Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CSok3u1twBEA7HwF_Jy3qP82FQQ.roa
File: CSok3u1twBEA7HwF_Jy3qP82FQQ.roa (raw, json)
Hash identifier: KGYTn+mcrBMTnEO4Ph6R2fCM0bo+Uy7IaUQEljRLNps=
Subject key identifier: 09:2A:24:DE:ED:6D:C0:11:00:EC:7C:05:FC:9C:B7:A8:FF:36:15:04
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018F623A4429A58214BB9EC256A9C45FF4FC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CSok3u1twBEA7HwF_Jy3qP82FQQ.roa
Signing time: Fri 10 May 2024 11:18:56 +0000
ROA not before: Fri 10 May 2024 11:18:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 May 2024 08:53:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:62:3a:44:29:a5:82:14:bb:9e:c2:56:a9:c4:5f:f4:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 10 11:18:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=092a24deed6dc01100ec7c05fc9cb7a8ff361504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:00:0f:52:3f:e5:48:e7:6e:9d:8b:6d:a7:17:
ee:f3:0b:ae:25:2f:9e:98:60:bf:ea:b4:e2:d1:61:
80:f9:1d:53:05:12:85:7a:e8:73:a4:eb:db:44:dd:
ef:a4:6d:89:29:01:59:d3:c6:cf:e6:d5:5f:af:b2:
36:d7:66:2d:a1:3e:a7:5b:39:c8:6c:ff:73:e3:46:
e1:92:8c:0c:9f:eb:56:cb:3f:0e:ed:78:07:df:7c:
32:3f:36:2e:83:17:21:d0:f7:80:1f:69:a3:3d:36:
36:a9:7f:5d:94:b1:3a:9f:5e:35:77:38:60:dd:61:
8a:db:d3:1b:c3:e2:8d:b9:3f:3c:86:68:2b:f5:80:
1e:47:56:66:66:91:2e:0d:c1:7b:87:aa:47:4e:16:
d1:14:67:ad:6c:c1:a3:a6:8a:53:71:f8:0d:ef:0b:
20:91:42:fa:a8:9d:d0:8b:65:a5:aa:78:ee:03:8f:
36:78:71:04:48:3f:20:1b:fc:0f:69:9e:d8:82:d1:
87:be:2e:b0:7c:c7:07:9e:ad:e6:cf:c4:84:48:82:
42:3a:e4:7f:ff:df:b5:84:06:ce:2f:a2:2a:a3:3d:
11:ec:df:f4:f8:e7:1b:50:ee:3c:e0:6f:ab:b8:95:
59:e0:d5:7b:f5:c3:6b:71:93:87:48:23:0c:6d:0d:
59:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:2A:24:DE:ED:6D:C0:11:00:EC:7C:05:FC:9C:B7:A8:FF:36:15:04
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CSok3u1twBEA7HwF_Jy3qP82FQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.39.0/24
88.216.44.0/23
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.188.0/22
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
80:81:33:57:58:eb:57:ef:da:af:27:cf:a7:dd:b3:43:b1:07:
5d:b1:c1:f0:bd:94:42:22:af:18:09:69:e3:56:6f:35:01:a7:
a7:28:4e:00:13:5b:53:56:3e:f4:be:96:3b:1b:99:1e:b5:ff:
89:a6:01:17:54:6c:28:ad:12:7b:cb:46:dc:05:84:ee:ea:78:
4c:1b:53:16:ae:90:3d:1e:8e:ee:28:a5:e9:d6:95:54:28:a7:
01:54:04:d1:14:06:4d:35:fe:90:18:f5:31:bc:54:1d:4a:27:
b2:b7:3e:48:e9:cc:f1:aa:52:05:a6:a3:24:72:21:0f:bd:83:
d7:0c:d4:db:1c:22:84:63:2c:66:76:25:2e:a7:db:ed:9d:a3:
7c:67:e5:53:28:c1:01:c3:98:21:17:1c:58:13:80:c6:ef:f4:
1c:ba:b8:36:24:d9:71:9c:da:2a:d3:76:03:aa:b1:ee:e5:e7:
c5:7f:8c:f5:e2:6d:1d:a2:0a:a8:51:1d:9f:f0:e4:9b:a6:61:
0f:c7:ee:51:85:d5:d2:5c:3c:d5:ff:c4:cb:04:3c:de:40:a7:
4d:b2:0c:ae:df:e2:13:0d:65:a8:af:71:ed:7e:63:a2:42:a4:
5b:8e:42:33:3a:24:84:d1:22:01:87:cf:1a:ef:bf:b9:c3:78:
78:9f:67:9c
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAY9iOkQppYIUu57CVqnEX/T8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNTEwMTExODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTJhMjRkZWVkNmRjMDExMDBlYzdjMDVmYzljYjdhOGZmMzYxNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gAPUj/lSOdunYttpxfu8wuuJS+e
mGC/6rTi0WGA+R1TBRKFeuhzpOvbRN3vpG2JKQFZ08bP5tVfr7I212YtoT6nWznI
bP9z40bhkowMn+tWyz8O7XgH33wyPzYugxch0PeAH2mjPTY2qX9dlLE6n141dzhg
3WGK29Mbw+KNuT88hmgr9YAeR1ZmZpEuDcF7h6pHThbRFGetbMGjpopTcfgN7wsg
kUL6qJ3Qi2WlqnjuA482eHEESD8gG/wPaZ7YgtGHvi6wfMcHnq3mz8SESIJCOuR/
/9+1hAbOL6Iqoz0R7N/0+OcbUO484G+ruJVZ4NV79cNrcZOHSCMMbQ1ZrwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFAkqJN7tbcARAOx8Bfyct6j/NhUEMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQ1NvazN1MXR3QkVBN0h3Rl9KeTNxUDgyRlFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4MAwDBABU
IAcDBABUIAgwDAMEAlQgFAMEAlQgGAMEAVQgLgMEAFQgXwMEAlQglAMEAVQgrgME
AVQg1gMEAlQg9AMEAVjYFgMEAFjYJwMEAVjYLAMEAFjYXTAMAwQBWNiCAwQAWNiE
AwQBWNiGAwQCWNi8AwQCWNjUMA0GCSqGSIb3DQEBCwUAA4IBAQCAgTNXWOtX79qv
J8+n3bNDsQddscHwvZRCIq8YCWnjVm81AaenKE4AE1tTVj70vpY7G5ketf+JpgEX
VGworRJ7y0bcBYTu6nhMG1MWrpA9Ho7uKKXp1pVUKKcBVATRFAZNNf6QGPUxvFQd
Sieytz5I6czxqlIFpqMkciEPvYPXDNTbHCKEYyxmdiUup9vtnaN8Z+VTKMEBw5gh
FxxYE4DG7/Qcurg2JNlxnNoq03YDqrHu5efFf4z14m0dogqoUR2f8OSbpmEPx+5R
hdXSXDzV/8TLBDzeQKdNsgyu3+ITDWWor3HtfmOiQqRbjkIzOiSE0SIBh88a77+5
w3h4n2ec
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org