Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/L15A2UgmszBElFh0tlrlLaOj_MQ.roa
File: L15A2UgmszBElFh0tlrlLaOj_MQ.roa (raw, json)
Hash identifier: ChCuxRsvTVJKrCctNAASd4rdq/TlfaCYIAkWhJ/sMvg=
Subject key identifier: 2F:5E:40:D9:48:26:B3:30:44:94:58:74:B6:5A:E5:2D:A3:A3:FC:C4
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC6BE6FEBBB540DC8ADA636EE1D1884A1
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/L15A2UgmszBElFh0tlrlLaOj_MQ.roa
Signing time: Mon 01 Jan 2024 20:36:58 +0000
ROA not before: Mon 01 Jan 2024 20:36:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.26.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.178.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:55:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:be:6f:eb:bb:54:0d:c8:ad:a6:36:ee:1d:18:84:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 20:36:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f5e40d94826b33044945874b65ae52da3a3fcc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:13:ee:ff:e5:f1:e7:25:f6:3e:62:a2:ad:de:
dd:b1:36:48:7d:70:e9:00:5d:69:b9:5a:bd:d8:58:
20:14:37:ce:0c:1c:ea:de:77:00:66:a9:52:11:86:
66:34:73:64:ff:3b:eb:a1:33:ff:0a:7f:78:23:0a:
3b:b1:a9:ca:7c:8e:7d:e2:06:60:d2:4d:43:f5:39:
cc:fd:e4:77:28:94:6f:72:d4:13:54:33:19:c0:1f:
92:bd:52:fd:49:88:5f:ec:b6:d7:3b:6e:05:7e:ea:
2e:1f:3c:8d:bb:27:36:30:58:7c:11:f4:bd:54:1b:
3d:66:12:14:ce:dc:4e:7b:97:ea:bc:b3:9f:de:4c:
ad:bd:a6:6a:e0:55:8e:3a:3b:bd:59:74:bc:42:fc:
50:39:16:41:bd:56:98:fe:18:39:da:95:f3:42:ab:
cd:2f:04:2b:23:0e:98:49:0c:90:f3:f7:91:a2:4b:
27:13:c2:b8:7e:0f:29:cc:be:de:61:30:22:37:5b:
2b:8b:c5:64:49:95:80:d2:7f:2a:5d:b0:41:eb:97:
6c:fc:de:48:01:6d:9d:3a:21:34:4c:a5:a7:f5:64:
c5:d8:fe:00:ab:0b:c8:1e:7a:57:0b:ea:5e:aa:ed:
5d:dc:55:d4:8a:20:55:d4:1e:d9:a6:fc:fe:e6:50:
eb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:5E:40:D9:48:26:B3:30:44:94:58:74:B6:5A:E5:2D:A3:A3:FC:C4
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/L15A2UgmszBElFh0tlrlLaOj_MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.39.0/24
84.32.46.0/23
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.187.0-88.216.191.255
88.216.197.0-88.216.198.255
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
90:c0:c3:43:37:9d:ac:ad:c8:0b:0e:66:09:70:9a:35:19:50:
22:98:4d:c5:08:61:1d:0a:d1:b8:10:be:81:65:66:11:55:29:
38:0e:9c:92:ee:5c:9f:b6:db:d0:42:65:ee:c3:11:a3:6f:25:
eb:74:73:53:96:07:d1:88:61:94:06:ff:f1:2d:c4:23:c9:ad:
1f:e0:22:34:e6:63:16:fd:b8:8a:8f:fd:2b:34:42:fb:e0:59:
04:64:31:4d:25:f6:2f:8f:11:7c:3e:e2:ee:42:30:f1:16:3d:
c9:64:42:8f:67:a4:13:00:ae:ee:dc:8a:72:6c:7e:73:78:8a:
8f:de:3b:f3:84:2e:c5:81:9e:27:3e:bc:c6:11:3e:b2:a1:1a:
a6:af:83:12:41:f7:24:41:c3:12:e9:5d:29:1e:6c:56:7e:b5:
5f:b2:2a:f0:2a:48:61:dc:3e:fd:a3:a9:84:7f:67:22:aa:8a:
d0:00:8c:d8:d8:7c:4a:e1:19:23:87:48:43:c1:8a:4a:47:30:
d6:f6:70:99:3b:9b:85:3a:dc:29:f1:7f:4b:ac:3e:da:12:f2:
a4:fe:d3:e9:4e:03:9b:47:20:e4:b9:54:c7:9d:29:54:aa:b1:
f2:64:1e:54:a8:9d:48:0c:cd:fa:2a:5a:67:8b:77:d4:98:e7:
eb:f6:07:b1
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYzGvm/ru1QNyK2mNu4dGIShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMjAzNjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjVlNDBkOTQ4MjZiMzMwNDQ5NDU4NzRiNjVhZTUyZGEzYTNmY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphPu/+Xx5yX2PmKird7dsTZIfXDp
AF1puVq92FggFDfODBzq3ncAZqlSEYZmNHNk/zvroTP/Cn94Iwo7sanKfI594gZg
0k1D9TnM/eR3KJRvctQTVDMZwB+SvVL9SYhf7LbXO24FfuouHzyNuyc2MFh8EfS9
VBs9ZhIUztxOe5fqvLOf3kytvaZq4FWOOju9WXS8QvxQORZBvVaY/hg52pXzQqvN
LwQrIw6YSQyQ8/eRoksnE8K4fg8pzL7eYTAiN1sri8VkSZWA0n8qXbBB65ds/N5I
AW2dOiE0TKWn9WTF2P4AqwvIHnpXC+pequ1d3FXUiiBV1B7Zpvz+5lDrhwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFC9eQNlIJrMwRJRYdLZa5S2jo/zEMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTDE1QTJVZ21zekJFbEZoMHRscmxMYU9qX01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQwDAME
AFQgBwMEAFQgCDAMAwQCVCAUAwQCVCAYAwQAVCAnAwQBVCAuAwQAVCBfAwQCVCCU
AwQBVCCuAwQBVCCyAwQBVCDWAwQCVCD0AwQBWNgWAwQBWNgsAwQAWNhdMAwDBAFY
2IIDBABY2IQDBAFY2IYwDAMEAFjYuwMEBljYgDAMAwQAWNjFAwQAWNjGAwQCWNjU
MA0GCSqGSIb3DQEBCwUAA4IBAQCQwMNDN52srcgLDmYJcJo1GVAimE3FCGEdCtG4
EL6BZWYRVSk4DpyS7lyfttvQQmXuwxGjbyXrdHNTlgfRiGGUBv/xLcQjya0f4CI0
5mMW/biKj/0rNEL74FkEZDFNJfYvjxF8PuLuQjDxFj3JZEKPZ6QTAK7u3IpybH5z
eIqP3jvzhC7FgZ4nPrzGET6yoRqmr4MSQfckQcMS6V0pHmxWfrVfsirwKkhh3D79
o6mEf2ciqorQAIzY2HxK4Rkjh0hDwYpKRzDW9nCZO5uFOtwp8X9LrD7aEvKk/tPp
TgObRyDkuVTHnSlUqrHyZB5UqJ1IDM36Klpni3fUmOfr9gex
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org