Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QO13dcjbYF3jM4EFZEEOqldHzeQ.roa
File: QO13dcjbYF3jM4EFZEEOqldHzeQ.roa (raw, json)
Hash identifier: 0zQgSZkrOUfCaEn/1PkR2g6jWqlR2MREhHlWKFWJvzE=
Subject key identifier: 40:ED:77:75:C8:DB:60:5D:E3:33:81:05:64:41:0E:AA:57:47:CD:E4
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018B71D6FB35313C3554F534BF3DDFD6F5CE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QO13dcjbYF3jM4EFZEEOqldHzeQ.roa
Signing time: Fri 27 Oct 2023 15:53:16 +0000
ROA not before: Fri 27 Oct 2023 15:53:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 84.32.62.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.83.0/24 maxlen: 24
84.32.85.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
84.32.4.0/24 maxlen: 24
84.32.11.0/24 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.27.0/24 maxlen: 24
84.32.28.0/24 maxlen: 24
84.32.29.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
84.32.43.0/24 maxlen: 24
88.216.97.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:d6:fb:35:31:3c:35:54:f5:34:bf:3d:df:d6:f5:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 27 15:53:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40ed7775c8db605de333810564410eaa5747cde4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f0:fa:68:51:52:41:08:94:13:33:01:99:10:
d6:53:66:3f:4a:fa:f6:fa:6e:e6:9b:5a:1e:62:65:
8d:7d:b4:e5:58:fd:01:da:4c:df:23:51:9f:eb:26:
6f:9c:c8:71:cc:1c:78:7e:6b:00:c5:03:8c:c5:e5:
e7:fc:bd:a5:55:86:cf:4e:49:4e:e2:f0:cd:b4:c1:
a8:97:cc:62:37:1e:c0:d2:d8:64:d2:ae:cb:62:68:
03:4a:2c:78:ae:2a:3b:6c:6f:3d:b3:6f:cd:32:f0:
70:fa:29:9f:10:83:62:8c:ae:f8:18:82:3d:03:4c:
c1:ee:ec:3d:b9:34:9f:de:8b:ee:57:67:28:14:d8:
6b:b2:fe:03:4a:f0:b9:3b:5e:39:3b:90:4d:e2:a3:
f5:1e:f4:4d:23:c7:50:8a:46:4f:31:cb:b8:0a:b9:
e4:9a:10:a5:e0:d8:22:4b:eb:75:5d:7b:cd:71:95:
68:09:74:92:bb:27:4d:f6:1d:51:60:2f:27:8c:18:
19:b3:38:72:ab:73:e4:c1:06:22:90:5c:e2:70:04:
65:a2:01:c6:be:a0:7b:9b:0a:15:98:29:e7:fa:8f:
cf:2a:1b:74:38:52:74:c4:d2:cf:c9:49:f5:ba:b3:
7d:2b:80:4f:e6:72:09:61:ce:61:fe:ae:6f:51:76:
8c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:ED:77:75:C8:DB:60:5D:E3:33:81:05:64:41:0E:AA:57:47:CD:E4
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QO13dcjbYF3jM4EFZEEOqldHzeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0/24
84.32.11.0/24
84.32.14.0/24
84.32.27.0-84.32.31.255
84.32.42.0/23
84.32.62.0/24
84.32.65.0/24
84.32.68.0/24
84.32.76.0/23
