Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/INQXOGEETM89Fs82XfYCSewpj78.roa
File: INQXOGEETM89Fs82XfYCSewpj78.roa (raw, json)
Hash identifier: T97o2wWrVW640quHHW+ZOGhWXCNjj7m1BgTWra+eDVc=
Subject key identifier: 20:D4:17:38:61:04:4C:CF:3D:16:CF:36:5D:F6:02:49:EC:29:8F:BF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0189626C4ABBE7D9E77D41708218EDB862AD
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/INQXOGEETM89Fs82XfYCSewpj78.roa
Signing time: Mon 17 Jul 2023 05:56:51 +0000
ROA not before: Mon 17 Jul 2023 05:56:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 84.32.76.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Aug 2023 05:42:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:62:6c:4a:bb:e7:d9:e7:7d:41:70:82:18:ed:b8:62:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 17 05:56:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20d4173861044ccf3d16cf365df60249ec298fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9a:f5:b2:00:42:d0:ad:80:63:ad:42:18:af:
7c:ac:1f:7f:84:ac:b9:f7:6b:ae:9d:84:a8:b5:c4:
3f:e3:c7:d9:71:88:9c:1f:aa:0b:c8:36:be:b1:ea:
0f:22:47:85:b5:28:bb:3d:02:a4:50:d6:c5:75:19:
a0:0e:12:eb:20:bf:5f:6a:0b:b8:11:13:86:71:f6:
ce:12:07:8c:dc:bc:87:05:2b:91:da:b3:53:32:d5:
76:aa:cf:37:34:ea:82:68:30:06:06:ba:6d:94:5d:
01:2d:e8:b6:f2:19:92:1a:97:c8:bc:be:10:96:f6:
63:63:4a:a6:cb:49:3d:34:fe:6b:73:c2:5d:e8:f1:
51:ba:a4:f1:3b:2a:a4:1b:53:67:46:87:5a:81:a2:
90:c6:8e:0f:82:5e:e4:dc:39:49:79:a7:28:60:a9:
91:bc:52:3b:b4:85:05:1b:0e:2c:99:38:cd:66:15:
65:fb:8e:66:cd:3b:13:38:9a:f4:48:17:6e:b5:25:
d9:fc:96:42:96:b4:83:44:3f:dd:4c:d7:1c:3b:00:
b7:c6:e2:4f:28:b8:84:58:67:7b:11:cc:46:be:89:
31:08:85:b4:e0:f3:fd:ce:93:bb:77:b1:ad:69:5a:
32:67:1f:20:15:bc:69:86:96:c5:28:2d:27:61:2a:
31:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:D4:17:38:61:04:4C:CF:3D:16:CF:36:5D:F6:02:49:EC:29:8F:BF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/INQXOGEETM89Fs82XfYCSewpj78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.76.0/24
84.32.79.0/24
84.32.243.0/24
88.216.190.0/23
88.216.198.0/24
88.216.211.0/24
Signature Algorithm: sha256WithRSAEncryption
44:0c:fc:5d:cf:cc:9a:94:c9:22:0d:f9:03:46:23:7b:e8:58:
d9:be:3d:55:7e:50:ea:1c:9e:11:67:ae:b3:d6:c0:99:47:b0:
60:d3:ae:58:70:00:f9:b1:0c:4b:cf:ab:87:4c:eb:5c:86:48:
28:f1:37:c3:4b:ab:e6:4c:2f:67:0c:f4:37:da:9f:81:c9:0d:
eb:ae:31:f9:d4:44:73:2f:9f:d4:51:f4:b1:89:e7:87:ea:44:
5e:79:3a:d6:a0:59:6f:a0:7f:02:2f:c7:d6:72:81:5d:67:81:
7b:7c:7d:0c:f5:dd:bc:95:b6:a3:a0:c6:c3:9c:1a:73:83:39:
4e:96:92:d8:01:1d:d9:a8:d6:c4:e5:d0:e8:ec:07:f3:3d:1f:
a9:1b:a2:ac:83:b7:b0:71:53:a9:ff:71:a2:93:1a:1f:f7:8c:
6b:3c:5e:41:ef:7d:8e:2f:dc:55:7f:e8:7b:c4:29:f7:40:c3:
31:5b:04:b1:34:a4:3a:b1:96:c3:00:18:92:51:93:a6:7c:dc:
de:96:a3:c6:b6:11:5a:3a:1b:10:23:03:96:f3:21:24:df:41:
3a:40:53:ec:b5:f5:0a:f0:c0:0f:00:fe:00:3d:e2:59:0f:e2:
ec:a7:ad:91:14:1d:93:e2:9a:6b:8c:d3:cf:7c:28:d9:38:f9:
3e:de:33:e5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYlibEq759nnfUFwghjtuGKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNzE3MDU1NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGQ0MTczODYxMDQ0Y2NmM2QxNmNmMzY1ZGY2MDI0OWVjMjk4ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJr1sgBC0K2AY61CGK98rB9/hKy5
92uunYSotcQ/48fZcYicH6oLyDa+seoPIkeFtSi7PQKkUNbFdRmgDhLrIL9fagu4
EROGcfbOEgeM3LyHBSuR2rNTMtV2qs83NOqCaDAGBrptlF0BLei28hmSGpfIvL4Q
lvZjY0qmy0k9NP5rc8Jd6PFRuqTxOyqkG1NnRodagaKQxo4Pgl7k3DlJeacoYKmR
vFI7tIUFGw4smTjNZhVl+45mzTsTOJr0SBdutSXZ/JZClrSDRD/dTNccOwC3xuJP
KLiEWGd7EcxGvokxCIW04PP9zpO7d7GtaVoyZx8gFbxphpbFKC0nYSox9QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCDUFzhhBEzPPRbPNl32AknsKY+/MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSU5RWE9HRUVUTTg5RnM4MlhmWUNTZXdwajc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCBMAwQA
VCBPAwQAVCDzAwQBWNi+AwQAWNjGAwQAWNjTMA0GCSqGSIb3DQEBCwUAA4IBAQBE
DPxdz8yalMkiDfkDRiN76FjZvj1VflDqHJ4RZ66z1sCZR7Bg065YcAD5sQxLz6uH
TOtchkgo8TfDS6vmTC9nDPQ32p+ByQ3rrjH51ERzL5/UUfSxieeH6kReeTrWoFlv
oH8CL8fWcoFdZ4F7fH0M9d28lbajoMbDnBpzgzlOlpLYAR3ZqNbE5dDo7AfzPR+p
G6Ksg7ewcVOp/3Gikxof94xrPF5B732OL9xVf+h7xCn3QMMxWwSxNKQ6sZbDABiS
UZOmfNzelqPGthFaOhsQIwOW8yEk30E6QFPstfUK8MAPAP4APeJZD+Lsp62RFB2T
4pprjNPPfCjZOPk+3jPl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org