Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QNDQ-kmOt929KNMcDwEiIjFGjK4.roa
File: QNDQ-kmOt929KNMcDwEiIjFGjK4.roa (raw, json)
Hash identifier: RtV09C04FIKyBTcu3LEDCeC/QTG2SsRakhNG9Jv6Z2k=
Subject key identifier: 40:D0:D0:FA:49:8E:B7:DD:BD:28:D3:1C:0F:01:22:22:31:46:8C:AE
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01909B3B9FCCAACEADED1BB9EA7CAA8AC76C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QNDQ-kmOt929KNMcDwEiIjFGjK4.roa
Signing time: Wed 10 Jul 2024 06:01:34 +0000
ROA not before: Wed 10 Jul 2024 06:01:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.32.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 07:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:3b:9f:cc:aa:ce:ad:ed:1b:b9:ea:7c:aa:8a:c7:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 10 06:01:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40d0d0fa498eb7ddbd28d31c0f01222231468cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:83:b8:da:ab:ed:d6:4f:28:f0:28:bd:0e:82:
51:b7:53:9f:b4:92:67:ab:48:38:10:20:ec:76:37:
b9:dc:11:ad:04:4c:3e:a3:83:0f:82:7b:48:41:4c:
a8:01:2c:7d:3b:5b:4c:c8:eb:71:05:39:4a:94:d0:
9b:e3:c9:90:d2:a7:7e:2b:77:3c:46:8d:4b:1e:4f:
65:3c:e3:d6:fa:d3:8a:62:f5:07:cb:83:04:2d:67:
be:fd:1f:41:ee:7e:98:97:27:a0:50:64:37:ea:11:
e3:1b:26:3d:af:08:4f:98:09:cb:59:eb:93:ae:03:
e5:21:a2:8b:e8:77:b6:53:21:53:aa:e9:83:71:74:
62:f9:4f:00:1a:ae:23:ac:a8:94:89:dd:b7:8b:7d:
9e:d8:c4:d9:82:20:0c:9d:d1:6d:15:59:39:11:51:
65:fb:d6:18:2d:bc:a9:c9:22:b0:10:9a:4e:50:18:
32:d5:28:b8:dc:b3:4e:bc:97:00:2d:d9:08:c3:46:
b5:e0:48:e7:79:3d:e2:21:ac:84:c0:0b:5c:49:76:
1e:cc:24:49:73:f1:50:13:74:09:a6:1c:8d:fc:68:
23:c2:d3:90:72:ca:ad:d0:4b:8e:59:02:52:2a:ca:
6d:f8:59:e5:6e:3d:c0:a4:59:a4:b1:bf:1f:75:32:
0a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D0:D0:FA:49:8E:B7:DD:BD:28:D3:1C:0F:01:22:22:31:46:8C:AE
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QNDQ-kmOt929KNMcDwEiIjFGjK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.32.0/24
84.32.46.0/23
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
10:37:dd:e9:dc:fb:ed:08:af:ae:e4:55:47:8d:b5:f3:95:77:
46:12:51:10:73:3f:36:d9:1f:41:f7:f0:ed:ae:3c:60:f8:b7:
26:df:e1:20:5c:1d:95:3d:50:60:fe:49:31:50:9f:51:3f:3c:
61:56:ca:46:1b:7c:ff:f2:fe:07:f8:10:4f:ac:19:74:23:62:
36:62:f2:86:9a:4b:2a:49:59:36:dc:64:04:16:de:18:63:a1:
72:6e:33:59:ae:1b:e6:4d:03:83:42:1f:2d:3f:bd:23:e9:7f:
30:e9:0e:78:d2:61:14:ab:2d:da:fc:ae:ed:5c:25:d3:c8:c4:
1d:15:ca:27:09:9e:c9:c3:c8:4f:fb:9f:21:4e:7c:62:25:46:
aa:75:3a:28:10:38:f9:ea:f0:cb:cd:62:56:74:1c:d0:2e:18:
69:39:2c:00:39:66:d0:96:0d:b1:ce:a2:83:77:cd:96:80:ba:
e8:1f:6d:95:75:47:3a:93:27:dc:35:b6:6f:1c:30:f4:37:c9:
5e:d7:79:96:65:2c:3f:77:7f:0e:86:46:9b:cb:3a:1d:d0:88:
3f:95:f6:32:21:18:7d:cf:de:69:d9:59:1e:5b:f1:d8:85:70:
b1:20:14:71:7b:fa:b7:b3:fa:30:0e:7b:65:30:62:2e:e3:31:
ab:1d:9d:33
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZCbO5/Mqs6t7Ru56nyqisdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNzEwMDYwMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQwZDBmYTQ5OGViN2RkYmQyOGQzMWMwZjAxMjIyMjMxNDY4Y2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoO42qvt1k8o8Ci9DoJRt1OftJJn
q0g4ECDsdje53BGtBEw+o4MPgntIQUyoASx9O1tMyOtxBTlKlNCb48mQ0qd+K3c8
Ro1LHk9lPOPW+tOKYvUHy4MELWe+/R9B7n6YlyegUGQ36hHjGyY9rwhPmAnLWeuT
rgPlIaKL6He2UyFTqumDcXRi+U8AGq4jrKiUid23i32e2MTZgiAMndFtFVk5EVFl
+9YYLbypySKwEJpOUBgy1Si43LNOvJcALdkIw0a14EjneT3iIayEwAtcSXYezCRJ
c/FQE3QJphyN/GgjwtOQcsqt0EuOWQJSKspt+Fnlbj3ApFmksb8fdTIKRQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFEDQ0PpJjrfdvSjTHA8BIiIxRoyuMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUU5EUS1rbU90OTI5S05NY0R3RWlJakZHaks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQAVCAH
AwQAVCAIMAwDBAJUIBQDBAJUIBgDBABUICADBAFUIC4DBABUIF8DBAJUIJQDBAFU
IK4DBAFUINYDBAJUIPQDBAFY2BYDBAFY2CwDBABY2F0DBAFY2IIDBAFY2IYDBAJY
2NQwDQYJKoZIhvcNAQELBQADggEBABA33enc++0Ir67kVUeNtfOVd0YSURBzPzbZ
H0H38O2uPGD4tybf4SBcHZU9UGD+STFQn1E/PGFWykYbfP/y/gf4EE+sGXQjYjZi
8oaaSypJWTbcZAQW3hhjoXJuM1muG+ZNA4NCHy0/vSPpfzDpDnjSYRSrLdr8ru1c
JdPIxB0VyicJnsnDyE/7nyFOfGIlRqp1OigQOPnq8MvNYlZ0HNAuGGk5LAA5ZtCW
DbHOooN3zZaAuugfbZV1RzqTJ9w1tm8cMPQ3yV7XeZZlLD93fw6GRpvLOh3QiD+V
9jIhGH3P3mnZWR5b8diFcLEgFHF7+rez+jAOe2UwYi7jMasdnTM=
-----END CERTIFICATE-----
Generated at Thu Jul 11 08:35:48 2024 by rpki-client on console-ams.rpki-client.org