Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FzBDNTTQ6KyBOTJdJB2v_utuf4M.roa
File: FzBDNTTQ6KyBOTJdJB2v_utuf4M.roa (raw, json)
Hash identifier: tJs7JnU4qO9RQWO5QYoxSiUGE/YmIVcVfKv9Ui5dEA4=
Subject key identifier: 17:30:43:35:34:D0:E8:AC:81:39:32:5D:24:1D:AF:FE:EB:6E:7F:83
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0194C80D5CE08BE5102DBED20A8EC8B6C71C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FzBDNTTQ6KyBOTJdJB2v_utuf4M.roa
Signing time: Sun 02 Feb 2025 19:05:06 +0000
ROA not before: Sun 02 Feb 2025 19:05:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.5.0/24 maxlen: 24
84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 09:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c8:0d:5c:e0:8b:e5:10:2d:be:d2:0a:8e:c8:b6:c7:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 2 19:05:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1730433534d0e8ac8139325d241daffeeb6e7f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:61:14:a6:d4:5f:e6:d5:e8:16:88:1c:d6:16:
fe:d9:a9:e5:99:e1:c7:62:f7:98:55:ee:10:e1:3a:
f9:39:df:f8:b2:85:92:31:28:29:da:a1:be:8c:21:
8a:23:c5:28:ac:9f:ad:86:0e:5b:83:a3:7c:7b:1d:
7d:79:8a:0c:25:41:bf:12:40:5a:60:96:75:82:22:
45:10:27:26:90:e2:d2:83:de:c1:c1:eb:6b:12:73:
f5:bb:66:79:b7:7b:6c:2a:27:35:5e:53:e0:0e:58:
1f:44:74:b5:fd:c3:bb:fd:1b:fa:ed:95:8b:01:f1:
3c:aa:6c:00:eb:ad:be:50:e4:0e:5c:3a:dd:76:1e:
44:09:40:b1:ad:17:6f:2f:fb:bf:fd:66:f8:fd:82:
d9:5b:05:a7:54:7a:3b:ab:ac:a3:c7:87:c2:7c:67:
47:36:c0:f2:2e:c4:f7:0c:fd:e0:81:bb:8b:9f:a0:
ed:4c:25:9d:e4:0d:19:6d:fd:b0:3b:15:b9:4c:43:
32:09:2b:98:c3:4a:bb:40:4a:d7:be:c5:14:57:db:
de:5c:96:9a:d8:05:80:bf:92:d4:ed:5c:90:f1:5b:
7b:90:17:29:ca:5e:02:50:39:c6:9b:e5:4b:14:23:
03:2e:5b:da:dc:ba:f1:63:9d:46:5e:5d:d1:99:95:
c6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:30:43:35:34:D0:E8:AC:81:39:32:5D:24:1D:AF:FE:EB:6E:7F:83
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FzBDNTTQ6KyBOTJdJB2v_utuf4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.5.0/24
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.64.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:44:d5:75:b4:c9:7f:2f:f0:74:0a:17:12:4e:90:c0:5c:c0:
e0:a5:d6:2a:f3:34:6c:61:1a:05:b4:98:7c:76:4e:e0:4a:00:
fd:4e:98:51:7e:04:b3:7d:89:8d:0d:fd:e2:f0:75:de:10:ac:
87:18:9d:88:d6:85:cd:4e:4b:21:43:7a:8d:1a:dd:7a:36:47:
b2:fa:56:3c:33:d7:07:5e:c5:31:31:cb:4b:f9:a2:cc:b3:a5:
e4:1a:67:c2:8b:aa:13:73:5e:86:39:1b:c9:5a:27:77:36:32:
93:0a:79:8c:f8:bf:a7:32:7a:2a:db:2b:78:58:fa:3e:e4:c4:
28:f6:57:66:1c:1d:84:d5:96:54:38:6c:14:3f:fe:0d:e6:fe:
86:bb:70:30:5f:a7:46:45:9d:02:38:9e:fc:d7:60:82:db:34:
50:82:ea:dc:60:a9:db:b5:99:b1:a4:cc:8d:89:49:21:83:6b:
49:be:6a:cc:ce:ab:69:02:2d:92:f0:7b:4d:7e:4b:38:47:ae:
64:b3:79:77:cf:b2:61:1b:28:ed:49:61:db:e0:99:b7:36:7b:
4d:b2:82:a1:04:f8:f3:9f:c2:c6:28:a0:b8:09:04:8f:5e:98:
9a:ef:ef:4c:4e:81:b0:e9:fd:a1:5d:35:0f:cb:0f:80:7c:39:
04:8b:2e:d2
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZTIDVzgi+UQLb7SCo7ItsccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMjAyMTkwNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzMwNDMzNTM0ZDBlOGFjODEzOTMyNWQyNDFkYWZmZWViNmU3ZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2EUptRf5tXoFogc1hb+2anlmeHH
YveYVe4Q4Tr5Od/4soWSMSgp2qG+jCGKI8UorJ+thg5bg6N8ex19eYoMJUG/EkBa
YJZ1giJFECcmkOLSg97BwetrEnP1u2Z5t3tsKic1XlPgDlgfRHS1/cO7/Rv67ZWL
AfE8qmwA662+UOQOXDrddh5ECUCxrRdvL/u//Wb4/YLZWwWnVHo7q6yjx4fCfGdH
NsDyLsT3DP3ggbuLn6DtTCWd5A0Zbf2wOxW5TEMyCSuYw0q7QErXvsUUV9veXJaa
2AWAv5LU7VyQ8Vt7kBcpyl4CUDnGm+VLFCMDLlva3LrxY51GXl3RmZXGpQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFBcwQzU00OisgTkyXSQdr/7rbn+DMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRnpCRE5UVFE2S3lCT1RKZEpCMnZfdXR1ZjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAVCAFMAwD
BABUIAcDBABUIAgDBAJUIBQDBAFUIC4DBABUIEADBAJUIJQDBAFUIK4DBAFUINYD
BAJUIPQDBAFY2BYDBAFY2CwDBABY2F0DBAFY2IIDBAFY2IYwDQYJKoZIhvcNAQEL
BQADggEBAJ5E1XW0yX8v8HQKFxJOkMBcwOCl1irzNGxhGgW0mHx2TuBKAP1OmFF+
BLN9iY0N/eLwdd4QrIcYnYjWhc1OSyFDeo0a3Xo2R7L6Vjwz1wdexTExy0v5osyz
peQaZ8KLqhNzXoY5G8laJ3c2MpMKeYz4v6cyeirbK3hY+j7kxCj2V2YcHYTVllQ4
bBQ//g3m/oa7cDBfp0ZFnQI4nvzXYILbNFCC6txgqdu1mbGkzI2JSSGDa0m+aszO
q2kCLZLwe01+SzhHrmSzeXfPsmEbKO1JYdvgmbc2e02ygqEE+POfwsYooLgJBI9e
mJrv70xOgbDp/aFdNQ/LD4B8OQSLLtI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:53:48 2025 by rpki-client