Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JLeGNIOM0iBRq9XFLSB0IowAU8w.roa
File: JLeGNIOM0iBRq9XFLSB0IowAU8w.roa (raw, json)
Hash identifier: IxC80A2ZpwynbBWoK2EFaZw3AhMzOYTe95a9ga9Fvug=
Subject key identifier: 24:B7:86:34:83:8C:D2:20:51:AB:D5:C5:2D:20:74:22:8C:00:53:CC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018D8C8C849369E66433E1DD97E0FDBEA379
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JLeGNIOM0iBRq9XFLSB0IowAU8w.roa
Signing time: Fri 09 Feb 2024 06:27:15 +0000
ROA not before: Fri 09 Feb 2024 06:27:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.25.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.178.0/23 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.220.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 19:52:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8c:8c:84:93:69:e6:64:33:e1:dd:97:e0:fd:be:a3:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 9 06:27:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24b78634838cd22051abd5c52d2074228c0053cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:dd:e9:50:c5:39:04:88:35:ab:82:5d:91:9d:
11:e0:23:18:d7:a3:0f:2c:47:71:9b:c4:42:36:3e:
bb:5a:9d:f1:5a:b8:be:13:8e:1e:84:ad:ba:30:8d:
06:41:76:5b:69:fc:57:4e:2d:77:8c:5d:a9:43:e2:
d4:98:45:da:05:45:ea:65:ae:59:de:e0:80:2e:31:
53:b9:79:42:c1:6e:d0:48:c2:73:bc:be:6b:8a:f5:
94:25:68:29:22:24:a0:85:32:d8:81:45:50:02:65:
f2:ba:f4:0d:cd:44:e4:1b:9a:26:9d:37:5f:f6:b6:
2b:34:8b:a8:2d:76:50:63:ff:ed:9a:69:65:a5:bd:
d9:95:79:e0:2c:e9:d0:c6:d3:64:48:39:ec:cf:68:
02:91:cb:61:9e:0d:f6:63:81:3d:a3:40:8a:79:fa:
c8:c1:29:61:18:92:ea:74:7e:14:9d:d3:2d:9d:78:
02:b3:d6:82:fe:08:a2:a1:ae:43:f9:fc:b9:04:3f:
ee:fe:ae:7e:d1:ef:ea:df:c6:59:7e:c1:87:1a:7f:
d2:3f:21:4c:b0:ee:35:3e:81:54:cc:b3:88:4f:f1:
30:c2:85:d5:b0:03:7d:15:63:23:b9:4c:13:04:4c:
cb:a0:0b:bf:35:b6:e4:24:f7:98:5f:d6:ee:29:5d:
3e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B7:86:34:83:8C:D2:20:51:AB:D5:C5:2D:20:74:22:8C:00:53:CC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JLeGNIOM0iBRq9XFLSB0IowAU8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.210.0/24
84.32.214.0/23
84.32.220.0/24
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.180.0/24
88.216.187.0-88.216.191.255
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
83:b5:c1:e6:64:a7:fe:1b:57:5a:27:00:bb:10:97:e2:e2:82:
eb:7e:c9:56:c4:02:be:4c:67:67:1f:f8:c5:8a:a3:cc:fc:23:
5e:70:2d:06:b1:be:d8:a1:79:d3:f4:92:3a:00:fc:a9:9f:6d:
5a:3a:d2:cd:e1:38:d6:8f:09:b2:b8:69:af:04:fb:98:d2:09:
dd:b5:27:d0:9a:8d:46:29:b0:4f:49:35:aa:3e:38:e1:5d:d4:
b1:23:05:b1:6d:7f:fc:71:4b:82:16:74:6f:97:b0:39:ae:ac:
45:23:ee:89:73:7e:89:62:56:4a:d0:5f:df:28:30:92:43:ac:
8e:73:e5:b9:87:d5:53:d3:14:e8:d5:3d:af:bb:b1:7e:58:a2:
9b:47:33:0a:3a:69:a7:13:fc:b6:de:58:59:c7:ad:f5:fa:85:
de:ec:a5:ff:b6:b4:0e:61:c9:3f:7e:8e:7d:41:6a:93:5e:80:
3b:97:be:cf:eb:cb:e2:98:bb:04:98:4c:29:fe:7d:8f:43:d4:
07:dc:b4:6a:40:2f:af:f9:50:f4:39:e8:1d:f4:4b:77:db:9d:
f3:61:91:22:c2:d2:7e:5b:92:74:f6:87:88:d1:37:82:6f:9e:
09:08:55:3a:1a:20:40:d0:5d:e4:ab:a8:99:1d:3a:00:fc:a9:
4f:52:a1:07
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAY2MjISTaeZkM+Hdl+D9vqN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMjA5MDYyNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGI3ODYzNDgzOGNkMjIwNTFhYmQ1YzUyZDIwNzQyMjhjMDA1M2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAit3pUMU5BIg1q4JdkZ0R4CMY16MP
LEdxm8RCNj67Wp3xWri+E44ehK26MI0GQXZbafxXTi13jF2pQ+LUmEXaBUXqZa5Z
3uCALjFTuXlCwW7QSMJzvL5rivWUJWgpIiSghTLYgUVQAmXyuvQNzUTkG5omnTdf
9rYrNIuoLXZQY//tmmllpb3ZlXngLOnQxtNkSDnsz2gCkcthng32Y4E9o0CKefrI
wSlhGJLqdH4UndMtnXgCs9aC/giioa5D+fy5BD/u/q5+0e/q38ZZfsGHGn/SPyFM
sO41PoFUzLOIT/EwwoXVsAN9FWMjuUwTBEzLoAu/NbbkJPeYX9buKV0+twIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFCS3hjSDjNIgUavVxS0gdCKMAFPMMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSkxlR05JT00waUJScTlYRkxTQjBJb3dBVTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIwDAME
AFQgBwMEAFQgCDAMAwQCVCAUAwQCVCAYAwQBVCAuAwQAVCBfAwQCVCCUAwQBVCCu
AwQBVCCyAwQAVCDSAwQBVCDWAwQAVCDcAwQCVCD0AwQBWNgWAwQBWNgsAwQAWNhd
MAwDBAFY2IIDBABY2IQDBAFY2IYDBABY2LQwDAMEAFjYuwMEBljYgAMEAljY1DAN
BgkqhkiG9w0BAQsFAAOCAQEAg7XB5mSn/htXWicAuxCX4uKC637JVsQCvkxnZx/4
xYqjzPwjXnAtBrG+2KF50/SSOgD8qZ9tWjrSzeE41o8JsrhprwT7mNIJ3bUn0JqN
RimwT0k1qj444V3UsSMFsW1//HFLghZ0b5ewOa6sRSPuiXN+iWJWStBf3ygwkkOs
jnPluYfVU9MU6NU9r7uxfliim0czCjpppxP8tt5YWcet9fqF3uyl/7a0DmHJP36O
fUFqk16AO5e+z+vL4pi7BJhMKf59j0PUB9y0akAvr/lQ9DnoHfRLd9ud82GRIsLS
fluSdPaHiNE3gm+eCQhVOhogQNBd5KuomR06APypT1KhBw==
-----END CERTIFICATE-----
Generated at Mon Feb 12 23:46:05 2024 by rpki-client on console-fra.rpki-client.org