Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GW2p8D65hvNfluzSqHd-TJvKZhQ.roa
File: GW2p8D65hvNfluzSqHd-TJvKZhQ.roa (raw, json)
Hash identifier: Sm0eMUXSqWZ4Mnm43S7ORk9n9sV7Ay3hOcIqXhNy4/s=
Subject key identifier: 19:6D:A9:F0:3E:B9:86:F3:5F:96:EC:D2:A8:77:7E:4C:9B:CA:66:14
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01862FDA6E929E357FA547B263A95FC3EC04
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GW2p8D65hvNfluzSqHd-TJvKZhQ.roa
Signing time: Wed 08 Feb 2023 07:08:09 +0000
ROA not before: Wed 08 Feb 2023 07:08:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.63.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Feb 2023 06:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2f:da:6e:92:9e:35:7f:a5:47:b2:63:a9:5f:c3:ec:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 8 07:08:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=196da9f03eb986f35f96ecd2a8777e4c9bca6614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:75:9b:b3:ca:ee:28:c5:ba:b9:a8:d4:fe:b2:
43:e4:f7:ce:be:fc:86:5f:f8:87:16:42:52:5c:42:
b3:24:32:c3:ba:f4:06:7a:62:7c:17:b3:cc:06:a4:
ac:d0:e5:47:3c:af:8e:8d:53:e0:3f:7a:ea:29:cc:
04:28:f1:d6:77:d6:2b:b8:3d:f3:d8:89:57:14:41:
42:aa:2a:99:c7:d3:3d:d0:7b:c0:cd:9f:15:07:d6:
c7:5f:7a:90:87:22:d7:1f:41:fd:82:24:04:e4:01:
c0:86:38:d0:5d:8c:1f:19:91:b5:a8:f5:60:8c:2e:
92:3e:74:42:90:35:47:5e:7a:6a:fe:66:c5:c1:23:
db:12:18:94:61:b8:e5:72:13:8b:99:4b:35:6e:ff:
51:1f:8b:7a:09:81:3f:3f:b9:34:f1:b4:1b:99:ce:
9d:fd:75:c5:3a:07:c1:f1:2c:cf:bd:b4:3a:b1:cb:
0c:9f:15:0b:1a:78:8a:47:1c:d6:6f:1e:53:d7:5d:
67:62:88:cf:1d:7c:2d:8b:64:c4:d1:49:45:ee:05:
ba:dd:8b:e7:b5:67:75:b3:4e:ed:15:62:c3:af:53:
8c:64:e2:cf:c2:63:16:c8:9e:e7:c6:88:8b:a0:ab:
ae:33:54:fc:c9:3e:12:b1:63:fc:92:15:38:b5:f9:
6e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:6D:A9:F0:3E:B9:86:F3:5F:96:EC:D2:A8:77:7E:4C:9B:CA:66:14
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GW2p8D65hvNfluzSqHd-TJvKZhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.63.0/24
84.32.95.0/24
88.216.2.0/24
88.216.34.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
69:8a:aa:ff:5c:ed:42:25:9f:86:cd:22:fa:9f:ec:aa:78:87:
8a:31:f9:c6:a6:23:f8:26:27:12:69:45:52:ba:9d:3d:a7:74:
29:0d:9a:99:a3:61:6b:16:e9:0d:52:ff:ac:c6:13:a8:0f:70:
56:da:d5:31:be:63:8e:59:29:6b:61:6d:69:f5:82:c0:fe:fa:
b4:a6:51:68:43:7e:bf:77:61:70:30:95:55:58:84:5a:e0:65:
2f:cd:95:8a:e9:7e:d0:71:be:6d:72:63:2e:26:6a:d1:75:7e:
8f:cf:95:08:78:a5:37:99:65:04:fb:7e:70:ef:ee:21:f3:c9:
f9:d9:d8:c7:23:ff:7b:a5:c0:54:8c:7b:e6:93:91:b0:e7:0b:
55:1b:13:4f:97:46:2a:b2:02:01:02:65:f3:d7:98:1d:fb:99:
43:6b:e4:95:c0:28:f5:b7:19:83:99:44:26:d1:a3:25:1c:77:
5b:34:30:b8:d1:5c:e2:bb:54:fe:31:fd:9a:79:14:1c:58:aa:
4c:31:32:ef:32:8c:0f:93:06:d0:98:f7:34:cc:1a:f2:03:8f:
15:68:31:3f:4c:3f:15:30:32:1f:78:be:28:05:06:51:ca:5e:
4c:40:7a:b3:47:f6:de:2a:e2:c8:07:e9:da:97:d5:71:90:27:
b2:0d:77:3f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYv2m6SnjV/pUeyY6lfw+wEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjA4MDcwODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTZkYTlmMDNlYjk4NmYzNWY5NmVjZDJhODc3N2U0YzliY2E2NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXWbs8ruKMW6uajU/rJD5PfOvvyG
X/iHFkJSXEKzJDLDuvQGemJ8F7PMBqSs0OVHPK+OjVPgP3rqKcwEKPHWd9YruD3z
2IlXFEFCqiqZx9M90HvAzZ8VB9bHX3qQhyLXH0H9giQE5AHAhjjQXYwfGZG1qPVg
jC6SPnRCkDVHXnpq/mbFwSPbEhiUYbjlchOLmUs1bv9RH4t6CYE/P7k08bQbmc6d
/XXFOgfB8SzPvbQ6scsMnxULGniKRxzWbx5T111nYojPHXwti2TE0UlF7gW63Yvn
tWd1s07tFWLDr1OMZOLPwmMWyJ7nxoiLoKuuM1T8yT4SsWP8khU4tflu6QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBltqfA+uYbzX5bs0qh3fkybymYUMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvR1cycDhENjVodk5mbHV6U3FIZC1USnZLWmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCA/AwQA
VCBfAwQAWNgCAwQAWNgiAwQAWNjFMA0GCSqGSIb3DQEBCwUAA4IBAQBpiqr/XO1C
JZ+GzSL6n+yqeIeKMfnGpiP4JicSaUVSup09p3QpDZqZo2FrFukNUv+sxhOoD3BW
2tUxvmOOWSlrYW1p9YLA/vq0plFoQ36/d2FwMJVVWIRa4GUvzZWK6X7Qcb5tcmMu
JmrRdX6Pz5UIeKU3mWUE+35w7+4h88n52djHI/97pcBUjHvmk5Gw5wtVGxNPl0Yq
sgIBAmXz15gd+5lDa+SVwCj1txmDmUQm0aMlHHdbNDC40Vziu1T+Mf2aeRQcWKpM
MTLvMowPkwbQmPc0zBryA48VaDE/TD8VMDIfeL4oBQZRyl5MQHqzR/beKuLIB+na
l9VxkCeyDXc/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org