Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/D2fFClomHtSSff8rcgyl4p-CLVk.roa
File: D2fFClomHtSSff8rcgyl4p-CLVk.roa (raw, json)
Hash identifier: olonG0TqPXzwSzUh9jhc0XKOzm+5t3XKdXTiivowSlY=
Subject key identifier: 0F:67:C5:0A:5A:26:1E:D4:92:7D:FF:2B:72:0C:A5:E2:9F:82:2D:59
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185C3B4C55604FEDCCBE71DB8737629FE2A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/D2fFClomHtSSff8rcgyl4p-CLVk.roa
Signing time: Wed 18 Jan 2023 07:08:02 +0000
ROA not before: Wed 18 Jan 2023 07:08:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
84.32.6.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.214.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.36.0/24 maxlen: 24
88.216.252.0/22 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Jan 2023 06:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c3:b4:c5:56:04:fe:dc:cb:e7:1d:b8:73:76:29:fe:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 18 07:08:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f67c50a5a261ed4927dff2b720ca5e29f822d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ec:ac:9b:12:54:31:05:f3:4b:1e:2d:fe:f5:
46:2b:8a:2d:cd:9f:98:79:95:c2:51:d9:31:a5:8f:
ba:05:58:34:7c:df:38:36:23:5f:5f:b0:3b:72:01:
da:9b:fa:8a:a0:27:90:7f:42:af:17:22:f4:e1:39:
99:ed:14:71:02:67:13:27:eb:5a:1d:a9:90:36:1e:
85:3d:f6:75:16:4f:b6:0d:e0:69:e0:f6:9e:fe:e9:
41:d7:15:b7:a9:93:93:57:81:11:cc:cc:85:10:03:
f6:e0:5e:5d:40:92:d7:96:58:67:a8:31:07:9b:6b:
99:f3:11:e8:04:f2:59:2b:62:0f:3b:d5:fe:fc:56:
ef:9d:41:a5:a7:d0:68:e5:07:49:e1:ce:42:69:50:
3c:3f:da:0e:74:df:23:7e:d9:bc:ce:6d:9a:c9:81:
75:12:ed:a1:5d:14:9f:ca:41:2b:a0:2a:49:49:fb:
66:3b:7a:87:c6:be:f1:1d:99:3c:7d:2c:5f:e2:0e:
fe:46:9d:89:f6:29:c8:a9:4a:39:1b:04:2a:09:f1:
b4:1f:a5:9a:ff:90:7f:82:a4:b4:9c:8f:2b:a8:26:
97:ad:3f:81:0c:c4:14:2e:fe:93:59:bb:29:a0:c0:
fd:15:5e:ba:11:bf:da:99:ea:9d:3b:af:93:76:0a:
b3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:67:C5:0A:5A:26:1E:D4:92:7D:FF:2B:72:0C:A5:E2:9F:82:2D:59
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/D2fFClomHtSSff8rcgyl4p-CLVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.42.0/24
84.32.52.0/22
84.32.240.0/24
84.32.243.0/24
88.216.17.0/24
88.216.36.0/24
88.216.40.0/24
88.216.43.0/24
88.216.98.0/24
88.216.214.0/24
88.216.228.0/22
88.216.240.0/21
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:1b:82:50:b6:66:4b:89:3e:17:7d:99:cc:28:a6:b6:c6:64:
00:76:2f:72:53:a7:51:06:c7:6f:fc:da:d0:55:cf:5a:89:b9:
3c:5e:5f:7e:ac:16:6e:3a:43:bd:14:0d:40:ae:a7:98:97:c3:
ca:d5:66:c0:5e:4b:65:76:05:c4:a6:75:e7:be:7d:6a:3e:4e:
a9:79:2e:4c:93:f8:f3:c7:df:f6:fb:5b:63:4f:e9:66:d8:19:
91:2b:cc:3a:ce:de:c7:b3:12:92:1c:96:db:56:5d:d3:0a:8b:
df:f7:02:d5:6f:3d:d8:da:1a:f4:15:ba:ee:55:41:31:96:1b:
40:6d:2d:16:2a:a5:c5:3c:b0:52:0d:0b:f3:0d:bc:d2:17:f2:
4c:bf:f8:8f:b0:18:fc:3f:c1:32:41:8f:ba:67:41:e2:de:66:
01:c4:0a:fa:95:6d:33:13:2b:e1:d6:28:a0:cc:fc:fc:2f:88:
aa:e6:66:26:a1:3f:e8:6f:f8:45:4c:40:81:b5:c5:28:52:0b:
18:ee:2c:26:5f:b3:e6:cc:eb:ee:49:e3:5b:22:ac:7e:fc:b1:
f9:f0:12:f4:f8:bd:8a:64:8d:2d:a4:12:80:d2:88:39:1c:8a:
67:95:e5:ff:29:a2:20:1b:b1:dd:d9:e7:b8:31:23:db:8e:c9:
da:fc:36:31
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYXDtMVWBP7cy+cduHN2Kf4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTE4MDcwODAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjY3YzUwYTVhMjYxZWQ0OTI3ZGZmMmI3MjBjYTVlMjlmODIyZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOysmxJUMQXzSx4t/vVGK4otzZ+Y
eZXCUdkxpY+6BVg0fN84NiNfX7A7cgHam/qKoCeQf0KvFyL04TmZ7RRxAmcTJ+ta
HamQNh6FPfZ1Fk+2DeBp4Pae/ulB1xW3qZOTV4ERzMyFEAP24F5dQJLXllhnqDEH
m2uZ8xHoBPJZK2IPO9X+/FbvnUGlp9Bo5QdJ4c5CaVA8P9oOdN8jftm8zm2ayYF1
Eu2hXRSfykEroCpJSftmO3qHxr7xHZk8fSxf4g7+Rp2J9inIqUo5GwQqCfG0H6Wa
/5B/gqS0nI8rqCaXrT+BDMQULv6TWbspoMD9FV66Eb/ameqdO6+TdgqzEQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFA9nxQpaJh7Ukn3/K3IMpeKfgi1ZMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRDJmRkNsb21IdFNTZmY4cmNneWw0cC1DTFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAVCAGAwQA
VCAqAwQCVCA0AwQAVCDwAwQAVCDzAwQAWNgRAwQAWNgkAwQAWNgoAwQAWNgrAwQA
WNhiAwQAWNjWAwQCWNjkAwQDWNjwAwQCWNj8MA0GCSqGSIb3DQEBCwUAA4IBAQCd
G4JQtmZLiT4XfZnMKKa2xmQAdi9yU6dRBsdv/NrQVc9aibk8Xl9+rBZuOkO9FA1A
rqeYl8PK1WbAXktldgXEpnXnvn1qPk6peS5Mk/jzx9/2+1tjT+lm2BmRK8w6zt7H
sxKSHJbbVl3TCovf9wLVbz3Y2hr0FbruVUExlhtAbS0WKqXFPLBSDQvzDbzSF/JM
v/iPsBj8P8EyQY+6Z0Hi3mYBxAr6lW0zEyvh1iigzPz8L4iq5mYmoT/ob/hFTECB
tcUoUgsY7iwmX7PmzOvuSeNbIqx+/LH58BL0+L2KZI0tpBKA0og5HIpnleX/KaIg
G7Hd2ee4MSPbjsna/DYx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org