Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KI-PEgONc-LkWgSpTPKtXtUyyAY.roa
File: KI-PEgONc-LkWgSpTPKtXtUyyAY.roa (raw, json)
Hash identifier: 4s3kYamxaR4aL4C/sfKXuG8LuxyKZzd1kgzYu824ytE=
Subject key identifier: 28:8F:8F:12:03:8D:73:E2:E4:5A:04:A9:4C:F2:AD:5E:D5:32:C8:06
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018634FEF1419C33C2A7D2B493B274EF8DE1
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KI-PEgONc-LkWgSpTPKtXtUyyAY.roa
Signing time: Thu 09 Feb 2023 07:06:08 +0000
ROA not before: Thu 09 Feb 2023 07:06:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.59.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
88.216.129.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:34:fe:f1:41:9c:33:c2:a7:d2:b4:93:b2:74:ef:8d:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 9 07:06:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=288f8f12038d73e2e45a04a94cf2ad5ed532c806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:91:c1:a7:fa:1b:9f:b6:64:26:fe:8c:3d:59:
cb:a8:e8:db:f3:68:16:7f:0c:80:23:a7:15:eb:12:
96:7d:0b:70:d8:3b:6b:a9:a6:3c:9e:6c:1b:6f:47:
3b:fc:a3:a3:17:a5:36:c5:36:46:27:92:91:c1:b4:
72:5f:33:ed:9b:fa:4c:db:9c:b1:4d:a3:7d:de:f5:
69:8d:34:52:90:02:f0:ce:6a:d4:39:3b:e4:87:0d:
8b:29:d6:72:eb:71:26:cb:3d:e6:45:9a:68:77:63:
f4:b0:92:d3:14:f5:f3:1d:1d:0f:16:f4:f3:48:70:
ac:b5:03:aa:f9:75:09:89:1d:a2:18:12:cc:22:f6:
d3:99:41:41:96:4c:51:e3:e1:e8:b4:7f:a2:13:d4:
0c:79:0c:fb:35:df:39:7b:40:fb:6d:20:cb:07:09:
05:d1:cd:14:8c:7e:33:c3:ef:00:a8:2f:4d:70:77:
8a:72:f6:99:d7:10:d2:4a:ce:aa:02:08:28:3c:97:
78:3b:b8:ce:bf:a2:3a:28:a7:47:34:a8:26:3f:21:
40:e0:3d:5a:ab:b9:f2:c4:ae:5c:a1:00:a9:ea:a2:
bc:a3:c8:e7:9a:35:cf:9b:7c:38:a3:d1:71:75:a6:
97:61:f5:47:11:85:96:e5:00:21:5f:eb:26:51:61:
61:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:8F:8F:12:03:8D:73:E2:E4:5A:04:A9:4C:F2:AD:5E:D5:32:C8:06
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KI-PEgONc-LkWgSpTPKtXtUyyAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.44.0/24
84.32.47.0/24
84.32.59.0-84.32.60.255
84.32.66.0/24
84.32.68.0/24
84.32.90.0/24
84.32.178.0/24
84.32.225.0/24
84.32.227.0/24
88.216.95.0/24
88.216.103.0/24
88.216.129.0/24
88.216.209.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:35:c2:27:fb:0e:62:03:82:3c:f0:1b:84:fc:1c:e0:12:1f:
69:0b:71:91:48:b2:f5:09:a3:20:66:a6:3c:ad:8b:70:1a:4e:
a9:94:26:7b:37:e7:0b:c3:18:6e:2c:ce:7a:83:4a:aa:b5:1c:
06:e9:a0:b8:e3:d0:b8:ed:d1:d9:16:58:3c:18:5a:a9:32:0e:
c2:22:29:98:1f:ef:a2:68:c1:db:b2:b5:c4:31:66:41:ed:5a:
5c:b7:eb:3f:ce:6c:6f:b7:f2:3c:f8:c2:ff:a3:24:d4:70:44:
a3:bb:63:59:70:a3:49:8a:26:17:29:9a:dc:bc:81:57:e0:7b:
02:1f:d8:5d:b1:d3:54:26:54:aa:68:41:1c:fc:71:aa:35:55:
52:9b:b5:f4:36:39:11:9f:0f:be:5c:f1:2d:43:f4:b4:9d:35:
6f:6d:13:28:42:dd:49:5a:9d:6d:97:f4:c9:95:62:35:b1:f2:
b1:da:bd:99:0e:be:ce:f8:58:97:57:c7:da:d2:3a:32:07:6e:
06:4d:37:1b:bc:df:93:42:e3:aa:9b:dc:a6:be:7d:22:3d:18:
3b:77:9f:4b:9f:de:fb:07:6d:bf:29:2e:ca:bf:ac:60:b2:ed:
03:e7:68:10:b0:ad:64:5a:a1:9f:f4:24:c0:9c:b9:4a:a0:bf:
e5:53:4d:bf
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYY0/vFBnDPCp9K0k7J0743hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjA5MDcwNjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODhmOGYxMjAzOGQ3M2UyZTQ1YTA0YTk0Y2YyYWQ1ZWQ1MzJjODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpHBp/obn7ZkJv6MPVnLqOjb82gW
fwyAI6cV6xKWfQtw2DtrqaY8nmwbb0c7/KOjF6U2xTZGJ5KRwbRyXzPtm/pM25yx
TaN93vVpjTRSkALwzmrUOTvkhw2LKdZy63Emyz3mRZpod2P0sJLTFPXzHR0PFvTz
SHCstQOq+XUJiR2iGBLMIvbTmUFBlkxR4+HotH+iE9QMeQz7Nd85e0D7bSDLBwkF
0c0UjH4zw+8AqC9NcHeKcvaZ1xDSSs6qAggoPJd4O7jOv6I6KKdHNKgmPyFA4D1a
q7nyxK5coQCp6qK8o8jnmjXPm3w4o9FxdaaXYfVHEYWW5QAhX+smUWFhvwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFCiPjxIDjXPi5FoEqUzyrV7VMsgGMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvS0ktUEVnT05jLUxrV2dTcFRQS3RYdFV5eUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAVCAsAwQA
VCAvMAwDBABUIDsDBABUIDwDBABUIEIDBABUIEQDBABUIFoDBABUILIDBABUIOED
BABUIOMDBABY2F8DBABY2GcDBABY2IEDBABY2NEwDQYJKoZIhvcNAQELBQADggEB
ACw1wif7DmIDgjzwG4T8HOASH2kLcZFIsvUJoyBmpjyti3AaTqmUJns35wvDGG4s
znqDSqq1HAbpoLjj0Ljt0dkWWDwYWqkyDsIiKZgf76JowduytcQxZkHtWly36z/O
bG+38jz4wv+jJNRwRKO7Y1lwo0mKJhcpmty8gVfgewIf2F2x01QmVKpoQRz8cao1
VVKbtfQ2ORGfD75c8S1D9LSdNW9tEyhC3UlanW2X9MmVYjWx8rHavZkOvs74WJdX
x9rSOjIHbgZNNxu835NC46qb3Ka+fSI9GDt3n0uf3vsHbb8pLsq/rGCy7QPnaBCw
rWRaoZ/0JMCcuUqgv+VTTb8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org