Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CZx4_Mv9gOGs9CXpCkeCIkOClM0.roa
File: CZx4_Mv9gOGs9CXpCkeCIkOClM0.roa (raw, json)
Hash identifier: +7f4x7Eo6SsgPH50D/WsXJh+0Qcws2/6+W6ou/dCGnc=
Subject key identifier: 09:9C:78:FC:CB:FD:80:E1:AC:F4:25:E9:0A:47:82:22:43:82:94:CD
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018ACAFB8B953D5093DFAAE9E4ED479EFEA5
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CZx4_Mv9gOGs9CXpCkeCIkOClM0.roa
Signing time: Mon 25 Sep 2023 06:16:37 +0000
ROA not before: Mon 25 Sep 2023 06:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ca:fb:8b:95:3d:50:93:df:aa:e9:e4:ed:47:9e:fe:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 25 06:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=099c78fccbfd80e1acf425e90a478222438294cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:28:6b:6f:9e:75:d8:39:13:48:07:5b:04:31:
38:02:f8:af:25:5a:02:86:7b:e7:95:f5:5f:eb:03:
69:7c:5c:2f:55:19:e2:9e:d8:b7:a1:85:cd:de:41:
ae:f5:ca:29:b1:d6:07:50:5e:32:df:4e:aa:55:84:
bb:49:f1:44:0d:06:40:cc:66:03:ab:0f:d9:c5:fd:
c0:ba:d9:8b:71:32:99:9b:41:19:5f:7c:9e:8a:45:
f7:bb:dc:4a:1c:3d:70:32:c7:a5:39:76:35:f4:7e:
bd:e2:70:11:eb:c6:8b:d9:02:3e:5b:f7:66:77:62:
42:7b:77:8d:f2:73:25:7b:7b:9d:40:fc:95:b0:67:
49:dd:e0:17:97:80:ef:2e:7b:31:bb:2b:ef:e0:ce:
b4:0f:ed:5e:e4:d1:09:d1:36:bb:24:5c:45:12:4c:
d9:3b:f1:f5:05:2a:4f:06:49:56:86:fe:20:4e:0e:
e6:02:57:f9:07:d3:e4:a6:2c:4e:a2:4f:15:a7:65:
6c:b2:be:8b:92:1a:33:b2:37:3b:0f:01:d4:60:c0:
00:58:46:1a:56:2c:ad:bb:9f:78:b0:67:7f:ad:16:
92:bc:2c:fe:9d:10:72:7b:fe:12:e7:b4:39:5c:e7:
c9:e4:9d:0e:bf:41:79:89:76:bd:bb:2e:8f:69:44:
d5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9C:78:FC:CB:FD:80:E1:AC:F4:25:E9:0A:47:82:22:43:82:94:CD
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CZx4_Mv9gOGs9CXpCkeCIkOClM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.52.0/22
88.216.20.0/23
88.216.98.0/24
88.216.103.0/24
88.216.185.0/24
88.216.212.0/23
88.216.215.0/24
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
57:6f:ab:00:b5:05:36:e1:94:06:3a:c8:6b:1b:82:5f:cd:ab:
f6:8f:9f:01:b0:49:50:ae:5d:19:fa:7d:a3:69:20:83:db:13:
80:ce:d4:d2:b5:b1:ec:c5:3c:1d:eb:25:22:83:03:ff:21:26:
d9:cc:a8:51:3d:32:49:4d:68:f0:2a:2f:3c:3e:3f:69:fa:a6:
e5:ed:76:66:4c:92:36:1b:95:95:bf:b9:df:12:b0:e4:11:2b:
24:1c:a7:12:95:17:f5:d7:6b:2c:38:8f:cb:42:77:c7:f8:ad:
b8:be:3a:b5:fa:49:6b:3e:34:cf:c6:11:96:42:8e:90:3f:a1:
86:c8:ff:3a:7c:2c:47:ac:19:a9:d0:a5:7e:17:30:40:df:ee:
62:2c:51:0d:5c:07:16:fb:24:65:89:d7:00:51:a2:70:d1:4e:
58:ac:05:04:e4:ef:c9:a3:18:67:6b:52:6d:b6:a4:27:24:75:
a6:74:7f:34:18:93:2d:92:44:ac:57:a4:ff:82:38:a2:1c:f2:
4b:ed:07:ec:e7:6a:83:e2:5a:77:e4:22:9b:4e:57:b9:46:1c:
8f:2f:e5:74:6b:6b:1e:cc:be:69:40:dd:7e:b2:9f:16:7e:56:
ec:ca:19:62:89:57:e5:f6:91:99:e5:d5:4d:bc:48:3c:3a:bf:
68:b3:b1:ec
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYrK+4uVPVCT36rp5O1Hnv6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwOTI1MDYxNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTljNzhmY2NiZmQ4MGUxYWNmNDI1ZTkwYTQ3ODIyMjQzODI5NGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yhrb5512DkTSAdbBDE4AvivJVoC
hnvnlfVf6wNpfFwvVRninti3oYXN3kGu9copsdYHUF4y306qVYS7SfFEDQZAzGYD
qw/Zxf3AutmLcTKZm0EZX3yeikX3u9xKHD1wMselOXY19H694nAR68aL2QI+W/dm
d2JCe3eN8nMle3udQPyVsGdJ3eAXl4DvLnsxuyvv4M60D+1e5NEJ0Ta7JFxFEkzZ
O/H1BSpPBklWhv4gTg7mAlf5B9PkpixOok8Vp2Vssr6Lkhozsjc7DwHUYMAAWEYa
Viytu594sGd/rRaSvCz+nRBye/4S57Q5XOfJ5J0Ov0F5iXa9uy6PaUTVkQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAmcePzL/YDhrPQl6QpHgiJDgpTNMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQ1p4NF9NdjlnT0dzOUNYcENrZUNJa09DbE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVCAGAwQC
VCA0AwQBWNgUAwQAWNhiAwQAWNhnAwQAWNi5AwQBWNjUAwQAWNjXAwQCWNj8MA0G
CSqGSIb3DQEBCwUAA4IBAQBXb6sAtQU24ZQGOshrG4Jfzav2j58BsElQrl0Z+n2j
aSCD2xOAztTStbHsxTwd6yUigwP/ISbZzKhRPTJJTWjwKi88Pj9p+qbl7XZmTJI2
G5WVv7nfErDkESskHKcSlRf112ssOI/LQnfH+K24vjq1+klrPjTPxhGWQo6QP6GG
yP86fCxHrBmp0KV+FzBA3+5iLFENXAcW+yRlidcAUaJw0U5YrAUE5O/Joxhna1Jt
tqQnJHWmdH80GJMtkkSsV6T/gjiiHPJL7Qfs52qD4lp35CKbTle5RhyPL+V0a2se
zL5pQN1+sp8WflbsyhliiVfl9pGZ5dVNvEg8Or9os7Hs
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:49 2024 by rpki-client on console-fra.rpki-client.org