Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/DJZXbDAOWUG2LrFOBTOxaQBB0S4.roa
File: DJZXbDAOWUG2LrFOBTOxaQBB0S4.roa (raw, json)
Hash identifier: tuLhAU7KP68Qo74MEQgYbLZr/z6mYDie9PntWsHtw7U=
Subject key identifier: 0C:96:57:6C:30:0E:59:41:B6:2E:B1:4E:05:33:B1:69:00:41:D1:2E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01857C772ADC51CBFC42A73A2CC00952A511
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/DJZXbDAOWUG2LrFOBTOxaQBB0S4.roa
Signing time: Wed 04 Jan 2023 11:07:42 +0000
ROA not before: Wed 04 Jan 2023 11:07:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.214.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.36.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Jan 2023 21:10:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:77:2a:dc:51:cb:fc:42:a7:3a:2c:c0:09:52:a5:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 4 11:07:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c96576c300e5941b62eb14e0533b1690041d12e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e8:97:47:69:5c:93:e0:3b:2c:d9:7c:b9:ee:
29:8f:05:a1:c6:f0:be:8d:9f:19:67:bb:f2:48:a2:
65:23:0d:2a:88:15:fb:68:f6:6a:2e:22:ae:a8:e1:
f3:4f:d7:f8:65:1d:6b:ff:ee:71:20:85:b1:90:3a:
c9:0c:c2:81:12:7b:a7:5a:db:b0:53:4d:b9:8b:6b:
6d:cd:30:dc:17:bc:02:ac:b1:9c:19:47:7a:84:de:
06:54:75:9e:0f:38:13:6f:a7:3c:36:24:89:17:5e:
fd:f3:33:28:c4:96:8f:3c:9d:ac:a1:f3:fe:04:83:
f1:e3:56:e1:4f:0e:1a:20:6e:57:bd:99:fc:49:d4:
a8:a2:44:54:3b:b0:56:a8:28:c4:87:e2:e9:df:68:
26:9e:d3:51:4f:83:d5:a4:98:17:bc:d6:c5:0b:8f:
cf:fc:87:39:34:7d:07:a2:1c:40:59:cb:4c:3c:55:
d0:c8:f3:c1:5e:55:ac:1e:fa:29:03:ad:13:f6:7a:
46:a6:1a:22:38:83:43:75:14:2d:a0:58:6c:5e:a4:
96:f8:bd:9e:38:83:d9:de:55:8b:94:0c:68:54:95:
b8:99:f1:8e:f5:22:51:08:19:58:4e:2b:fe:7d:44:
bb:54:1f:d4:79:6e:22:52:c2:9c:33:cc:a6:fc:c4:
ef:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:96:57:6C:30:0E:59:41:B6:2E:B1:4E:05:33:B1:69:00:41:D1:2E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/DJZXbDAOWUG2LrFOBTOxaQBB0S4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.42.0/24
84.32.76.0/23
84.32.240.0/24
84.32.243.0/24
88.216.17.0/24
88.216.36.0/24
88.216.40.0/24
88.216.43.0/24
88.216.98.0/24
88.216.132.0/23
88.216.190.0/24
88.216.214.0/24
88.216.228.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
53:fa:cb:cd:e8:80:41:cd:95:84:3e:d5:5e:c3:8f:75:d9:f9:
fe:03:2f:4b:46:48:6c:d3:0f:da:c8:a4:a2:fa:f8:35:eb:e1:
e7:26:80:54:69:6f:7b:f1:aa:25:ce:cf:83:1b:9f:3e:50:cf:
4e:71:b3:22:96:a8:46:d9:bb:af:ef:12:04:63:4b:fe:2f:b4:
2f:ef:ec:2d:29:d9:3c:67:4f:ac:1d:b7:b7:90:dc:23:5f:1d:
73:47:25:e1:3d:f4:b0:38:49:1c:7f:9c:1f:b7:cd:75:08:49:
56:dc:22:22:cb:37:56:2d:d3:fb:42:83:18:f6:21:3c:58:8b:
da:63:42:9c:7f:e1:62:be:e7:60:69:c8:ed:ba:e8:32:45:6c:
9c:f6:a1:de:0a:d4:e4:cb:52:d4:43:89:fa:29:2f:f4:9c:6a:
fd:f6:01:4d:9a:6c:3f:95:9c:2b:e2:79:0b:af:38:db:a5:cd:
f7:59:6f:88:e3:50:d1:4d:2a:84:a6:f4:61:bc:e2:de:a1:90:
17:ba:d7:31:4b:48:f9:2f:f8:ef:d8:e5:59:a0:88:87:31:71:
4a:43:af:7b:b1:c8:49:9e:4d:04:d0:9c:1e:3a:2d:35:a1:78:
a4:7a:50:b9:88:5d:a5:55:45:83:f6:e9:0e:c2:76:b4:0d:b0:
e1:20:5a:23
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYV8dyrcUcv8Qqc6LMAJUqURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTA0MTEwNzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzk2NTc2YzMwMGU1OTQxYjYyZWIxNGUwNTMzYjE2OTAwNDFkMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOiXR2lck+A7LNl8ue4pjwWhxvC+
jZ8ZZ7vySKJlIw0qiBX7aPZqLiKuqOHzT9f4ZR1r/+5xIIWxkDrJDMKBEnunWtuw
U025i2ttzTDcF7wCrLGcGUd6hN4GVHWeDzgTb6c8NiSJF1798zMoxJaPPJ2sofP+
BIPx41bhTw4aIG5XvZn8SdSookRUO7BWqCjEh+Lp32gmntNRT4PVpJgXvNbFC4/P
/Ic5NH0HohxAWctMPFXQyPPBXlWsHvopA60T9npGphoiOINDdRQtoFhsXqSW+L2e
OIPZ3lWLlAxoVJW4mfGO9SJRCBlYTiv+fUS7VB/UeW4iUsKcM8ym/MTv7QIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFAyWV2wwDllBti6xTgUzsWkAQdEuMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvREpaWGJEQU9XVUcyTHJGT0JUT3hhUUJCMFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAVCAGAwQA
VCAqAwQBVCBMAwQAVCDwAwQAVCDzAwQAWNgRAwQAWNgkAwQAWNgoAwQAWNgrAwQA
WNhiAwQBWNiEAwQAWNi+AwQAWNjWMAwDBAJY2OQDBANY2PAwDQYJKoZIhvcNAQEL
BQADggEBAFP6y83ogEHNlYQ+1V7Dj3XZ+f4DL0tGSGzTD9rIpKL6+DXr4ecmgFRp
b3vxqiXOz4Mbnz5Qz05xsyKWqEbZu6/vEgRjS/4vtC/v7C0p2TxnT6wdt7eQ3CNf
HXNHJeE99LA4SRx/nB+3zXUISVbcIiLLN1Yt0/tCgxj2ITxYi9pjQpx/4WK+52Bp
yO266DJFbJz2od4K1OTLUtRDifopL/Scav32AU2abD+VnCvieQuvONulzfdZb4jj
UNFNKoSm9GG84t6hkBe61zFLSPkv+O/Y5VmgiIcxcUpDr3uxyEmeTQTQnB46LTWh
eKR6ULmIXaVVRYP26Q7CdrQNsOEgWiM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org