Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FCAqhi91oWb2ug_Js6zvSHQae4s.roa
File: FCAqhi91oWb2ug_Js6zvSHQae4s.roa (raw, json)
Hash identifier: J0qTCSB7HYWR2pEECgSP+JnLN4lnPP12WWH5St0gMHw=
Subject key identifier: 14:20:2A:86:2F:75:A1:66:F6:BA:0F:C9:B3:AC:EF:48:74:1A:7B:8B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018A4AC4798E7FF4CE0CDE3942E7875A4609
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FCAqhi91oWb2ug_Js6zvSHQae4s.roa
Signing time: Thu 31 Aug 2023 08:45:04 +0000
ROA not before: Thu 31 Aug 2023 08:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.63.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
84.32.217.0/24 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.32.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:c4:79:8e:7f:f4:ce:0c:de:39:42:e7:87:5a:46:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 31 08:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14202a862f75a166f6ba0fc9b3acef48741a7b8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:94:64:75:77:39:0c:2c:11:90:9f:2d:8f:3d:
d1:2f:f5:e2:a8:6c:74:24:85:85:94:48:1e:d5:86:
8b:28:80:6a:aa:07:58:e5:fb:a7:5c:3f:cc:86:2b:
a2:77:a6:81:c3:e2:e7:2d:ad:54:53:b7:88:c1:5d:
f5:4a:78:d9:11:86:19:c0:5b:d9:3f:e4:64:56:ed:
2e:f7:85:76:d9:81:4b:84:5c:8c:f2:db:21:32:a6:
23:45:b6:eb:f3:f7:12:67:1d:32:1d:7e:e9:c0:2b:
d3:16:9e:34:5d:4e:f5:54:a0:ef:e2:cb:1e:7f:d4:
47:a4:5f:a1:18:bc:fc:2a:2e:61:78:a3:ef:2a:06:
90:f0:f0:0b:53:c4:98:24:36:e7:5e:b4:02:1b:0b:
32:b7:9d:60:11:17:49:18:43:45:d4:30:16:f8:84:
b9:b9:25:a8:de:ce:e8:96:13:d2:5c:65:29:c0:4c:
4b:3b:11:57:f3:25:4c:70:4d:6f:8c:49:18:41:ea:
93:c7:45:b3:14:bf:0e:db:3a:aa:92:24:5d:6b:b5:
a1:58:40:82:fc:db:d0:db:48:b0:f4:fd:75:4d:2f:
e6:a8:3a:62:f0:3c:44:84:bb:aa:93:2b:f5:c9:52:
af:53:2f:47:a9:0f:6e:33:a2:e0:f1:1f:a4:ae:7f:
c1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:20:2A:86:2F:75:A1:66:F6:BA:0F:C9:B3:AC:EF:48:74:1A:7B:8B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FCAqhi91oWb2ug_Js6zvSHQae4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.15.0/24
84.32.24.0/24
84.32.32.0/24
84.32.63.0/24
84.32.149.0/24
84.32.151.0-84.32.152.255
84.32.154.0/24
84.32.156.0/24
84.32.217.0-84.32.218.255
84.32.244.0/24
88.216.34.0/24
88.216.41.0/24
88.216.186.0/24
Signature Algorithm: sha256WithRSAEncryption
85:76:78:65:89:31:0e:e6:77:49:a9:90:f0:b1:c6:b4:44:5f:
46:ad:34:fe:cf:3e:ab:6a:a6:63:f1:7e:46:9d:2d:82:20:f1:
2e:cf:85:60:96:a6:92:75:c0:64:25:c8:d8:45:02:0d:f4:b6:
ce:65:fa:ea:50:a8:6d:8a:63:e2:43:fe:e5:6f:62:6c:42:8c:
c8:ce:4c:3b:60:46:98:74:8e:38:e7:00:4d:70:3a:9a:19:1e:
c8:a2:5a:85:d7:a0:e4:80:62:5a:6f:e6:4b:fe:64:9b:df:57:
7c:dc:4f:f4:cb:5e:5d:8c:c4:eb:2f:42:46:a5:77:a7:ad:03:
f4:03:1d:59:02:6c:d0:11:79:65:27:f2:aa:a9:d2:30:6b:dc:
3d:4b:6c:44:61:ca:65:d4:27:9f:ab:86:ff:44:33:60:4d:85:
41:31:22:5b:94:33:c7:1c:91:f1:c7:2b:74:5f:0c:46:78:db:
71:30:4b:21:85:95:cb:86:28:6d:39:43:c0:46:17:49:6c:f2:
e6:8f:5d:7d:b1:41:77:17:b2:d8:93:6a:d6:b6:07:bd:95:db:
a0:33:b2:52:1d:c4:aa:2f:2c:80:a2:7a:66:4b:45:83:6b:d9:
f8:52:99:e3:e8:f0:61:73:fd:a8:68:7e:3b:90:86:27:93:7a:
da:db:d6:a2
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYpKxHmOf/TODN45QueHWkYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwODMxMDg0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDIwMmE4NjJmNzVhMTY2ZjZiYTBmYzliM2FjZWY0ODc0MWE3YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspRkdXc5DCwRkJ8tjz3RL/XiqGx0
JIWFlEge1YaLKIBqqgdY5funXD/Mhiuid6aBw+LnLa1UU7eIwV31SnjZEYYZwFvZ
P+RkVu0u94V22YFLhFyM8tshMqYjRbbr8/cSZx0yHX7pwCvTFp40XU71VKDv4sse
f9RHpF+hGLz8Ki5heKPvKgaQ8PALU8SYJDbnXrQCGwsyt51gERdJGENF1DAW+IS5
uSWo3s7olhPSXGUpwExLOxFX8yVMcE1vjEkYQeqTx0WzFL8O2zqqkiRda7WhWECC
/NvQ20iw9P11TS/mqDpi8DxEhLuqkyv1yVKvUy9HqQ9uM6Lg8R+krn/BkwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFBQgKoYvdaFm9roPybOs70h0GnuLMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRkNBcWhpOTFvV2IydWdfSnM2enZTSFFhZTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAVCAPAwQA
VCAYAwQAVCAgAwQAVCA/AwQAVCCVMAwDBABUIJcDBABUIJgDBABUIJoDBABUIJww
DAMEAFQg2QMEAFQg2gMEAFQg9AMEAFjYIgMEAFjYKQMEAFjYujANBgkqhkiG9w0B
AQsFAAOCAQEAhXZ4ZYkxDuZ3SamQ8LHGtERfRq00/s8+q2qmY/F+Rp0tgiDxLs+F
YJamknXAZCXI2EUCDfS2zmX66lCobYpj4kP+5W9ibEKMyM5MO2BGmHSOOOcATXA6
mhkeyKJahdeg5IBiWm/mS/5km99XfNxP9MteXYzE6y9CRqV3p60D9AMdWQJs0BF5
ZSfyqqnSMGvcPUtsRGHKZdQnn6uG/0QzYE2FQTEiW5QzxxyR8ccrdF8MRnjbcTBL
IYWVy4YobTlDwEYXSWzy5o9dfbFBdxey2JNq1rYHvZXboDOyUh3Eqi8sgKJ6ZktF
g2vZ+FKZ4+jwYXP9qGh+O5CGJ5N62tvWog==
-----END CERTIFICATE-----
Generated at Mon Sep 4 18:41:17 2023 by rpki-client on console-fra.rpki-client.org