Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GvU1ozGXt4LyUr7aIcUxGYiZVDs.roa
File: GvU1ozGXt4LyUr7aIcUxGYiZVDs.roa (raw, json)
Hash identifier: TjxXPd3Vu1JOTob3GweC0mClXWJ8i2pySKBDFfe+vWI=
Subject key identifier: 1A:F5:35:A3:31:97:B7:82:F2:52:BE:DA:21:C5:31:19:88:99:54:3B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018B9BB24FCC98AA65870FC5FF48303EEF1E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GvU1ozGXt4LyUr7aIcUxGYiZVDs.roa
Signing time: Sat 04 Nov 2023 18:57:16 +0000
ROA not before: Sat 04 Nov 2023 18:57:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 84.32.56.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9b:b2:4f:cc:98:aa:65:87:0f:c5:ff:48:30:3e:ef:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 4 18:57:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1af535a33197b782f252beda21c531198899543b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:5f:00:0f:30:63:11:9f:2e:d6:ad:ce:85:d7:
1f:81:04:c1:67:2b:4e:23:89:13:fe:83:e9:f4:eb:
0a:2d:62:14:5d:3f:d2:92:d1:2b:73:d6:95:17:72:
19:3f:dc:4d:ba:07:15:35:de:49:aa:03:c6:a5:93:
d1:8d:72:38:2d:00:f2:c8:fb:92:f4:aa:77:a9:cb:
4a:ee:4f:85:e5:db:8e:66:bb:3a:2e:a6:68:8c:de:
8a:e4:a8:ac:4e:6c:65:50:d2:81:cb:48:c1:c2:ff:
7b:c7:ee:e8:52:4e:e0:99:82:b8:ee:88:4b:f5:73:
3a:56:66:a3:1a:60:b2:e2:a4:e5:a9:6f:57:78:cf:
20:47:ab:ac:d2:be:d6:0f:a4:ea:fc:34:06:79:a1:
c1:16:c8:5e:9f:08:28:1d:25:55:d6:0b:77:2b:e3:
05:8f:f8:07:98:69:25:50:fd:64:b4:a1:0d:8d:d6:
89:f3:c4:c5:c5:50:5d:04:07:eb:39:dd:8b:45:ad:
00:04:77:45:93:49:dc:32:15:fb:1e:80:7b:8b:80:
03:47:0b:cb:98:69:8d:58:03:c9:3c:eb:f9:32:8b:
c3:1e:b0:3b:f7:29:78:96:e1:a2:c0:e9:2f:c6:18:
46:94:a3:64:63:21:9d:77:e2:cc:dc:22:4c:6d:44:
12:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F5:35:A3:31:97:B7:82:F2:52:BE:DA:21:C5:31:19:88:99:54:3B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GvU1ozGXt4LyUr7aIcUxGYiZVDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.56.0/24
88.216.20.0/23
88.216.103.0/24
88.216.181.0/24
88.216.185.0/24
88.216.212.0/23
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
72:72:1c:08:40:cc:ce:9f:8c:46:a7:95:0f:d3:eb:e1:15:dc:
fc:63:a5:d7:61:ff:09:86:e4:9c:80:2f:93:f8:18:9d:4c:a0:
b7:dd:a6:39:5d:db:38:11:15:4d:d0:ec:ed:8a:13:c3:c8:80:
39:34:da:16:ef:e2:91:de:68:8a:ed:fa:87:66:82:a8:35:61:
0a:f0:89:17:bc:b2:42:38:9d:b2:48:eb:92:6d:af:75:ec:d4:
91:8c:0a:86:4c:97:24:5b:dd:37:9e:62:4a:8d:34:2f:18:67:
29:fa:4d:94:36:90:9d:73:9e:c2:3f:b2:59:49:0f:a9:72:0e:
c2:a9:49:4e:69:e6:f5:5f:02:79:79:01:47:18:ad:89:11:7e:
b6:c4:54:79:41:15:02:05:ad:f1:3d:01:72:b4:72:a0:db:63:
26:7b:09:f4:94:08:84:18:a5:8d:18:37:fb:9f:5e:7d:97:f4:
ca:18:23:ab:5b:51:05:51:68:47:ad:10:59:93:7e:9a:49:05:
75:25:50:a4:4f:12:ab:8d:9a:ef:ca:ef:de:21:71:1e:0f:d4:
73:37:96:7e:91:e2:f5:74:32:83:1f:ad:46:16:1e:82:2d:f9:
02:d7:4c:39:d1:d4:d5:4b:20:de:d0:04:74:46:fc:d0:9d:16:
79:cb:3c:40
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYubsk/MmKplhw/F/0gwPu8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMTA0MTg1NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY1MzVhMzMxOTdiNzgyZjI1MmJlZGEyMWM1MzExOTg4OTk1NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8l8ADzBjEZ8u1q3OhdcfgQTBZytO
I4kT/oPp9OsKLWIUXT/SktErc9aVF3IZP9xNugcVNd5JqgPGpZPRjXI4LQDyyPuS
9Kp3qctK7k+F5duOZrs6LqZojN6K5KisTmxlUNKBy0jBwv97x+7oUk7gmYK47ohL
9XM6VmajGmCy4qTlqW9XeM8gR6us0r7WD6Tq/DQGeaHBFshenwgoHSVV1gt3K+MF
j/gHmGklUP1ktKENjdaJ88TFxVBdBAfrOd2LRa0ABHdFk0ncMhX7HoB7i4ADRwvL
mGmNWAPJPOv5MovDHrA79yl4luGiwOkvxhhGlKNkYyGdd+LM3CJMbUQSUwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBr1NaMxl7eC8lK+2iHFMRmImVQ7MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvR3ZVMW96R1h0NEx5VXI3YUljVXhHWWlaVkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVCA4AwQB
WNgUAwQAWNhnAwQAWNi1AwQAWNi5AwQBWNjUAwQAWNjXMA0GCSqGSIb3DQEBCwUA
A4IBAQBychwIQMzOn4xGp5UP0+vhFdz8Y6XXYf8JhuScgC+T+BidTKC33aY5Xds4
ERVN0OztihPDyIA5NNoW7+KR3miK7fqHZoKoNWEK8IkXvLJCOJ2ySOuSba917NSR
jAqGTJckW903nmJKjTQvGGcp+k2UNpCdc57CP7JZSQ+pcg7CqUlOaeb1XwJ5eQFH
GK2JEX62xFR5QRUCBa3xPQFytHKg22Mmewn0lAiEGKWNGDf7n159l/TKGCOrW1EF
UWhHrRBZk36aSQV1JVCkTxKrjZrvyu/eIXEeD9RzN5Z+keL1dDKDH61GFh6CLfkC
10w50dTVSyDe0AR0RvzQnRZ5yzxA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org