Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JOcr3xqP3cAr6EjyPtjcy1DsRZE.roa
File: JOcr3xqP3cAr6EjyPtjcy1DsRZE.roa (raw, json)
Hash identifier: cwH9BbGHPH5xCH6G8rGwEX5peerg1/3JRex3jlSZi1k=
Subject key identifier: 24:E7:2B:DF:1A:8F:DD:C0:2B:E8:48:F2:3E:D8:DC:CB:50:EC:45:91
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018B4E9DF39EE00832688423E2D9C13D3CE6
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JOcr3xqP3cAr6EjyPtjcy1DsRZE.roa
Signing time: Fri 20 Oct 2023 19:44:16 +0000
ROA not before: Fri 20 Oct 2023 19:44:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54252
IP address blocks: 84.32.58.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.61.0/24 maxlen: 24
88.216.92.0/23 maxlen: 24
84.32.20.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Dec 2023 08:35:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4e:9d:f3:9e:e0:08:32:68:84:23:e2:d9:c1:3d:3c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 20 19:44:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24e72bdf1a8fddc02be848f23ed8dccb50ec4591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6b:b8:68:82:64:2d:63:7d:d0:00:1e:4b:67:
78:bc:1a:ef:13:d6:14:14:3c:22:d7:3e:c2:4b:e2:
bb:f8:5e:6d:fc:47:03:da:37:6c:c8:53:20:3c:30:
97:a2:76:33:8c:ef:9c:4c:98:58:81:4c:64:af:04:
e2:9b:36:3d:eb:22:5e:9b:8b:85:92:ec:88:f5:10:
42:57:3b:f5:07:e6:3c:72:9f:1d:97:10:c4:9b:98:
c8:72:95:0c:6b:9a:40:e6:0e:73:b6:bb:83:f1:08:
89:72:87:e8:2d:58:a3:2c:96:12:8a:0c:f2:a2:18:
73:d4:62:49:a8:c8:b8:e5:28:df:d6:b9:7b:8d:8d:
2d:6c:55:e3:25:54:91:42:75:a9:e0:37:9e:b9:16:
4e:6f:ea:65:3a:4c:6c:31:9f:c8:ae:e6:ee:06:50:
dd:a9:4c:2e:9d:fc:8b:a9:d2:2d:d2:fc:5d:a0:bc:
88:82:aa:fe:0a:fa:42:24:da:98:97:55:13:b8:52:
81:99:a6:c3:30:fd:92:72:3f:74:03:da:a4:d4:1c:
26:18:fe:d3:f4:c1:6f:72:3a:dc:12:36:1d:7f:a7:
6d:9b:5d:99:11:cc:5c:81:2e:1b:59:18:25:c7:b4:
c7:23:c7:a1:aa:82:96:fa:b6:29:ae:97:cc:f4:4f:
ff:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E7:2B:DF:1A:8F:DD:C0:2B:E8:48:F2:3E:D8:DC:CB:50:EC:45:91
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JOcr3xqP3cAr6EjyPtjcy1DsRZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/24
84.32.58.0/24
84.32.60.0/23
88.216.36.0/24
88.216.92.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:ab:be:c0:66:f6:5a:43:f8:4e:70:36:59:fb:66:86:77:87:
24:89:8f:3a:82:50:8d:05:1c:46:70:9a:cf:11:1a:5f:dd:fe:
c2:12:75:04:b1:6c:c4:dd:6c:98:19:f5:0b:6f:85:22:2a:1b:
be:8f:a5:03:a6:ac:53:35:86:ab:04:6e:76:18:5f:dc:20:48:
2a:f3:8d:13:d4:15:5c:a5:fb:f4:d0:cb:57:dc:96:a3:ea:4a:
7a:eb:44:b8:b9:79:91:68:7f:de:dc:61:4a:8a:7f:30:6c:68:
ca:ce:8f:99:ee:97:6a:23:3c:74:53:8c:e8:d6:79:31:4f:8f:
74:5b:da:f9:bc:c8:8f:e7:bd:ce:ef:37:87:5c:51:aa:25:f1:
e0:e4:62:76:2d:86:d8:af:ef:68:29:90:a9:21:4e:63:fa:33:
59:cc:84:0c:f7:14:25:d6:39:2e:92:3b:9d:4e:27:bf:b0:88:
a5:1b:bf:6b:b1:32:d3:57:aa:e3:f9:cb:29:c4:a5:26:64:9f:
a2:ef:6b:3b:73:22:82:cc:ab:63:94:de:a7:b3:e5:5f:4d:33:
81:2b:11:68:28:e3:1d:e6:c9:21:db:32:ab:4e:8b:5b:11:5e:
ae:87:0f:7d:2b:cd:de:bf:64:50:cd:16:4f:88:d5:37:93:d6:
3f:13:a8:92
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYtOnfOe4AgyaIQj4tnBPTzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDIwMTk0NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGU3MmJkZjFhOGZkZGMwMmJlODQ4ZjIzZWQ4ZGNjYjUwZWM0NTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWu4aIJkLWN90AAeS2d4vBrvE9YU
FDwi1z7CS+K7+F5t/EcD2jdsyFMgPDCXonYzjO+cTJhYgUxkrwTimzY96yJem4uF
kuyI9RBCVzv1B+Y8cp8dlxDEm5jIcpUMa5pA5g5ztruD8QiJcofoLVijLJYSigzy
ohhz1GJJqMi45Sjf1rl7jY0tbFXjJVSRQnWp4DeeuRZOb+plOkxsMZ/IrubuBlDd
qUwunfyLqdIt0vxdoLyIgqr+CvpCJNqYl1UTuFKBmabDMP2Scj90A9qk1BwmGP7T
9MFvcjrcEjYdf6dtm12ZEcxcgS4bWRglx7THI8ehqoKW+rYprpfM9E//UQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCTnK98aj93AK+hI8j7Y3MtQ7EWRMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSk9jcjN4cVAzY0FyNkVqeVB0amN5MURzUlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCAUAwQA
VCA6AwQBVCA8AwQAWNgkAwQBWNhcMA0GCSqGSIb3DQEBCwUAA4IBAQBeq77AZvZa
Q/hOcDZZ+2aGd4ckiY86glCNBRxGcJrPERpf3f7CEnUEsWzE3WyYGfULb4UiKhu+
j6UDpqxTNYarBG52GF/cIEgq840T1BVcpfv00MtX3Jaj6kp660S4uXmRaH/e3GFK
in8wbGjKzo+Z7pdqIzx0U4zo1nkxT490W9r5vMiP573O7zeHXFGqJfHg5GJ2LYbY
r+9oKZCpIU5j+jNZzIQM9xQl1jkukjudTie/sIilG79rsTLTV6rj+cspxKUmZJ+i
72s7cyKCzKtjlN6ns+VfTTOBKxFoKOMd5skh2zKrTotbEV6uhw99K83ev2RQzRZP
iNU3k9Y/E6iS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org