Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CMfAaSy0aVe4WsYvwbSqvuMRm6E.roa
File: CMfAaSy0aVe4WsYvwbSqvuMRm6E.roa (raw, json)
Hash identifier: 3yVMJLp1xWB0QUklg8hbtn/oDl+0EtwjcF0c5YYExoA=
Subject key identifier: 08:C7:C0:69:2C:B4:69:57:B8:5A:C6:2F:C1:B4:AA:BE:E3:11:9B:A1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018672E7C6A76693E2F0FB8E7B136699D294
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CMfAaSy0aVe4WsYvwbSqvuMRm6E.roa
Signing time: Tue 21 Feb 2023 07:37:17 +0000
ROA not before: Tue 21 Feb 2023 07:37:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 84.32.71.0/24 maxlen: 24
88.216.199.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.50.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
84.32.108.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Feb 2023 13:51:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:72:e7:c6:a7:66:93:e2:f0:fb:8e:7b:13:66:99:d2:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 21 07:37:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08c7c0692cb46957b85ac62fc1b4aabee3119ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:47:1a:0b:aa:d0:3d:65:94:65:3f:68:e9:d9:
e0:04:2e:58:48:7d:f9:91:4c:70:ea:de:39:6d:3e:
f4:56:07:ba:f2:09:93:d7:a1:51:02:5a:03:eb:c3:
66:df:76:54:8f:24:58:8c:8b:ba:3f:81:d1:94:8d:
2c:ca:4c:78:de:86:42:47:24:62:9c:08:96:e9:48:
94:41:80:69:f5:46:fa:e0:f2:c1:5f:04:bb:fc:86:
f3:fd:4f:e1:49:0a:10:81:87:a6:6f:79:5d:c9:fd:
3b:d4:6f:aa:8b:d4:95:d5:e9:ba:88:07:f3:1c:31:
0e:14:ca:73:26:40:c5:70:60:c0:27:99:5c:d4:d9:
16:a6:c9:cc:4e:0e:6c:5b:82:7f:e4:53:65:97:c7:
2d:68:e0:66:0a:ad:03:bf:43:c1:de:19:42:c0:18:
45:c2:ed:70:90:6d:80:cb:be:74:07:44:3c:a3:e4:
a5:13:1b:a7:5b:22:95:58:68:2c:32:ea:fd:f1:8d:
d3:d8:3e:7c:db:f8:d5:07:e9:27:32:7a:73:43:94:
2a:85:38:06:99:8e:8d:f2:83:0f:ec:c4:b5:3e:89:
3d:36:c3:68:12:ed:08:87:76:6d:68:75:5f:ca:64:
08:a3:b1:0c:f3:fc:b8:45:da:36:b7:9f:da:35:74:
8d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C7:C0:69:2C:B4:69:57:B8:5A:C6:2F:C1:B4:AA:BE:E3:11:9B:A1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CMfAaSy0aVe4WsYvwbSqvuMRm6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.50.0/24
84.32.71.0/24
84.32.88.0/24
84.32.108.0/24
84.32.150.0/23
84.32.220.0/24
84.32.232.0/24
84.32.239.0/24
84.32.245.0/24
88.216.3.0/24
88.216.46.0/24
88.216.92.0/24
88.216.199.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:a4:cd:93:94:c5:ee:ca:0e:05:cc:b0:4b:6c:eb:1b:51:8b:
b2:57:7e:4c:7b:c6:f2:6c:42:fc:f0:50:f2:22:66:0e:ca:d4:
c3:87:20:70:16:12:b5:06:8e:b5:90:23:04:33:4b:43:c5:4f:
50:5d:79:96:32:76:bd:2f:95:57:49:f0:2f:45:b4:b9:d3:fb:
5a:46:e8:ae:84:5e:b6:8f:28:57:e2:3e:e2:1c:a7:e4:6f:a5:
a9:75:03:83:88:ce:64:7c:86:28:1f:69:48:df:f7:e4:e1:cf:
5e:ac:1e:a2:b3:c0:22:af:09:6f:9c:ce:be:57:bc:6b:d6:b2:
76:2f:57:85:12:f5:b2:ca:72:14:b5:1d:21:9c:d5:90:52:ef:
ab:9c:56:45:54:35:1e:28:d1:ff:3e:d1:ed:66:63:88:18:e9:
47:2c:da:54:32:11:71:46:ce:4b:f7:4f:8b:98:37:0f:50:61:
95:de:b3:49:b0:dd:ad:74:7f:5b:33:6c:cd:ce:56:cf:e0:cd:
14:3c:91:96:63:21:7e:44:79:d9:cd:f6:ba:55:5f:f6:fe:36:
50:28:15:60:ad:9b:88:c4:65:07:f9:89:39:b4:4c:86:4b:c1:
44:81:4a:7d:ce:71:28:9d:db:9f:cf:da:34:b3:91:23:8c:03:
d6:18:e8:77
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYZy58anZpPi8PuOexNmmdKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIxMDczNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGM3YzA2OTJjYjQ2OTU3Yjg1YWM2MmZjMWI0YWFiZWUzMTE5YmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEcaC6rQPWWUZT9o6dngBC5YSH35
kUxw6t45bT70Vge68gmT16FRAloD68Nm33ZUjyRYjIu6P4HRlI0sykx43oZCRyRi
nAiW6UiUQYBp9Ub64PLBXwS7/Ibz/U/hSQoQgYemb3ldyf071G+qi9SV1em6iAfz
HDEOFMpzJkDFcGDAJ5lc1NkWpsnMTg5sW4J/5FNll8ctaOBmCq0Dv0PB3hlCwBhF
wu1wkG2Ay750B0Q8o+SlExunWyKVWGgsMur98Y3T2D582/jVB+knMnpzQ5QqhTgG
mY6N8oMP7MS1Pok9NsNoEu0Ih3ZtaHVfymQIo7EM8/y4Rdo2t5/aNXSNXwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFAjHwGkstGlXuFrGL8G0qr7jEZuhMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQ01mQWFTeTBhVmU0V3NZdndiU3F2dU1SbTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAVCAIAwQA
VCAKAwQAVCAyAwQAVCBHAwQAVCBYAwQAVCBsAwQBVCCWAwQAVCDcAwQAVCDoAwQA
VCDvAwQAVCD1AwQAWNgDAwQAWNguAwQAWNhcAwQAWNjHMA0GCSqGSIb3DQEBCwUA
A4IBAQBKpM2TlMXuyg4FzLBLbOsbUYuyV35Me8bybEL88FDyImYOytTDhyBwFhK1
Bo61kCMEM0tDxU9QXXmWMna9L5VXSfAvRbS50/taRuiuhF62jyhX4j7iHKfkb6Wp
dQODiM5kfIYoH2lI3/fk4c9erB6is8AirwlvnM6+V7xr1rJ2L1eFEvWyynIUtR0h
nNWQUu+rnFZFVDUeKNH/PtHtZmOIGOlHLNpUMhFxRs5L90+LmDcPUGGV3rNJsN2t
dH9bM2zNzlbP4M0UPJGWYyF+RHnZzfa6VV/2/jZQKBVgrZuIxGUH+Yk5tEyGS8FE
gUp9znEondufz9o0s5EjjAPWGOh3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org