Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NqMq7_SxE9u_7HQ9so6oHZZTCoU.roa
File: NqMq7_SxE9u_7HQ9so6oHZZTCoU.roa (raw, json)
Hash identifier: ASE9J+JxSCYE05MYi4C8IW5vheEd3lR7HZMtLbs82N4=
Subject key identifier: 36:A3:2A:EF:F4:B1:13:DB:BF:EC:74:3D:B2:8E:A8:1D:96:53:0A:85
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188B14D273BECC7796625C534F5810AFD8A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NqMq7_SxE9u_7HQ9so6oHZZTCoU.roa
Signing time: Mon 12 Jun 2023 20:30:03 +0000
ROA not before: Mon 12 Jun 2023 20:30:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
88.216.185.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.252.0/22 maxlen: 24
88.216.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jul 2023 05:57:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b1:4d:27:3b:ec:c7:79:66:25:c5:34:f5:81:0a:fd:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 12 20:30:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36a32aeff4b113dbbfec743db28ea81d96530a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:57:18:01:ba:10:d9:08:23:9c:6d:70:89:de:
b7:d0:e2:83:bd:37:e3:06:86:06:f3:bd:09:f6:b9:
a4:64:8d:bb:28:dc:1e:b8:87:83:5a:81:bb:3b:61:
4e:1d:08:69:e2:29:c9:06:ec:a8:44:82:fd:af:46:
2d:4f:55:dc:18:88:b0:29:e8:c2:5e:ac:34:17:5d:
c7:bb:46:72:1d:fb:8e:c2:52:6c:04:25:ba:c0:04:
ac:4c:a4:1b:bc:d9:07:cd:45:5e:1e:21:73:0e:e3:
db:df:58:69:ee:d9:48:19:09:3c:87:ca:24:62:3b:
59:30:70:b9:30:a0:20:89:21:a7:a4:6f:4a:50:ce:
1a:34:bb:d2:14:bf:16:04:06:37:0d:5f:25:fb:91:
c7:06:7a:e3:fc:ce:cb:26:d6:53:67:4e:5d:48:b8:
93:6a:b5:50:84:bc:1c:4c:72:e8:06:83:57:d0:b2:
70:73:ca:9f:62:59:20:3c:c3:31:79:02:13:15:49:
38:69:c3:bc:a5:f3:ad:f1:9a:e3:00:da:e7:8b:55:
ee:c2:71:fe:dc:8e:4a:13:b8:94:e9:2b:e5:66:62:
90:5c:9a:ff:53:cb:6d:70:56:d5:ec:b6:eb:01:f5:
ad:fc:0b:f4:be:30:04:1d:bd:46:dc:1d:3e:e3:c7:
90:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A3:2A:EF:F4:B1:13:DB:BF:EC:74:3D:B2:8E:A8:1D:96:53:0A:85
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NqMq7_SxE9u_7HQ9so6oHZZTCoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.52.0/22
84.32.89.0/24
84.32.95.0/24
88.216.20.0/23
88.216.43.0/24
88.216.98.0/24
88.216.103.0/24
88.216.185.0/24
88.216.212.0/23
88.216.215.0/24
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
27:b3:e4:74:11:52:11:d2:62:60:65:df:b0:2c:a9:7f:7e:e8:
4e:f3:59:5e:1b:8e:f2:da:eb:c2:3b:3f:12:01:8f:5a:ef:fa:
67:7e:34:04:1c:2f:54:bf:c9:fc:71:a6:54:43:2f:ed:0f:05:
4d:ab:68:99:2b:8d:16:12:4f:07:f4:8e:c7:06:9d:a6:cb:3c:
d7:11:20:fc:bc:95:78:fb:ce:3f:b7:c2:66:67:94:6a:f6:d6:
b6:d8:51:3a:21:4f:90:fe:f9:6a:56:de:d7:28:e9:f3:f9:82:
bc:70:78:bd:44:68:03:cf:bc:43:19:08:09:cb:86:1f:40:ec:
c5:c3:55:97:1e:91:f5:c8:1e:f5:af:70:f4:55:e9:09:53:6f:
40:e8:a7:eb:08:2e:4f:f1:8f:8f:60:f8:32:70:0c:ed:39:2d:
bb:61:dc:f0:dc:44:e2:77:a6:a8:c1:e4:9d:fa:32:59:45:d1:
5e:95:9e:2a:98:35:b2:13:c3:04:b4:4e:cb:dd:15:90:2d:6e:
51:59:38:7d:fe:8c:a6:83:48:97:36:92:77:d0:52:af:84:aa:
54:06:04:de:c6:3d:f4:3f:75:b0:f6:14:49:6b:83:19:55:ed:
c6:7c:da:46:12:ee:f1:49:5d:7f:03:c8:04:a6:51:9d:99:c1:
82:77:95:ea
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYixTSc77Md5ZiXFNPWBCv2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjEyMjAzMDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmEzMmFlZmY0YjExM2RiYmZlYzc0M2RiMjhlYTgxZDk2NTMwYTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFcYAboQ2QgjnG1wid630OKDvTfj
BoYG870J9rmkZI27KNweuIeDWoG7O2FOHQhp4inJBuyoRIL9r0YtT1XcGIiwKejC
Xqw0F13Hu0ZyHfuOwlJsBCW6wASsTKQbvNkHzUVeHiFzDuPb31hp7tlIGQk8h8ok
YjtZMHC5MKAgiSGnpG9KUM4aNLvSFL8WBAY3DV8l+5HHBnrj/M7LJtZTZ05dSLiT
arVQhLwcTHLoBoNX0LJwc8qfYlkgPMMxeQITFUk4acO8pfOt8ZrjANrni1XuwnH+
3I5KE7iU6SvlZmKQXJr/U8ttcFbV7LbrAfWt/Av0vjAEHb1G3B0+48eQYwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDajKu/0sRPbv+x0PbKOqB2WUwqFMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTnFNcTdfU3hFOXVfN0hROXNvNm9IWlpUQ29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAVCAGAwQC
VCA0AwQAVCBZAwQAVCBfAwQBWNgUAwQAWNgrAwQAWNhiAwQAWNhnAwQAWNi5AwQB
WNjUAwQAWNjXAwQCWNj8MA0GCSqGSIb3DQEBCwUAA4IBAQAns+R0EVIR0mJgZd+w
LKl/fuhO81leG47y2uvCOz8SAY9a7/pnfjQEHC9Uv8n8caZUQy/tDwVNq2iZK40W
Ek8H9I7HBp2myzzXESD8vJV4+84/t8JmZ5Rq9ta22FE6IU+Q/vlqVt7XKOnz+YK8
cHi9RGgDz7xDGQgJy4YfQOzFw1WXHpH1yB71r3D0VekJU29A6KfrCC5P8Y+PYPgy
cAztOS27Ydzw3ETid6aoweSd+jJZRdFelZ4qmDWyE8MEtE7L3RWQLW5RWTh9/oym
g0iXNpJ30FKvhKpUBgTexj30P3Ww9hRJa4MZVe3GfNpGEu7xSV1/A8gEplGdmcGC
d5Xq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org