Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/N_UCW08iVH6O0VEMeWlyLooH--U.roa
File: N_UCW08iVH6O0VEMeWlyLooH--U.roa (raw, json)
Hash identifier: 3peXOTCrqFwCXe64zcXynFA6rno/pFBvXhsiMudKT/4=
Subject key identifier: 37:F5:02:5B:4F:22:54:7E:8E:D1:51:0C:79:69:72:2E:8A:07:FB:E5
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185766EA9818682803026666A0F6DD0C881
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/N_UCW08iVH6O0VEMeWlyLooH--U.roa
Signing time: Tue 03 Jan 2023 07:00:41 +0000
ROA not before: Tue 03 Jan 2023 07:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 84.32.57.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.91.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Jan 2023 15:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:76:6e:a9:81:86:82:80:30:26:66:6a:0f:6d:d0:c8:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 3 07:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37f5025b4f22547e8ed1510c7969722e8a07fbe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f8:40:9a:41:e7:79:23:01:29:5f:cf:32:4e:
6c:ab:a4:bd:e2:9f:02:05:21:ee:59:03:f2:32:a2:
c6:38:35:c3:25:db:96:35:93:f9:d4:7c:63:79:b5:
89:b5:fb:9e:1e:be:90:d3:07:fd:ab:e5:88:48:c1:
80:60:e8:dc:ed:f8:25:c9:21:06:a5:40:93:48:ca:
e4:17:bb:1c:c6:46:b2:87:ee:6f:a3:27:cb:a3:2e:
24:aa:57:e5:fc:bc:73:70:6b:50:65:5e:07:2d:71:
2e:04:1e:25:ee:4c:c5:99:ea:0c:56:57:f8:e9:58:
0f:57:c2:06:1c:da:0b:2c:4c:96:a8:a3:b7:4b:54:
22:9e:95:db:c4:12:87:7a:c6:5f:b5:74:f5:35:d3:
12:29:62:d9:69:1a:62:76:46:5f:ba:16:7e:30:6b:
84:f1:14:c4:b3:dc:20:d2:a9:55:0e:e8:3a:3c:b7:
7e:bc:1c:b9:35:fe:25:9d:61:2e:62:ee:7c:7b:52:
bd:bf:81:f1:da:c9:41:dd:0c:ad:32:e2:d5:43:3b:
13:21:75:a4:9b:18:d0:cc:75:ac:45:6d:ae:63:dd:
d3:b5:11:86:64:08:93:b5:ef:28:7e:ac:94:14:d3:
40:47:d3:4f:e6:00:5e:0c:59:cc:15:ab:3a:39:7a:
00:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F5:02:5B:4F:22:54:7E:8E:D1:51:0C:79:69:72:2E:8A:07:FB:E5
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/N_UCW08iVH6O0VEMeWlyLooH--U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.57.0/24
84.32.67.0/24
84.32.91.0/24
88.216.38.0/23
88.216.93.0/24
88.216.101.0/24
88.216.130.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:63:f8:26:d9:26:f3:87:63:31:e0:b7:26:dc:e8:60:89:76:
cb:15:6e:44:16:07:a9:13:e2:aa:cd:9d:08:15:84:16:7a:4c:
c3:b7:a2:a7:e1:05:00:c0:cf:af:77:c0:4d:ba:f6:33:04:93:
2a:fd:59:45:bc:74:95:dd:11:4c:db:9e:70:19:87:ea:f8:d6:
2e:48:10:0b:54:ab:10:55:2d:da:98:de:f3:f3:66:c8:a0:cb:
6b:f8:49:19:97:24:e7:e3:0e:01:bb:b2:d0:54:9d:56:b6:1e:
e9:42:83:91:cd:dc:a3:c4:61:46:97:96:7f:b0:c7:25:ff:fd:
82:8d:f7:74:c9:51:d9:95:b3:4a:47:ce:b1:5f:30:60:46:80:
69:23:32:61:ae:00:19:f0:f5:9e:2f:d1:6d:26:a2:b6:dc:e5:
e2:fd:08:6d:50:5b:81:7b:7a:e6:ad:89:29:b3:16:d9:88:f6:
a6:ad:10:55:cc:8c:57:40:5a:45:ba:cf:5b:37:5e:5b:44:c2:
54:3f:c1:6b:d2:6a:fd:2f:63:86:77:ab:af:68:7e:63:3d:31:
13:48:b1:21:81:19:fe:ff:5f:e2:89:77:3e:d8:d4:62:86:6b:
f8:50:db:ad:cd:52:d4:3f:1f:e9:99:6d:5e:a5:d2:cd:9f:71:
fb:96:a9:74
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYV2bqmBhoKAMCZmag9t0MiBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAzMDcwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Y1MDI1YjRmMjI1NDdlOGVkMTUxMGM3OTY5NzIyZThhMDdmYmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/hAmkHneSMBKV/PMk5sq6S94p8C
BSHuWQPyMqLGODXDJduWNZP51HxjebWJtfueHr6Q0wf9q+WISMGAYOjc7fglySEG
pUCTSMrkF7scxkayh+5voyfLoy4kqlfl/LxzcGtQZV4HLXEuBB4l7kzFmeoMVlf4
6VgPV8IGHNoLLEyWqKO3S1QinpXbxBKHesZftXT1NdMSKWLZaRpidkZfuhZ+MGuE
8RTEs9wg0qlVDug6PLd+vBy5Nf4lnWEuYu58e1K9v4Hx2slB3QytMuLVQzsTIXWk
mxjQzHWsRW2uY93TtRGGZAiTte8ofqyUFNNAR9NP5gBeDFnMFas6OXoA3wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDf1AltPIlR+jtFRDHlpci6KB/vlMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTl9VQ1cwOGlWSDZPMFZFTWVXbHlMb29ILS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVCA5AwQA
VCBDAwQAVCBbAwQBWNgmAwQAWNhdAwQAWNhlAwQAWNiCMA0GCSqGSIb3DQEBCwUA
A4IBAQB6Y/gm2Sbzh2Mx4Lcm3OhgiXbLFW5EFgepE+KqzZ0IFYQWekzDt6Kn4QUA
wM+vd8BNuvYzBJMq/VlFvHSV3RFM255wGYfq+NYuSBALVKsQVS3amN7z82bIoMtr
+EkZlyTn4w4Bu7LQVJ1Wth7pQoORzdyjxGFGl5Z/sMcl//2Cjfd0yVHZlbNKR86x
XzBgRoBpIzJhrgAZ8PWeL9FtJqK23OXi/QhtUFuBe3rmrYkpsxbZiPamrRBVzIxX
QFpFus9bN15bRMJUP8Fr0mr9L2OGd6uvaH5jPTETSLEhgRn+/1/iiXc+2NRihmv4
UNutzVLUPx/pmW1epdLNn3H7lql0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org