IYDBABY2NwwDQYJKoZIhvcNAQEL
BQADggEBAGVeLDUpn3zpA6OlsuAIOgAGsLV3tM8WyiDVyovmlKk6LtxQiXUsu2Cu
dRQO6iMNkW90UgfrQNhqo9WzNTa6YkRVupCTUny5iQHms/NuY5fSCrnF6jghDvm+
HGMRGgOBCWucwyQM4+cRNGpx5E8LcJxQYONFONedRr40MN/cXMVO7S5IznJup+Bn
J0/DlPF3J5uKsLrFR3Uz/BPsDcUt+QNjUpMt9rv9MUUKV48oO4owQpIkNsUtIZNO
PmyVtITUFaPx0ccj3b+/pL+ECXPOCLXppG1AFDvVZcazps4z2i2tAI+ezsbu25/k
bczAgowutCuipJlRNYRDKCkA+zO4l2o=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:09:27 2025 by rpki-client