Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/K9v_b-vb_hTkI3yukPpDeG4DyQc.roa
File: K9v_b-vb_hTkI3yukPpDeG4DyQc.roa (raw, json)
Hash identifier: qNVK11C8NMnzTbQnlv53wKkBSgCe4QN0QN7LwHmMuL4=
Subject key identifier: 2B:DB:FF:6F:EB:DB:FE:14:E4:23:7C:AE:90:FA:43:78:6E:03:C9:07
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018595AAE0836DE5BBE45D2EC74C412B4C43
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/K9v_b-vb_hTkI3yukPpDeG4DyQc.roa
Signing time: Mon 09 Jan 2023 08:34:41 +0000
ROA not before: Mon 09 Jan 2023 08:34:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
84.32.250.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
84.32.176.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jan 2023 13:53:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:aa:e0:83:6d:e5:bb:e4:5d:2e:c7:4c:41:2b:4c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 9 08:34:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bdbff6febdbfe14e4237cae90fa43786e03c907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:81:3c:e1:62:0f:62:4b:b7:ae:4c:fb:79:3a:
49:01:b2:e9:8d:45:34:e2:bd:53:15:27:66:1f:79:
fc:5c:f8:06:7c:df:f8:78:22:a3:8b:7f:a0:ea:f2:
ac:47:3a:9f:98:86:4f:29:c6:ee:44:d5:92:4c:4f:
65:37:3a:8b:8a:d3:0f:78:35:3e:ad:95:2f:8e:88:
f0:04:eb:f4:64:ab:2a:12:91:8e:47:dd:55:9e:70:
88:01:3a:90:7a:af:05:e7:86:75:ec:fe:0d:c0:1b:
44:36:d5:ff:3d:96:d0:ad:a3:2b:d9:34:5f:75:5e:
25:14:c8:a1:d4:61:24:45:31:bd:02:6d:85:a4:b6:
b9:b0:07:fc:be:40:d7:c4:e3:59:42:06:e0:81:24:
66:26:77:5a:97:b7:b8:15:ed:b7:47:8f:d7:a0:12:
cc:45:1c:75:ae:fd:ba:c5:0a:1c:26:08:5b:15:6b:
11:fd:0d:a2:81:69:b4:f3:1a:0f:de:8d:d1:d7:18:
20:f5:71:f2:71:6d:4e:de:8f:54:94:a2:31:6f:a1:
e7:c4:a9:a3:e7:48:32:77:6c:82:4a:0b:f1:29:40:
3e:5c:3a:89:c4:9e:77:e2:8b:8f:88:02:24:a4:b8:
b6:6e:e9:70:61:db:90:d2:0a:98:76:71:78:7d:7e:
61:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:DB:FF:6F:EB:DB:FE:14:E4:23:7C:AE:90:FA:43:78:6E:03:C9:07
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/K9v_b-vb_hTkI3yukPpDeG4DyQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.31.0/24
84.32.64.0/24
84.32.148.0/23
84.32.152.0-84.32.154.255
84.32.156.0/22
84.32.175.0-84.32.176.255
84.32.250.0/24
88.216.20.0/24
88.216.23.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.131.0/24
88.216.185.0/24
88.216.213.0/24
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
29:ad:9a:69:0d:8e:8e:0c:6d:aa:01:48:89:1e:7e:ab:7c:0b:
fd:ef:05:2a:3b:97:c4:6e:f8:91:ba:78:ad:f7:bc:b0:a4:ce:
11:80:47:f3:1a:40:d9:2b:8d:e2:88:f5:a0:78:f5:94:f9:d6:
41:45:52:83:a3:8d:d3:94:59:92:81:61:c3:37:4c:34:60:1c:
cc:0d:c2:cf:83:ed:38:9f:be:86:0a:b2:f4:31:0b:83:ae:fe:
6c:79:ba:f3:5b:73:56:8e:38:57:03:65:e0:51:4d:f6:56:1e:
e4:67:36:dd:ca:97:7f:4c:18:b3:44:7d:e0:2f:5c:4d:1a:46:
a8:08:47:84:ff:7a:1c:27:ea:58:f0:ca:4f:33:5b:ee:0b:b6:
9b:86:18:ba:d4:01:22:a1:a2:ba:eb:a6:04:04:95:fa:7f:34:
56:95:5c:53:51:3f:66:b0:13:f7:a9:98:d8:aa:0f:72:97:e3:
3b:2a:c5:37:1a:67:53:a6:cd:3a:ac:69:b2:20:8c:61:85:c5:
6b:27:b3:51:69:40:4f:06:67:81:db:ab:96:82:18:58:df:d5:
3e:47:5c:e0:76:a0:b7:e4:4f:49:35:12:f8:93:32:e1:95:3a:
ed:70:c5:5f:95:bb:b1:74:c4:98:fa:f6:a7:a0:6f:30:b2:e9:
3e:26:a1:9c
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYWVquCDbeW75F0ux0xBK0xDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTA5MDgzNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmRiZmY2ZmViZGJmZTE0ZTQyMzdjYWU5MGZhNDM3ODZlMDNjOTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYE84WIPYku3rkz7eTpJAbLpjUU0
4r1TFSdmH3n8XPgGfN/4eCKji3+g6vKsRzqfmIZPKcbuRNWSTE9lNzqLitMPeDU+
rZUvjojwBOv0ZKsqEpGOR91VnnCIATqQeq8F54Z17P4NwBtENtX/PZbQraMr2TRf
dV4lFMih1GEkRTG9Am2FpLa5sAf8vkDXxONZQgbggSRmJndal7e4Fe23R4/XoBLM
RRx1rv26xQocJghbFWsR/Q2igWm08xoP3o3R1xgg9XHycW1O3o9UlKIxb6HnxKmj
50gyd2yCSgvxKUA+XDqJxJ534ouPiAIkpLi2bulwYduQ0gqYdnF4fX5howIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFCvb/2/r2/4U5CN8rpD6Q3huA8kHMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSzl2X2ItdmJfaFRrSTN5dWtQcERlRzREeVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAFQgHwME
AFQgQAMEAVQglDAMAwQDVCCYAwQAVCCaAwQCVCCcMAwDBABUIK8DBABUILADBABU
IPoDBABY2BQDBABY2BcDBAFY2CwwDAMEA1jYOAMEAVjYQAMEAFjYgwMEAFjYuQME
AFjY1QMEAFjY1zANBgkqhkiG9w0BAQsFAAOCAQEAKa2aaQ2OjgxtqgFIiR5+q3wL
/e8FKjuXxG74kbp4rfe8sKTOEYBH8xpA2SuN4oj1oHj1lPnWQUVSg6ON05RZkoFh
wzdMNGAczA3Cz4PtOJ++hgqy9DELg67+bHm681tzVo44VwNl4FFN9lYe5Gc23cqX
f0wYs0R94C9cTRpGqAhHhP96HCfqWPDKTzNb7gu2m4YYutQBIqGiuuumBASV+n80
VpVcU1E/ZrAT96mY2KoPcpfjOyrFNxpnU6bNOqxpsiCMYYXFayezUWlATwZngdur
loIYWN/VPkdc4Hagt+RPSTUS+JMy4ZU67XDFX5W7sXTEmPr2p6BvMLLpPiahnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org