Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Pjs2x5ch5vfmXkWCUZQUBZf2quQ.roa
File: Pjs2x5ch5vfmXkWCUZQUBZf2quQ.roa (raw, json)
Hash identifier: XkFLCzdSfTuwP3ZrcIX3+KqgoT2RkNzyJGyzHmnZuDM=
Subject key identifier: 3E:3B:36:C7:97:21:E6:F7:E6:5E:45:82:51:94:14:05:97:F6:AA:E4
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFD59F07E0521291DD52A76C8D9E9E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Pjs2x5ch5vfmXkWCUZQUBZf2quQ.roa
Signing time: Sun 01 Jan 2023 18:54:55 +0000
ROA not before: Sun 01 Jan 2023 18:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212384
IP address blocks: 84.32.82.0/24 maxlen: 24
88.216.196.0/24 maxlen: 24
88.216.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Jan 2023 18:22:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:d5:9f:07:e0:52:12:91:dd:52:a7:6c:8d:9e:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e3b36c79721e6f7e65e45825194140597f6aae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:bc:87:c9:eb:5f:98:0d:94:25:fc:bf:2f:0a:
03:8c:3c:8f:e7:6d:ca:44:c9:57:e6:8a:a1:7f:96:
1d:c7:57:3f:5f:6b:09:4d:da:b1:98:7e:8d:da:9c:
60:d9:45:c4:2e:d4:2f:30:53:5e:6a:7b:74:83:93:
bd:8c:de:35:ce:84:a4:86:29:fe:d4:2a:27:ff:83:
65:54:51:e4:dc:88:9c:69:e8:29:5b:5e:7b:5d:c3:
ff:11:64:7f:12:0b:30:47:bf:49:20:6b:06:86:57:
5e:4f:d6:71:21:f6:84:12:b1:c2:1a:b6:92:72:3f:
e5:5f:13:68:af:1d:1b:bf:b5:42:09:35:b3:bc:c5:
43:69:71:00:61:05:4b:00:10:68:b4:bc:70:cc:db:
5b:ef:b8:3d:4c:0a:2b:66:b9:66:20:82:89:c3:7d:
1f:98:ca:ef:ce:9b:d8:9c:70:1b:24:29:a5:ea:6b:
78:c9:01:5a:cc:55:df:1f:a0:ab:b0:05:f6:e9:af:
75:f4:43:4d:bd:3a:25:77:a3:9c:8a:63:95:72:16:
ec:4f:23:0a:b2:57:2b:bd:97:71:c3:98:81:89:59:
9f:04:4d:c8:81:51:66:fe:dc:c4:4a:6a:85:97:32:
65:09:95:94:c2:a1:17:f9:dd:34:50:9c:6c:0c:02:
70:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:3B:36:C7:97:21:E6:F7:E6:5E:45:82:51:94:14:05:97:F6:AA:E4
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Pjs2x5ch5vfmXkWCUZQUBZf2quQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.82.0/24
88.216.37.0/24
88.216.196.0/24
Signature Algorithm: sha256WithRSAEncryption
93:c8:00:01:d7:40:d0:f4:5e:ee:30:77:aa:19:91:d4:a4:da:
33:a3:5d:61:50:1f:e5:b0:4c:af:fc:c9:99:36:fd:49:77:41:
29:9a:7f:70:f8:7b:36:8e:a0:7c:06:c0:34:38:76:45:1d:fc:
34:39:37:6a:9b:52:90:dc:f7:90:87:e6:52:6a:92:2f:e9:3c:
f5:fc:f9:8f:9e:eb:62:9b:75:3d:07:96:1b:d5:09:47:a4:48:
90:da:ea:2e:a0:7d:81:01:51:74:b2:36:59:84:04:9b:9f:58:
cb:db:bf:94:c3:0f:7f:ab:ab:e6:9c:62:75:60:c4:51:6e:46:
ac:bf:74:1f:0c:18:3e:2d:d6:7d:c5:8c:5e:92:69:7c:a4:15:
70:a1:10:0f:c1:0c:9e:a2:bc:f3:a1:59:76:b4:5a:3d:65:4a:
b0:76:ac:6f:c6:ae:6b:3b:1a:e8:14:09:03:08:dd:48:84:5e:
f8:86:47:70:61:53:5b:4d:0c:de:af:41:2a:9a:3f:fb:99:48:
19:7e:ca:b8:4d:ec:06:29:dd:5d:17:d5:42:a4:7b:0d:26:1d:
b5:74:b2:15:ae:1a:16:a5:8b:01:c3:54:d1:58:46:8c:53:e7:
e3:ca:92:9b:77:40:48:1a:58:37:77:4f:8e:d0:9f:97:1f:a8:
37:7e:36:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVur9WfB+BSEpHdUqdsjZ6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTNiMzZjNzk3MjFlNmY3ZTY1ZTQ1ODI1MTk0MTQwNTk3ZjZhYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjryHyetfmA2UJfy/LwoDjDyP523K
RMlX5oqhf5Ydx1c/X2sJTdqxmH6N2pxg2UXELtQvMFNeant0g5O9jN41zoSkhin+
1Con/4NlVFHk3IicaegpW157XcP/EWR/EgswR79JIGsGhldeT9ZxIfaEErHCGraS
cj/lXxNorx0bv7VCCTWzvMVDaXEAYQVLABBotLxwzNtb77g9TAorZrlmIIKJw30f
mMrvzpvYnHAbJCml6mt4yQFazFXfH6CrsAX26a919ENNvTold6OcimOVchbsTyMK
slcrvZdxw5iBiVmfBE3IgVFm/tzESmqFlzJlCZWUwqEX+d00UJxsDAJwVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD47NseXIeb35l5FglGUFAWX9qrkMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUGpzMng1Y2g1dmZtWGtXQ1VaUVVCWmYycXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCBSAwQA
WNglAwQAWNjEMA0GCSqGSIb3DQEBCwUAA4IBAQCTyAAB10DQ9F7uMHeqGZHUpNoz
o11hUB/lsEyv/MmZNv1Jd0Epmn9w+Hs2jqB8BsA0OHZFHfw0OTdqm1KQ3PeQh+ZS
apIv6Tz1/PmPnutim3U9B5Yb1QlHpEiQ2uouoH2BAVF0sjZZhASbn1jL27+Uww9/
q6vmnGJ1YMRRbkasv3QfDBg+LdZ9xYxekml8pBVwoRAPwQyeorzzoVl2tFo9ZUqw
dqxvxq5rOxroFAkDCN1IhF74hkdwYVNbTQzer0Eqmj/7mUgZfsq4TewGKd1dF9VC
pHsNJh21dLIVrhoWpYsBw1TRWEaMU+fjypKbd0BIGlg3d0+O0J+XH6g3fjZv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org