Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/L4nud5O39Kc1nMjE5SeRb2x93Aw.roa
File: L4nud5O39Kc1nMjE5SeRb2x93Aw.roa (raw, json)
Hash identifier: yR+WwD4zMfFTTw20LL56yCmf5zKQBqCrgQ4l/Rlu7UU=
Subject key identifier: 2F:89:EE:77:93:B7:F4:A7:35:9C:C8:C4:E5:27:91:6F:6C:7D:DC:0C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186262B3027E063B5BAB7BA90D4392769BE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/L4nud5O39Kc1nMjE5SeRb2x93Aw.roa
Signing time: Mon 06 Feb 2023 10:00:09 +0000
ROA not before: Mon 06 Feb 2023 10:00:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 84.32.91.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
84.32.105.0/24 maxlen: 24
84.32.104.0/24 maxlen: 24
84.32.228.0/24 maxlen: 24
84.32.252.0/24 maxlen: 24
84.32.253.0/24 maxlen: 24
84.32.249.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
84.32.254.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Jun 2023 08:56:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:26:2b:30:27:e0:63:b5:ba:b7:ba:90:d4:39:27:69:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 6 10:00:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f89ee7793b7f4a7359cc8c4e527916f6c7ddc0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a5:4e:bf:fb:c5:4f:80:e0:73:ec:55:f9:c5:
f4:8a:bb:0b:5c:3c:46:a7:e0:29:01:b8:ff:99:13:
7b:5b:b8:c7:95:2d:73:f5:aa:b6:89:1b:1d:56:15:
fa:f0:b1:74:c8:9a:5c:7d:e8:72:77:f7:8a:ed:2e:
ea:54:c5:9f:44:9c:d9:d2:ee:72:7d:0c:d0:ba:f9:
61:0e:b5:08:4e:9a:a6:83:dc:37:83:e5:97:f1:41:
4b:35:63:42:1d:a1:02:7e:81:01:db:d3:9f:c2:41:
91:cc:5c:da:80:66:77:2d:72:39:51:3d:a8:06:f8:
39:ce:cf:c0:0a:7a:8a:25:20:94:d1:6a:fd:9d:51:
d7:cf:cd:10:85:be:5e:9e:6e:c4:5d:d5:c6:ed:92:
b0:a6:c5:fe:df:c4:ba:64:5a:59:33:67:f6:3b:a3:
4d:96:79:99:d3:4a:33:ee:0f:97:6f:06:3a:9f:37:
b7:89:c9:f0:85:27:6b:20:a2:96:26:d1:a3:6b:00:
72:82:16:a4:10:5f:9d:e6:a7:2e:4c:c2:75:8e:1a:
54:18:30:ec:d7:ad:58:55:57:0e:c2:c6:4c:33:41:
68:33:76:11:2c:ec:ec:34:71:40:86:d5:30:ca:76:
95:c3:73:ec:2e:ab:dc:bb:4a:e8:e0:1f:82:58:c8:
42:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:89:EE:77:93:B7:F4:A7:35:9C:C8:C4:E5:27:91:6F:6C:7D:DC:0C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/L4nud5O39Kc1nMjE5SeRb2x93Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.91.0/24
84.32.104.0/23
84.32.228.0/24
84.32.249.0/24
84.32.252.0-84.32.254.255
88.216.38.0/23
88.216.42.0/24
88.216.101.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:28:27:4c:e2:1f:78:fe:91:38:c9:91:39:c0:e9:bb:ec:5c:
1b:f9:9a:e5:fa:90:85:b8:b4:55:70:c3:76:5a:9c:f0:c6:cb:
f9:dd:02:8c:f6:fc:b0:a0:e1:95:21:3d:b5:76:cb:48:0f:eb:
02:19:23:03:2f:35:da:be:57:64:b3:e1:8b:32:4a:3d:b6:e8:
b1:2b:45:a3:e4:d9:84:ee:d0:a3:36:ba:11:39:b7:c4:e0:f6:
e2:2f:6f:97:65:eb:ca:49:5c:38:7b:64:04:02:f3:59:5c:6d:
d6:a5:a2:86:38:fa:38:31:e7:17:08:21:9b:31:8e:0e:26:97:
dc:16:ef:10:5c:ae:65:cb:27:98:1e:20:ee:d0:1b:60:3f:97:
a1:fc:06:a8:fb:e9:de:55:54:44:14:20:5b:6f:a2:ce:30:98:
d3:b8:23:a4:41:a0:ef:59:64:90:e0:d8:5a:92:26:78:b3:27:
d5:2f:0b:0b:3d:d5:05:eb:71:5a:88:d5:a6:b3:c6:85:b3:22:
e9:75:93:ba:e8:ee:21:bd:62:a5:fb:74:c4:bd:df:73:f0:27:
98:09:cf:9b:2f:2f:1b:7a:23:61:20:43:55:d6:04:1e:5e:49:
6f:97:b6:b0:5d:b3:2d:67:59:4d:4d:4c:b4:1f:da:28:2f:5c:
d0:7f:b6:51
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYYmKzAn4GO1ure6kNQ5J2m+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjA2MTAwMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjg5ZWU3NzkzYjdmNGE3MzU5Y2M4YzRlNTI3OTE2ZjZjN2RkYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqVOv/vFT4Dgc+xV+cX0irsLXDxG
p+ApAbj/mRN7W7jHlS1z9aq2iRsdVhX68LF0yJpcfehyd/eK7S7qVMWfRJzZ0u5y
fQzQuvlhDrUITpqmg9w3g+WX8UFLNWNCHaECfoEB29OfwkGRzFzagGZ3LXI5UT2o
Bvg5zs/ACnqKJSCU0Wr9nVHXz80Qhb5enm7EXdXG7ZKwpsX+38S6ZFpZM2f2O6NN
lnmZ00oz7g+XbwY6nze3icnwhSdrIKKWJtGjawByghakEF+d5qcuTMJ1jhpUGDDs
161YVVcOwsZMM0FoM3YRLOzsNHFAhtUwynaVw3PsLqvcu0ro4B+CWMhC4QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFC+J7neTt/SnNZzIxOUnkW9sfdwMMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTDRudWQ1TzM5S2Mxbk1qRTVTZVJiMng5M0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAVCBbAwQB
VCBoAwQAVCDkAwQAVCD5MAwDBAJUIPwDBABUIP4DBAFY2CYDBABY2CoDBABY2GUw
DQYJKoZIhvcNAQELBQADggEBAC8oJ0ziH3j+kTjJkTnA6bvsXBv5muX6kIW4tFVw
w3ZanPDGy/ndAoz2/LCg4ZUhPbV2y0gP6wIZIwMvNdq+V2Sz4YsySj226LErRaPk
2YTu0KM2uhE5t8Tg9uIvb5dl68pJXDh7ZAQC81lcbdalooY4+jgx5xcIIZsxjg4m
l9wW7xBcrmXLJ5geIO7QG2A/l6H8Bqj76d5VVEQUIFtvos4wmNO4I6RBoO9ZZJDg
2FqSJnizJ9UvCws91QXrcVqI1aazxoWzIul1k7ro7iG9YqX7dMS933PwJ5gJz5sv
Lxt6I2EgQ1XWBB5eSW+XtrBdsy1nWU1NTLQf2igvXNB/tlE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org