Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FYfaJJoZqPrNO6LTEXAmb7eqVDw.roa
File: FYfaJJoZqPrNO6LTEXAmb7eqVDw.roa (raw, json)
Hash identifier: Yix2D0iuC0VAnlMaQeeuMGGCKH/9/V5dapuMgLVOX5E=
Subject key identifier: 15:87:DA:24:9A:19:A8:FA:CD:3B:A2:D3:11:70:26:6F:B7:AA:54:3C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018BD38395585691D40A75EFEDB180D38EE3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FYfaJJoZqPrNO6LTEXAmb7eqVDw.roa
Signing time: Wed 15 Nov 2023 15:04:57 +0000
ROA not before: Wed 15 Nov 2023 15:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.63.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
84.32.217.0/24 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.32.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.107.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:83:95:58:56:91:d4:0a:75:ef:ed:b1:80:d3:8e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 15 15:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1587da249a19a8facd3ba2d31170266fb7aa543c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7a:e8:f5:be:9a:3a:7b:67:6a:d7:c2:e6:84:
8c:01:e7:32:af:8f:7e:d6:db:8b:fd:7b:af:b4:89:
83:3d:64:2e:f5:45:b7:85:f7:f7:29:2c:e4:4e:ea:
b6:8e:b3:f2:d3:38:2c:a4:17:02:31:1c:fb:8d:8c:
9e:a5:db:bf:40:52:4d:46:2e:b9:6c:3a:c3:6e:87:
35:3c:cd:08:09:d0:72:76:82:0f:4c:21:61:e4:ca:
ce:98:16:25:c1:d6:0a:ab:76:37:f7:04:7e:c1:d2:
98:96:c0:92:8b:5f:fa:b0:7a:cc:fb:38:5a:c9:fc:
f4:37:a8:31:24:fe:89:65:a8:17:d2:1a:c2:b8:fb:
e5:2e:77:ce:1a:6c:4b:49:5a:35:13:45:f5:05:b5:
43:c2:cb:db:97:0c:07:48:79:9f:93:49:af:42:8c:
3d:41:4c:e5:e6:0b:21:ea:0b:f3:6d:f9:34:5e:bb:
80:3a:42:ac:08:9f:08:f0:c2:f9:0a:60:a7:8d:45:
a8:e8:3c:a0:51:ee:98:af:56:67:fd:67:7c:cd:01:
3c:e3:26:60:a2:9d:3b:82:6f:66:ee:2c:28:6b:0b:
0e:0a:f8:74:65:11:ea:a3:5f:92:7a:64:40:2e:b5:
a3:7d:e2:3c:b3:9c:dc:89:e9:10:60:b2:93:bc:8f:
2e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:87:DA:24:9A:19:A8:FA:CD:3B:A2:D3:11:70:26:6F:B7:AA:54:3C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FYfaJJoZqPrNO6LTEXAmb7eqVDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.15.0/24
84.32.24.0/24
84.32.32.0/24
84.32.39.0/24
84.32.63.0/24
84.32.107.0/24
84.32.149.0/24
84.32.151.0-84.32.152.255
84.32.154.0/24
84.32.156.0/24
84.32.177.0/24
84.32.217.0-84.32.218.255
84.32.244.0/24
88.216.34.0/24
88.216.41.0/24
88.216.186.0/24
Signature Algorithm: sha256WithRSAEncryption
27:f0:99:7e:87:8c:6b:ae:7d:72:d3:47:94:9d:10:69:10:41:
f6:df:f2:13:d4:5c:9e:03:d7:82:f8:40:c6:a2:e2:9a:f0:a7:
c7:eb:d8:49:0a:e5:61:a0:e5:50:2d:15:5c:68:1a:91:0a:7e:
b6:7e:25:84:c9:72:4f:fd:4e:e9:0b:e7:f2:58:69:e8:e5:f6:
ca:01:1b:c3:24:29:eb:28:98:e2:ed:56:d4:31:92:66:71:96:
ce:c4:17:57:51:65:a0:f0:6b:35:1a:2e:27:dd:8e:3f:58:4a:
2f:33:e2:9d:09:a7:3f:72:88:aa:ea:e6:72:fc:6a:31:d7:4f:
ba:9d:03:aa:b6:7f:f1:79:a2:62:1e:7d:83:30:f1:85:e3:b2:
3c:24:80:37:10:0b:a8:5f:dc:43:81:0b:f1:96:35:43:a2:99:
f1:f7:be:c9:d4:5b:95:5f:19:0e:f3:25:ca:94:7c:16:5c:1c:
96:4d:6a:cb:bc:13:29:00:11:0a:18:8c:ea:91:a7:74:2a:26:
f0:8d:8d:15:61:8a:3e:e7:c3:50:19:05:d4:ba:56:ce:34:d5:
e8:0a:45:e3:c4:be:af:59:8c:38:ca:5f:0b:f4:33:ac:35:fd:
eb:ed:dd:cc:c6:80:b4:0a:8e:ce:01:76:bb:c6:6f:a5:0c:7b:
2b:fd:e1:84
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYvTg5VYVpHUCnXv7bGA047jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMTE1MTUwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTg3ZGEyNDlhMTlhOGZhY2QzYmEyZDMxMTcwMjY2ZmI3YWE1NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3ro9b6aOntnatfC5oSMAecyr49+
1tuL/XuvtImDPWQu9UW3hff3KSzkTuq2jrPy0zgspBcCMRz7jYyepdu/QFJNRi65
bDrDboc1PM0ICdBydoIPTCFh5MrOmBYlwdYKq3Y39wR+wdKYlsCSi1/6sHrM+zha
yfz0N6gxJP6JZagX0hrCuPvlLnfOGmxLSVo1E0X1BbVDwsvblwwHSHmfk0mvQow9
QUzl5gsh6gvzbfk0XruAOkKsCJ8I8ML5CmCnjUWo6DygUe6Yr1Zn/Wd8zQE84yZg
op07gm9m7iwoawsOCvh0ZRHqo1+SemRALrWjfeI8s5zciekQYLKTvI8u4wIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFBWH2iSaGaj6zTui0xFwJm+3qlQ8MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRllmYUpKb1pxUHJOTzZMVEVYQW1iN2VxVkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAFQgDwME
AFQgGAMEAFQgIAMEAFQgJwMEAFQgPwMEAFQgawMEAFQglTAMAwQAVCCXAwQAVCCY
AwQAVCCaAwQAVCCcAwQAVCCxMAwDBABUINkDBABUINoDBABUIPQDBABY2CIDBABY
2CkDBABY2LowDQYJKoZIhvcNAQELBQADggEBACfwmX6HjGuufXLTR5SdEGkQQfbf
8hPUXJ4D14L4QMai4prwp8fr2EkK5WGg5VAtFVxoGpEKfrZ+JYTJck/9TukL5/JY
aejl9soBG8MkKesomOLtVtQxkmZxls7EF1dRZaDwazUaLifdjj9YSi8z4p0Jpz9y
iKrq5nL8ajHXT7qdA6q2f/F5omIefYMw8YXjsjwkgDcQC6hf3EOBC/GWNUOimfH3
vsnUW5VfGQ7zJcqUfBZcHJZNasu8EykAEQoYjOqRp3QqJvCNjRVhij7nw1AZBdS6
Vs401egKRePEvq9ZjDjKXwv0M6w1/evt3czGgLQKjs4BdrvGb6UMeyv94YQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:49 2024 by rpki-client on console-fra.rpki-client.org