Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/N2OJIj4pW8hAbgdPBKNK7acFL7s.roa
File: N2OJIj4pW8hAbgdPBKNK7acFL7s.roa (raw, json)
Hash identifier: +3HvUkxuiPEoh+nrL3yo8wChr0mLuLctM0jBytKeZcc=
Subject key identifier: 37:63:89:22:3E:29:5B:C8:40:6E:07:4F:04:A3:4A:ED:A7:05:2F:BB
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185A0D34AF375983B9E1626C43B3FE88FE4
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/N2OJIj4pW8hAbgdPBKNK7acFL7s.roa
Signing time: Wed 11 Jan 2023 12:34:39 +0000
ROA not before: Wed 11 Jan 2023 12:34:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.79.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.129.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jan 2023 13:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:d3:4a:f3:75:98:3b:9e:16:26:c4:3b:3f:e8:8f:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 11 12:34:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=376389223e295bc8406e074f04a34aeda7052fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cb:04:2f:5c:31:5a:11:7d:71:4b:fb:0d:58:
e4:db:7d:96:75:3e:40:56:bf:17:08:51:26:6a:ce:
6a:cb:d1:21:0b:54:02:d9:44:26:2f:fc:17:22:a2:
6b:98:15:01:0f:2c:35:95:5d:ff:f0:df:ad:81:fa:
74:cf:17:40:08:39:1d:d2:83:58:d4:aa:1c:43:67:
3f:d5:5e:0e:db:9f:93:38:df:fd:01:8d:88:19:8c:
d1:32:92:b5:8d:92:e2:83:06:92:35:d0:88:cc:5c:
71:7b:74:4a:87:20:37:73:64:c6:64:21:22:6f:8e:
10:6d:f9:47:b6:3a:56:5f:d1:07:10:11:7e:77:51:
e7:d9:63:c1:e9:41:28:fa:a2:a5:4c:6c:d9:6d:ee:
52:f8:26:d7:90:5d:9c:18:db:90:70:d3:60:43:91:
db:df:79:ba:5a:70:41:c6:a5:b3:52:ff:38:fd:ef:
48:53:17:7e:83:2c:e5:52:79:25:d8:3f:a5:f2:fb:
3b:c8:54:ae:82:c6:24:99:1d:c2:63:52:5e:fa:c5:
df:1f:7a:20:95:35:d5:73:26:aa:51:97:56:88:23:
04:40:41:fe:a5:b1:f3:e6:cf:0d:28:17:f3:83:da:
b7:cb:63:03:a3:ed:1b:35:de:6d:ee:25:5d:f6:c8:
ca:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:63:89:22:3E:29:5B:C8:40:6E:07:4F:04:A3:4A:ED:A7:05:2F:BB
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/N2OJIj4pW8hAbgdPBKNK7acFL7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.79.0/24
84.32.212.0/24
88.216.129.0/24
88.216.224.0/22
Signature Algorithm: sha256WithRSAEncryption
36:ed:62:7d:4c:5f:62:d4:9f:ef:e3:85:5a:d7:c9:e9:fe:f2:
73:e8:5e:2c:bf:44:f6:5f:25:b9:97:4a:5b:c4:c9:44:67:24:
28:a3:29:cc:e1:c8:30:f5:59:92:a7:1f:d5:90:e2:2b:da:f2:
f9:90:5e:56:79:a3:23:af:e4:95:e3:70:cd:22:8d:3c:da:1d:
97:4c:bc:24:2e:ae:94:10:30:d0:6f:d4:3f:92:e4:42:a5:da:
cc:99:9f:ac:0c:8c:b7:49:18:1f:ed:d5:bd:85:15:2c:bb:fe:
52:1a:bf:42:de:da:ad:05:ca:88:af:02:4b:3c:54:cd:91:66:
46:65:a2:a1:9a:56:02:8b:c2:20:3c:0f:28:f3:2d:f4:74:23:
b9:02:f4:ae:75:02:55:8e:09:85:50:f4:c7:0b:f3:bd:19:0e:
98:39:08:dd:b1:75:00:9b:0f:86:16:d6:11:81:24:d3:ac:12:
79:07:b5:af:6b:af:73:4d:ef:72:95:63:5b:1c:59:14:03:2e:
18:45:17:81:dd:1f:23:a3:e6:1c:25:33:37:90:90:14:16:dc:
01:74:6c:75:c7:a4:9c:6c:e3:6e:81:66:b8:81:c6:76:bb:3e:
08:8c:21:85:d9:85:1e:a2:9f:05:74:80:74:38:05:ef:18:94:
94:91:37:4e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYWg00rzdZg7nhYmxDs/6I/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTExMTIzNDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzYzODkyMjNlMjk1YmM4NDA2ZTA3NGYwNGEzNGFlZGE3MDUyZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnssEL1wxWhF9cUv7DVjk232WdT5A
Vr8XCFEmas5qy9EhC1QC2UQmL/wXIqJrmBUBDyw1lV3/8N+tgfp0zxdACDkd0oNY
1KocQ2c/1V4O25+TON/9AY2IGYzRMpK1jZLigwaSNdCIzFxxe3RKhyA3c2TGZCEi
b44QbflHtjpWX9EHEBF+d1Hn2WPB6UEo+qKlTGzZbe5S+CbXkF2cGNuQcNNgQ5Hb
33m6WnBBxqWzUv84/e9IUxd+gyzlUnkl2D+l8vs7yFSugsYkmR3CY1Je+sXfH3og
lTXVcyaqUZdWiCMEQEH+pbHz5s8NKBfzg9q3y2MDo+0bNd5t7iVd9sjKoQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDdjiSI+KVvIQG4HTwSjSu2nBS+7MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTjJPSklqNHBXOGhBYmdkUEJLTks3YWNGTDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVCAYAwQA
VCBPAwQAVCDUAwQAWNiBAwQCWNjgMA0GCSqGSIb3DQEBCwUAA4IBAQA27WJ9TF9i
1J/v44Va18np/vJz6F4sv0T2XyW5l0pbxMlEZyQooynM4cgw9VmSpx/VkOIr2vL5
kF5WeaMjr+SV43DNIo082h2XTLwkLq6UEDDQb9Q/kuRCpdrMmZ+sDIy3SRgf7dW9
hRUsu/5SGr9C3tqtBcqIrwJLPFTNkWZGZaKhmlYCi8IgPA8o8y30dCO5AvSudQJV
jgmFUPTHC/O9GQ6YOQjdsXUAmw+GFtYRgSTTrBJ5B7Wva69zTe9ylWNbHFkUAy4Y
RReB3R8jo+YcJTM3kJAUFtwBdGx1x6ScbONugWa4gcZ2uz4IjCGF2YUeop8FdIB0
OAXvGJSUkTdO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org