Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RqIKOLRwXpGp_y24fhSbfZrqofo.roa
File: RqIKOLRwXpGp_y24fhSbfZrqofo.roa (raw, json)
Hash identifier: TqPp7g9GwWrkiZsx9uk7uuDOBWeJcpgP520jZmigMpQ=
Subject key identifier: 46:A2:0A:38:B4:70:5E:91:A9:FF:2D:B8:7E:14:9B:7D:9A:EA:A1:FA
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185C0008D056493A4DA755EC033F3DE08DB
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RqIKOLRwXpGp_y24fhSbfZrqofo.roa
Signing time: Tue 17 Jan 2023 13:52:19 +0000
ROA not before: Tue 17 Jan 2023 13:52:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.179.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.129.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Jan 2023 16:07:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c0:00:8d:05:64:93:a4:da:75:5e:c0:33:f3:de:08:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 17 13:52:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46a20a38b4705e91a9ff2db87e149b7d9aeaa1fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bc:b4:fd:e7:7b:cd:d9:92:52:e6:bf:af:17:
20:7a:66:48:1d:ca:29:2c:b1:7c:26:61:fc:c3:f2:
21:8d:2c:9f:4d:ff:b7:2f:49:b8:e6:b1:64:82:c8:
51:51:d7:0b:d7:63:d0:c1:ee:87:77:a5:51:d3:57:
d9:24:06:4e:49:b4:9e:71:3d:d3:10:86:51:31:d0:
5c:6e:01:72:b9:0a:c9:5d:c0:10:72:3c:c4:11:a7:
9d:f2:70:fc:34:31:9b:3b:97:93:99:19:05:d0:76:
96:a5:d2:c5:70:13:81:ba:86:33:0b:25:74:76:26:
23:93:ad:bd:05:82:76:2f:bd:f9:b1:26:11:93:3a:
4a:a7:c8:58:df:c3:bd:d9:68:f2:a3:f1:ad:ee:33:
31:e4:ca:68:7c:a6:57:e3:ef:86:ab:fd:c1:64:74:
75:84:53:4b:c5:59:b3:79:2b:63:8e:50:df:e9:b4:
ca:b7:6b:15:53:ba:7b:74:bb:b9:63:76:6b:b2:5b:
29:ac:70:68:71:64:fd:84:54:01:84:64:71:5e:98:
fd:7f:35:2d:7a:77:b5:b3:48:0c:2e:63:f4:a8:80:
d0:d3:a7:6f:8d:64:9a:2a:85:0f:7f:29:1b:4f:e0:
9b:59:03:30:e9:65:42:3c:4e:1e:f1:53:c9:b8:72:
ab:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A2:0A:38:B4:70:5E:91:A9:FF:2D:B8:7E:14:9B:7D:9A:EA:A1:FA
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RqIKOLRwXpGp_y24fhSbfZrqofo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.30.0/24
84.32.79.0/24
84.32.179.0/24
84.32.212.0/24
84.32.220.0-84.32.222.255
88.216.128.0/23
88.216.224.0/22
Signature Algorithm: sha256WithRSAEncryption
52:a5:10:2e:70:67:77:1a:65:13:cf:9c:81:ee:93:1f:79:9a:
77:b5:4c:11:96:3a:5e:45:0e:8d:cd:10:2d:68:e8:ad:de:5a:
91:81:bb:54:24:8f:5a:2e:99:fe:3d:7c:96:47:82:d5:6c:db:
2c:99:b8:98:5c:a2:c3:9e:84:fa:52:eb:e9:22:35:68:36:a3:
d2:78:47:a8:48:ba:bf:70:0f:44:99:b3:6a:ed:83:3a:a5:0e:
35:2e:d3:80:ad:43:e1:13:51:db:d3:27:bb:22:ba:a0:c4:53:
74:2c:23:a7:9a:6a:c2:29:e8:6c:d1:1c:1a:c9:a7:ef:f2:bf:
bf:45:d9:5e:0b:41:82:1f:7d:f2:ee:bb:5a:5f:53:c5:75:22:
69:49:65:a7:3c:80:95:52:43:73:db:57:6c:dd:35:81:d8:cd:
69:ba:5c:de:54:eb:da:96:bf:27:21:42:80:2f:1f:2e:8d:6b:
b6:0f:2f:41:53:d1:23:5b:a7:ea:db:4b:95:09:55:4d:83:1d:
09:6d:21:ed:55:a0:36:fe:a8:53:14:b1:fa:99:42:4c:48:63:
f8:1e:a6:f2:35:0c:00:87:46:28:d6:6a:30:af:66:09:73:90:
cb:38:31:b1:fe:01:83:3e:46:f4:c0:0c:57:6e:70:c1:0e:05:
50:e6:25:11
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYXAAI0FZJOk2nVewDPz3gjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTE3MTM1MjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmEyMGEzOGI0NzA1ZTkxYTlmZjJkYjg3ZTE0OWI3ZDlhZWFhMWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLy0/ed7zdmSUua/rxcgemZIHcop
LLF8JmH8w/IhjSyfTf+3L0m45rFkgshRUdcL12PQwe6Hd6VR01fZJAZOSbSecT3T
EIZRMdBcbgFyuQrJXcAQcjzEEaed8nD8NDGbO5eTmRkF0HaWpdLFcBOBuoYzCyV0
diYjk629BYJ2L735sSYRkzpKp8hY38O92Wjyo/Gt7jMx5MpofKZX4++Gq/3BZHR1
hFNLxVmzeStjjlDf6bTKt2sVU7p7dLu5Y3ZrslsprHBocWT9hFQBhGRxXpj9fzUt
ene1s0gMLmP0qIDQ06dvjWSaKoUPfykbT+CbWQMw6WVCPE4e8VPJuHKr7QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFEaiCji0cF6Rqf8tuH4Um32a6qH6MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUnFJS09MUndYcEdwX3kyNGZoU2JmWnJxb2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCVCAYAwQA
VCAeAwQAVCBPAwQAVCCzAwQAVCDUMAwDBAJUINwDBABUIN4DBAFY2IADBAJY2OAw
DQYJKoZIhvcNAQELBQADggEBAFKlEC5wZ3caZRPPnIHukx95mne1TBGWOl5FDo3N
EC1o6K3eWpGBu1Qkj1oumf49fJZHgtVs2yyZuJhcosOehPpS6+kiNWg2o9J4R6hI
ur9wD0SZs2rtgzqlDjUu04CtQ+ETUdvTJ7siuqDEU3QsI6eaasIp6GzRHBrJp+/y
v79F2V4LQYIfffLuu1pfU8V1ImlJZac8gJVSQ3PbV2zdNYHYzWm6XN5U69qWvych
QoAvHy6Na7YPL0FT0SNbp+rbS5UJVU2DHQltIe1VoDb+qFMUsfqZQkxIY/gepvI1
DACHRijWajCvZglzkMs4MbH+AYM+RvTADFducMEOBVDmJRE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org