Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Rg3Dio01us7kGUdrEG33zLKo6bQ.roa
File: Rg3Dio01us7kGUdrEG33zLKo6bQ.roa (raw, json)
Hash identifier: DGCGBU5cb2y9oy0gQVsVpvmFkV8/KosLXVfS+emOqDY=
Subject key identifier: 46:0D:C3:8A:8D:35:BA:CE:E4:19:47:6B:10:6D:F7:CC:B2:A8:E9:B4
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0192F27364D1723DCBD890707464B55BC2DE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Rg3Dio01us7kGUdrEG33zLKo6bQ.roa
Signing time: Sun 03 Nov 2024 14:35:01 +0000
ROA not before: Sun 03 Nov 2024 14:35:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 06:39:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f2:73:64:d1:72:3d:cb:d8:90:70:74:64:b5:5b:c2:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 3 14:35:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=460dc38a8d35bacee419476b106df7ccb2a8e9b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ed:d2:08:83:56:23:0c:82:5f:1f:47:10:b3:
44:61:42:24:0c:15:ae:7a:ac:7b:bd:06:53:85:9a:
9c:4e:77:d8:62:cd:5b:a6:b6:0f:37:fe:b7:9d:7c:
fe:13:f7:6e:1d:24:cd:aa:45:93:5c:c2:1c:45:f8:
7d:a6:84:33:0a:4a:a2:1c:45:b0:ef:63:f7:d7:3c:
66:8b:4a:b2:4c:bd:9f:88:a6:c0:4e:e7:1d:02:03:
2b:f6:53:eb:1c:a5:0f:b8:ea:42:59:af:74:ba:86:
f1:02:77:16:bf:7a:b3:b7:5d:01:09:4b:d3:3e:d6:
6d:fd:b7:02:e5:f5:3a:f5:67:67:93:21:de:06:0c:
b9:5f:56:00:ce:44:db:ca:3d:b4:fe:a7:2f:08:c7:
83:f2:a7:02:af:5f:14:ba:ca:e1:ce:da:e1:f5:de:
8f:45:4f:7e:62:9e:ea:a3:48:8f:1b:fe:ae:e6:f5:
c2:f0:14:82:42:ed:0b:e3:d7:0c:36:99:ac:f4:ad:
74:cd:0d:d3:a1:e5:75:36:f4:91:ef:93:0a:f3:12:
c5:b9:52:85:e1:32:30:aa:22:15:96:70:ef:05:ed:
23:81:72:57:2c:6e:a0:5c:dc:db:fe:66:dc:e6:73:
e2:32:48:e2:a6:ce:3a:05:5c:68:94:e5:23:63:74:
f1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:0D:C3:8A:8D:35:BA:CE:E4:19:47:6B:10:6D:F7:CC:B2:A8:E9:B4
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Rg3Dio01us7kGUdrEG33zLKo6bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.64.0/24
84.32.70.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.181.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:f9:d5:10:e3:82:4c:75:59:0b:bd:61:e5:60:c8:23:f8:78:
47:a9:c2:ed:0f:09:5c:bf:d9:c2:93:80:46:12:5f:d1:90:8e:
f6:f6:15:0f:7a:70:b4:2c:79:67:4a:73:a4:c5:64:75:cf:d5:
e4:b1:1f:c0:91:04:95:72:7c:fd:ff:3e:75:8c:5b:22:fb:7f:
9c:36:be:57:14:a2:3c:ed:78:d9:18:df:53:19:aa:25:a8:12:
d7:8d:8e:28:e6:fe:9f:89:46:63:6e:8e:ca:17:13:b6:cd:b6:
77:86:0d:d6:13:a1:e0:34:94:9b:64:50:35:fc:3e:35:4a:f5:
a6:8d:bf:ba:0c:fb:8f:0a:dd:8d:cb:9e:29:b9:0c:ab:6a:08:
0d:61:5f:81:3c:02:7c:f9:c5:8d:1b:8b:33:68:64:66:90:b2:
20:45:fd:dc:6c:0c:77:35:d8:65:bb:b6:eb:8f:41:58:a5:4d:
ca:5d:7f:cf:d4:ea:86:8b:ab:ee:8d:fc:cd:6e:76:56:aa:58:
23:66:cc:4f:bb:e6:01:41:25:19:98:da:9e:47:ae:88:d8:f3:
06:2d:a7:ac:58:bf:83:a8:9d:72:3a:db:9b:b5:b8:35:d0:e5:
31:81:65:3e:6e:73:85:c6:25:0f:33:7e:a2:c6:c9:7a:01:a6:
5e:7e:ae:d5
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZLyc2TRcj3L2JBwdGS1W8LeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQxMTAzMTQzNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjBkYzM4YThkMzViYWNlZTQxOTQ3NmIxMDZkZjdjY2IyYThlOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAru3SCINWIwyCXx9HELNEYUIkDBWu
eqx7vQZThZqcTnfYYs1bprYPN/63nXz+E/duHSTNqkWTXMIcRfh9poQzCkqiHEWw
72P31zxmi0qyTL2fiKbATucdAgMr9lPrHKUPuOpCWa90uobxAncWv3qzt10BCUvT
PtZt/bcC5fU69WdnkyHeBgy5X1YAzkTbyj20/qcvCMeD8qcCr18Uusrhztrh9d6P
RU9+Yp7qo0iPG/6u5vXC8BSCQu0L49cMNpms9K10zQ3ToeV1NvSR75MK8xLFuVKF
4TIwqiIVlnDvBe0jgXJXLG6gXNzb/mbc5nPiMkjips46BVxolOUjY3TxLwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFEYNw4qNNbrO5BlHaxBt98yyqOm0MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUmczRGlvMDF1czdrR1VkckVHMzN6TEtvNmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYwDAMEAFQg
BwMEAFQgCDAMAwQCVCAUAwQCVCAYAwQBVCAuAwQAVCBAAwQAVCBGAwQAVCBfAwQC
VCCUAwQBVCCuAwQBVCDWAwQCVCD0AwQBWNgWAwQBWNgsAwQAWNhdAwQBWNiCAwQB
WNiGAwQAWNi1AwQAWNjFMA0GCSqGSIb3DQEBCwUAA4IBAQCe+dUQ44JMdVkLvWHl
YMgj+HhHqcLtDwlcv9nCk4BGEl/RkI729hUPenC0LHlnSnOkxWR1z9XksR/AkQSV
cnz9/z51jFsi+3+cNr5XFKI87XjZGN9TGaolqBLXjY4o5v6fiUZjbo7KFxO2zbZ3
hg3WE6HgNJSbZFA1/D41SvWmjb+6DPuPCt2Ny54puQyraggNYV+BPAJ8+cWNG4sz
aGRmkLIgRf3cbAx3Ndhlu7brj0FYpU3KXX/P1OqGi6vujfzNbnZWqlgjZsxPu+YB
QSUZmNqeR66I2PMGLaesWL+DqJ1yOtubtbg10OUxgWU+bnOFxiUPM36ixsl6AaZe
fq7V
-----END CERTIFICATE-----
Generated at Wed Nov 6 08:26:56 2024 by rpki-client on console-ams.rpki-client.org