Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RyiwdXqpIHOB33FJr104fcp9Y7M.roa
File: RyiwdXqpIHOB33FJr104fcp9Y7M.roa (raw, json)
Hash identifier: MDDNLfwQY86retMK3HrfrhN7UUFxMqclqmuJKAQMnl4=
Subject key identifier: 47:28:B0:75:7A:A9:20:73:81:DF:71:49:AF:5D:38:7D:CA:7D:63:B3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC50143C61D7D46459CE8A8628AEE19C3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RyiwdXqpIHOB33FJr104fcp9Y7M.roa
Signing time: Mon 01 Jan 2024 12:30:43 +0000
ROA not before: Mon 01 Jan 2024 12:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54252
IP address blocks: 84.32.58.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.61.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
88.216.92.0/23 maxlen: 24
84.32.20.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 06:58:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:43:c6:1d:7d:46:45:9c:e8:a8:62:8a:ee:19:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4728b0757aa9207381df7149af5d387dca7d63b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:08:f8:64:87:78:c5:1f:af:bc:73:55:81:cc:
6b:a4:2d:8e:16:94:7f:c6:cb:97:06:bb:d5:a4:01:
9c:c1:c3:f8:9d:87:b1:21:e7:05:4b:19:31:0e:12:
86:98:e4:9f:a0:4e:dc:0b:51:ea:f6:d6:ee:64:ec:
a7:8b:dd:99:a8:84:c6:33:62:ed:6e:dd:78:b7:43:
33:a5:e3:af:5b:67:87:59:a4:30:b8:c0:47:1f:f5:
bb:7e:94:91:32:00:7b:e8:27:4f:90:36:c5:0c:90:
56:40:61:12:09:5e:7b:bd:5c:d3:f5:05:77:0c:2b:
de:0b:a3:7f:17:b1:d2:eb:c3:fd:85:19:56:52:02:
f6:99:ab:b4:7f:ea:bc:c7:a2:ff:68:00:04:ea:56:
f0:6f:b0:a8:90:3a:9f:72:d6:17:4d:28:6e:5a:61:
b5:86:d6:58:b5:42:8c:72:24:90:51:64:8b:dc:9a:
80:f7:ef:3a:fc:b0:4a:1c:30:df:34:a8:5f:60:b6:
df:2b:30:a3:75:74:86:59:ae:6e:3a:44:4d:53:85:
b4:2b:af:f5:47:eb:ea:2a:a6:47:c6:49:ba:9a:8f:
69:48:53:9d:c0:7f:c5:07:6f:15:a1:b3:5c:8c:6d:
7c:dd:ca:7a:a5:b2:e0:35:04:1e:a1:6a:5e:56:1d:
49:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:28:B0:75:7A:A9:20:73:81:DF:71:49:AF:5D:38:7D:CA:7D:63:B3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RyiwdXqpIHOB33FJr104fcp9Y7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/24
84.32.58.0/24
84.32.60.0/23
84.32.64.0/24
88.216.36.0/24
88.216.92.0/23
Signature Algorithm: sha256WithRSAEncryption
92:e4:fa:df:9e:70:e3:ec:c3:84:5f:cd:49:8b:07:18:9e:d1:
ca:41:17:45:3e:2a:01:b7:16:9d:cf:22:55:5f:cd:e9:2b:06:
e6:a3:b9:c1:7e:fe:56:d5:4d:34:2f:96:73:79:cf:98:68:3a:
de:16:c9:a3:12:34:12:1d:68:ba:97:b6:13:bd:1a:0b:b5:d5:
a1:a5:82:70:52:19:6a:d4:37:36:d4:4d:a1:4e:b5:18:13:2f:
30:68:0c:87:0d:a8:2e:e2:67:16:f3:26:02:bc:00:de:16:5d:
cb:53:d3:a1:21:5b:d4:bf:42:1d:0c:84:52:f7:e9:5c:ab:36:
16:ca:a1:fc:5e:68:63:db:3e:10:49:ca:e5:11:61:45:f8:c8:
16:bc:9e:84:c9:f6:82:9b:36:af:46:81:50:1a:a1:18:43:ee:
04:cb:fa:cd:33:b9:35:21:87:94:6b:aa:47:69:d4:f1:07:31:
71:ca:5c:ed:6f:40:b1:62:5f:3a:33:53:ec:69:fd:0b:3f:b3:
21:bb:17:8c:2f:a1:e0:41:af:4d:25:3d:2c:59:8a:fb:b8:96:
bd:d4:95:a7:4b:b5:d1:94:8f:fd:bf:44:2f:dd:6f:f2:e9:c8:
f1:b7:0e:ea:1d:23:9e:21:e1:6d:82:c8:19:23:93:a2:f1:8e:
35:73:d8:0d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFAUPGHX1GRZzoqGKK7hnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzI4YjA3NTdhYTkyMDczODFkZjcxNDlhZjVkMzg3ZGNhN2Q2M2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAj4ZId4xR+vvHNVgcxrpC2OFpR/
xsuXBrvVpAGcwcP4nYexIecFSxkxDhKGmOSfoE7cC1Hq9tbuZOyni92ZqITGM2Lt
bt14t0MzpeOvW2eHWaQwuMBHH/W7fpSRMgB76CdPkDbFDJBWQGESCV57vVzT9QV3
DCveC6N/F7HS68P9hRlWUgL2mau0f+q8x6L/aAAE6lbwb7CokDqfctYXTShuWmG1
htZYtUKMciSQUWSL3JqA9+86/LBKHDDfNKhfYLbfKzCjdXSGWa5uOkRNU4W0K6/1
R+vqKqZHxkm6mo9pSFOdwH/FB28VobNcjG183cp6pbLgNQQeoWpeVh1JNQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEcosHV6qSBzgd9xSa9dOH3KfWOzMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUnlpd2RYcXBJSE9CMzNGSnIxMDRmY3A5WTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCAUAwQA
VCA6AwQBVCA8AwQAVCBAAwQAWNgkAwQBWNhcMA0GCSqGSIb3DQEBCwUAA4IBAQCS
5PrfnnDj7MOEX81JiwcYntHKQRdFPioBtxadzyJVX83pKwbmo7nBfv5W1U00L5Zz
ec+YaDreFsmjEjQSHWi6l7YTvRoLtdWhpYJwUhlq1Dc21E2hTrUYEy8waAyHDagu
4mcW8yYCvADeFl3LU9OhIVvUv0IdDIRS9+lcqzYWyqH8Xmhj2z4QScrlEWFF+MgW
vJ6EyfaCmzavRoFQGqEYQ+4Ey/rNM7k1IYeUa6pHadTxBzFxylztb0CxYl86M1Ps
af0LP7MhuxeML6HgQa9NJT0sWYr7uJa91JWnS7XRlI/9v0Qv3W/y6cjxtw7qHSOe
IeFtgsgZI5Oi8Y41c9gN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org