Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LSnG4AAEgsV7AonLYXD2nRCqrz0.roa
File: LSnG4AAEgsV7AonLYXD2nRCqrz0.roa (raw, json)
Hash identifier: 0CIlnUyJmFWkzxK9pORhQNFWbrMVJg1oZmn7VncFMAo=
Subject key identifier: 2D:29:C6:E0:00:04:82:C5:7B:02:89:CB:61:70:F6:9D:10:AA:AF:3D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018D6467BCCF9158BE996DC33505B3F7271A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LSnG4AAEgsV7AonLYXD2nRCqrz0.roa
Signing time: Thu 01 Feb 2024 11:22:16 +0000
ROA not before: Thu 01 Feb 2024 11:22:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 84.32.26.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 06:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:67:bc:cf:91:58:be:99:6d:c3:35:05:b3:f7:27:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 1 11:22:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d29c6e0000482c57b0289cb6170f69d10aaaf3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:13:99:ac:5f:6e:f7:10:8b:09:0f:1b:7f:6d:
19:2b:52:46:fa:b0:a4:63:f8:f9:8d:8f:9b:6a:58:
e3:b0:b8:aa:cb:44:6e:91:61:9b:80:cd:b3:c3:4c:
ad:53:75:0b:11:0f:3d:fd:7e:d1:f0:fe:c2:4b:2d:
ec:cd:39:7c:7b:e4:fd:44:d9:09:58:a9:ad:9f:d0:
8b:29:e2:04:2a:94:e7:11:1a:5d:ac:2b:2d:d7:e4:
7c:62:6c:29:49:40:43:ec:96:8f:44:58:af:1d:41:
4d:ca:e3:15:3a:7a:63:c9:e7:ff:4f:e3:3b:33:5d:
2b:f1:f0:a5:d6:85:d8:f4:bd:49:0b:fa:65:79:40:
2c:08:3d:c5:31:e5:82:fb:0e:2d:2c:a9:03:de:41:
eb:cf:5c:7f:0e:a6:4f:3b:66:32:41:10:0b:a7:6e:
84:b4:f1:ef:12:7e:68:57:d7:df:34:70:41:a8:a3:
47:e4:d4:80:ea:e2:e5:43:1d:48:88:12:7a:a6:fc:
bd:6e:dd:1f:30:87:f9:84:a7:bc:c7:db:10:bf:31:
95:8f:89:c2:f4:04:02:62:5c:fe:9d:48:00:d4:34:
f9:e3:6d:30:5b:94:bf:5a:c9:c4:bb:03:79:12:a8:
7e:88:c2:9c:1d:69:30:57:a6:20:12:41:f4:e7:b0:
f2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:29:C6:E0:00:04:82:C5:7B:02:89:CB:61:70:F6:9D:10:AA:AF:3D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LSnG4AAEgsV7AonLYXD2nRCqrz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.26.0/24
84.32.39.0/24
84.32.66.0/24
88.216.187.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
05:c4:dc:b8:98:03:63:68:05:bf:eb:47:96:4e:34:eb:31:64:
86:66:24:34:a8:aa:3b:c0:38:f7:24:30:db:be:7e:d8:2d:d0:
a9:17:23:fa:7e:25:81:9d:2f:24:d6:c5:61:41:00:ff:9a:db:
08:2d:3f:66:4c:cd:d1:e0:30:2e:52:cb:d8:dc:60:8b:72:ee:
a7:ab:7c:f9:1f:03:46:bb:d7:ae:9d:e2:07:3d:41:32:67:55:
3d:5f:3e:86:c3:10:4c:88:2c:e2:86:4b:8c:12:64:19:5b:c6:
8a:0b:8a:c9:5a:20:85:d4:56:23:15:85:04:b1:1e:9d:75:e5:
d5:33:16:a6:ed:52:70:53:05:af:ed:ac:f3:fa:a3:1c:56:aa:
9d:7c:ea:62:da:4b:cc:f2:b7:e1:ac:3c:9e:e2:30:82:93:ec:
c0:30:23:d7:d1:57:94:68:6a:b8:ba:f7:67:9b:c5:41:ff:d0:
8c:ec:2c:20:59:41:b9:54:f3:c0:b3:ad:b6:a9:a4:ee:b0:21:
86:a5:9c:5e:51:13:27:19:39:43:22:48:39:f1:bb:ed:87:b8:
90:6b:66:7d:db:4f:d7:b1:b9:dc:db:5a:fb:a3:b6:57:fb:b2:
00:43:a6:2e:44:e6:f2:04:88:6a:f3:ff:e6:78:4b:62:03:dc:
2d:5e:a1:79
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY1kZ7zPkVi+mW3DNQWz9ycaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMjAxMTEyMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDI5YzZlMDAwMDQ4MmM1N2IwMjg5Y2I2MTcwZjY5ZDEwYWFhZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxOZrF9u9xCLCQ8bf20ZK1JG+rCk
Y/j5jY+baljjsLiqy0RukWGbgM2zw0ytU3ULEQ89/X7R8P7CSy3szTl8e+T9RNkJ
WKmtn9CLKeIEKpTnERpdrCst1+R8YmwpSUBD7JaPRFivHUFNyuMVOnpjyef/T+M7
M10r8fCl1oXY9L1JC/pleUAsCD3FMeWC+w4tLKkD3kHrz1x/DqZPO2YyQRALp26E
tPHvEn5oV9ffNHBBqKNH5NSA6uLlQx1IiBJ6pvy9bt0fMIf5hKe8x9sQvzGVj4nC
9AQCYlz+nUgA1DT5420wW5S/WsnEuwN5Eqh+iMKcHWkwV6YgEkH057DyPQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC0pxuAABILFewKJy2Fw9p0Qqq89MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTFNuRzRBQUVnc1Y3QW9uTFlYRDJuUkNxcnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCAaAwQA
VCAnAwQAVCBCAwQAWNi7AwQAWNjFMA0GCSqGSIb3DQEBCwUAA4IBAQAFxNy4mANj
aAW/60eWTjTrMWSGZiQ0qKo7wDj3JDDbvn7YLdCpFyP6fiWBnS8k1sVhQQD/mtsI
LT9mTM3R4DAuUsvY3GCLcu6nq3z5HwNGu9euneIHPUEyZ1U9Xz6GwxBMiCzihkuM
EmQZW8aKC4rJWiCF1FYjFYUEsR6ddeXVMxam7VJwUwWv7azz+qMcVqqdfOpi2kvM
8rfhrDye4jCCk+zAMCPX0VeUaGq4uvdnm8VB/9CM7CwgWUG5VPPAs622qaTusCGG
pZxeURMnGTlDIkg58bvth7iQa2Z920/Xsbnc21r7o7ZX+7IAQ6YuRObyBIhq8//m
eEtiA9wtXqF5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org