84.32.79.0/24
84.32.83.0/24
84.32.85.0/24
84.32.88.0-84.32.90.255
84.32.92.0-84.32.94.255
88.216.97.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:cd:cf:b3:6c:a5:e5:65:66:63:39:1a:1f:0f:4e:fe:dc:f5:
bb:f5:66:e3:ab:f9:7c:e0:84:94:c5:e5:39:b8:2b:2d:1f:ef:
1c:e4:83:bb:f6:4c:0b:11:9c:19:a7:86:dc:ca:58:90:ce:53:
e2:31:71:1f:71:66:54:a4:03:46:54:35:df:a2:87:0b:a9:62:
91:bc:e3:9b:8c:cd:e3:07:ee:7c:8a:58:c9:eb:eb:fd:95:1d:
92:9d:6d:83:97:87:8f:95:3c:77:6f:c0:d9:bf:83:e8:72:46:
65:e0:4a:91:07:b7:91:cf:5f:5a:f7:65:b1:76:73:9c:9f:f9:
e4:8c:e9:04:92:78:0c:43:24:ff:e7:32:86:b8:93:64:7c:3c:
f6:e3:8a:ec:ba:7b:1c:ca:8b:14:21:da:b0:fc:3c:90:57:fc:
62:cc:62:51:33:d0:0e:5f:7c:74:34:7e:23:3a:a3:3f:da:97:
56:7d:76:ec:9e:f2:98:f6:c6:0e:0b:71:f0:95:f0:c3:11:dc:
2d:4e:bc:72:04:7f:91:e1:1b:2f:c3:4e:49:f1:04:12:dc:1f:
95:53:cc:ca:20:b7:3d:44:4d:d3:59:9d:1a:db:b7:ce:49:2a:
27:74:44:c7:fa:d1:98:4b:60:f7:ea:63:ce:74:dc:51:dc:49:
72:b4:d6:f6
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYtx1vs1MTw1VPU0vz3f1vXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDI3MTU1MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGVkNzc3NWM4ZGI2MDVkZTMzMzgxMDU2NDQxMGVhYTU3NDdjZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/D6aFFSQQiUEzMBmRDWU2Y/Svr2
+m7mm1oeYmWNfbTlWP0B2kzfI1Gf6yZvnMhxzBx4fmsAxQOMxeXn/L2lVYbPTklO
4vDNtMGol8xiNx7A0thk0q7LYmgDSix4rio7bG89s2/NMvBw+imfEINijK74GII9
A0zB7uw9uTSf3ovuV2coFNhrsv4DSvC5O145O5BN4qP1HvRNI8dQikZPMcu4Crnk
mhCl4NgiS+t1XXvNcZVoCXSSuydN9h1RYC8njBgZszhyq3PkwQYikFzicARlogHG
vqB7mwoVmCnn+o/PKht0OFJ0xNLPyUn1urN9K4BP5nIJYc5h/q5vUXaMOQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFEDtd3XI22Bd4zOBBWRBDqpXR83kMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUU8xM2RjamJZRjNqTTRFRlpFRU9xbGRIemVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAFQgBAME
AFQgCwMEAFQgDjAMAwQAVCAbAwQFVCAAAwQBVCAqAwQAVCA+AwQAVCBBAwQAVCBE
AwQBVCBMAwQAVCBPAwQAVCBTAwQAVCBVMAwDBANUIFgDBABUIFowDAMEAlQgXAME
AFQgXgMEAFjYYTANBgkqhkiG9w0BAQsFAAOCAQEAns3Ps2yl5WVmYzkaHw9O/tz1
u/Vm46v5fOCElMXlObgrLR/vHOSDu/ZMCxGcGaeG3MpYkM5T4jFxH3FmVKQDRlQ1
36KHC6likbzjm4zN4wfufIpYyevr/ZUdkp1tg5eHj5U8d2/A2b+D6HJGZeBKkQe3
kc9fWvdlsXZznJ/55IzpBJJ4DEMk/+cyhriTZHw89uOK7Lp7HMqLFCHasPw8kFf8
YsxiUTPQDl98dDR+IzqjP9qXVn127J7ymPbGDgtx8JXwwxHcLU68cgR/keEbL8NO
SfEEEtwflVPMyiC3PURN01mdGtu3zkkqJ3REx/rRmEtg9+pjznTcUdxJcrTW9g==
-----END CERTIFICATE-----
Generated at Sat Oct 28 16:39:55 2023 by rpki-client on console-ams.rpki-client.org