Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Ok0ea_F68yJoybis9Kq8pEkPOMY.roa
File: Ok0ea_F68yJoybis9Kq8pEkPOMY.roa (raw, json)
Hash identifier: ReW/qX/mI1Fc3jrShZZAaFNQna+rk7SAxzbjxUEEZiU=
Subject key identifier: 3A:4D:1E:6B:F1:7A:F3:22:68:C9:B8:AC:F4:AA:BC:A4:49:0F:38:C6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01866E75C5D67580961D864A4B497D58CAD8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Ok0ea_F68yJoybis9Kq8pEkPOMY.roa
Signing time: Mon 20 Feb 2023 10:54:17 +0000
ROA not before: Mon 20 Feb 2023 10:54:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16125
IP address blocks: 84.32.57.0/24 maxlen: 24
84.32.176.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
84.32.215.0/24 maxlen: 24
84.32.214.0/24 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
84.32.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Mar 2023 14:11:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6e:75:c5:d6:75:80:96:1d:86:4a:4b:49:7d:58:ca:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 20 10:54:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a4d1e6bf17af32268c9b8acf4aabca4490f38c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:95:a4:5d:86:69:96:ae:12:48:84:49:df:96:
fb:73:38:80:4b:30:87:8f:1d:01:65:48:45:51:f6:
dd:1d:31:eb:2b:13:48:fb:50:ad:f7:a6:76:16:07:
ea:07:44:04:01:bd:53:a8:d5:4d:28:83:15:e3:db:
14:cc:b7:10:e3:a1:b6:b4:bf:3c:7c:9e:fc:b6:0d:
94:39:73:b1:4a:b4:53:5e:d6:00:74:87:99:d0:25:
b6:e3:86:22:a9:34:b4:bc:e3:46:ea:4d:d5:dd:54:
6f:c5:d8:8f:37:f8:00:ba:74:39:0e:16:bb:f1:e2:
27:29:13:39:e0:f3:ce:ab:aa:2e:1b:a7:f8:ec:da:
47:ec:5d:a7:ca:30:ac:b1:58:54:04:e7:3b:24:5a:
8a:ed:b8:e9:44:bd:10:8a:2f:a1:b2:91:e9:99:ee:
a1:75:48:85:62:60:9f:3b:ca:e1:51:33:6c:c9:cb:
7c:8a:40:b6:f3:11:18:41:71:07:4a:24:32:d0:63:
63:36:59:5b:cb:5a:25:3e:4f:3e:1f:55:09:32:dd:
41:bd:7b:ad:9b:1a:19:a0:75:f8:dd:f6:24:bf:41:
a9:70:4a:86:e5:97:33:a8:5c:92:a8:34:c8:40:75:
78:9a:da:6d:c6:c4:2e:9c:5a:78:e3:08:3b:85:9c:
b2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4D:1E:6B:F1:7A:F3:22:68:C9:B8:AC:F4:AA:BC:A4:49:0F:38:C6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Ok0ea_F68yJoybis9Kq8pEkPOMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/24
84.32.57.0/24
84.32.176.0/24
84.32.214.0/23
84.32.248.0/24
88.216.32.0/24
88.216.129.0/24
88.216.186.0/24
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
79:6c:68:cf:9d:77:98:5b:2b:6d:ae:aa:7c:ad:69:b8:b4:a4:
93:f1:c2:ae:2d:34:2f:fa:dd:6b:42:28:61:e9:ab:7c:97:8b:
79:fa:05:bd:1b:30:6e:20:ca:dd:0c:b2:4b:1a:cc:59:dd:31:
bc:e2:57:a6:f8:76:a9:bd:17:00:27:8b:c3:b4:6c:66:34:31:
a4:e4:47:31:b4:40:59:24:41:12:86:1c:6b:5d:a7:f7:f4:3c:
0a:f4:f4:cc:48:aa:8f:5d:27:fe:35:d5:b9:66:80:1c:39:4b:
3f:fc:71:be:9d:0f:cc:da:15:66:01:6d:72:c0:09:3e:07:b8:
2e:db:92:36:5d:86:16:0a:43:9f:0f:66:50:0c:a1:c4:2d:d0:
e8:79:11:91:8c:aa:c2:a1:c4:16:67:47:b7:4b:9a:d3:1f:c0:
cd:26:15:06:b8:00:f2:e5:1a:61:28:5f:bf:4a:94:7e:82:9e:
d7:34:f1:cd:f0:a3:87:f1:0a:84:f7:e2:d9:71:71:5c:be:0b:
3a:39:2b:31:44:6e:23:a7:52:67:45:86:d1:de:9b:41:ab:37:
4c:b2:42:92:3e:d7:9e:d6:a4:ac:35:b2:39:2b:59:56:ae:d1:
15:e3:bb:5d:34:79:61:b3:41:85:4e:f0:c4:7c:ce:31:32:bc:
95:d4:05:04
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYZudcXWdYCWHYZKS0l9WMrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIwMTA1NDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTRkMWU2YmYxN2FmMzIyNjhjOWI4YWNmNGFhYmNhNDQ5MGYzOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5WkXYZplq4SSIRJ35b7cziASzCH
jx0BZUhFUfbdHTHrKxNI+1Ct96Z2FgfqB0QEAb1TqNVNKIMV49sUzLcQ46G2tL88
fJ78tg2UOXOxSrRTXtYAdIeZ0CW244YiqTS0vONG6k3V3VRvxdiPN/gAunQ5Dha7
8eInKRM54PPOq6ouG6f47NpH7F2nyjCssVhUBOc7JFqK7bjpRL0Qii+hspHpme6h
dUiFYmCfO8rhUTNsyct8ikC28xEYQXEHSiQy0GNjNllby1olPk8+H1UJMt1BvXut
mxoZoHX43fYkv0GpcEqG5ZczqFySqDTIQHV4mtptxsQunFp44wg7hZyySwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDpNHmvxevMiaMm4rPSqvKRJDzjGMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvT2swZWFfRjY4eUpveWJpczlLcThwRWtQT01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVCAYAwQA
VCA5AwQAVCCwAwQBVCDWAwQAVCD4AwQAWNggAwQAWNiBAwQAWNi6AwQCWNjsMA0G
CSqGSIb3DQEBCwUAA4IBAQB5bGjPnXeYWyttrqp8rWm4tKST8cKuLTQv+t1rQihh
6at8l4t5+gW9GzBuIMrdDLJLGsxZ3TG84lem+HapvRcAJ4vDtGxmNDGk5EcxtEBZ
JEEShhxrXaf39DwK9PTMSKqPXSf+NdW5ZoAcOUs//HG+nQ/M2hVmAW1ywAk+B7gu
25I2XYYWCkOfD2ZQDKHELdDoeRGRjKrCocQWZ0e3S5rTH8DNJhUGuADy5RphKF+/
SpR+gp7XNPHN8KOH8QqE9+LZcXFcvgs6OSsxRG4jp1JnRYbR3ptBqzdMskKSPtee
1qSsNbI5K1lWrtEV47tdNHlhs0GFTvDEfM4xMryV1AUE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org