Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/S6ZTRMlg2YXaVR_JJE8fPNX_1TY.roa
File: S6ZTRMlg2YXaVR_JJE8fPNX_1TY.roa (raw, json)
Hash identifier: qnI0K5mPLm5XcGY/RiDtjUjbrbfuNXob43C+7clYN54=
Subject key identifier: 4B:A6:53:44:C9:60:D9:85:DA:55:1F:C9:24:4F:1F:3C:D5:FF:D5:36
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018611025B2E03E67EB3B3CAEFAB64DC2752
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/S6ZTRMlg2YXaVR_JJE8fPNX_1TY.roa
Signing time: Thu 02 Feb 2023 07:23:32 +0000
ROA not before: Thu 02 Feb 2023 07:23:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 84.32.65.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.29.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.241.0/24 maxlen: 24
84.32.45.0/24 maxlen: 24
88.216.105.0/24 maxlen: 24
84.32.211.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
88.216.221.0/24 maxlen: 24
84.32.155.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:11:02:5b:2e:03:e6:7e:b3:b3:ca:ef:ab:64:dc:27:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 2 07:23:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ba65344c960d985da551fc9244f1f3cd5ffd536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ed:44:2f:f3:ff:4a:f4:b3:9a:c2:64:9e:69:
82:6a:ba:c7:9a:ce:d1:91:53:2e:2b:53:53:98:43:
d6:f6:80:03:f7:d3:be:50:e7:56:1e:6e:61:b7:40:
1f:96:93:f1:a7:37:c7:c5:5c:f8:9d:fc:a7:30:3d:
56:68:7b:99:52:a3:ed:88:e5:76:3b:0d:b5:e9:0e:
4a:ee:79:07:a5:39:8d:77:69:6a:13:f1:30:a5:01:
5c:fd:d4:5b:5e:2f:2f:8e:3f:d8:df:87:30:34:96:
a4:a9:2d:60:91:3b:c5:34:dd:5e:73:19:7e:07:9d:
d8:44:f8:5a:b4:c3:67:f2:7a:a7:52:f7:e9:6d:b1:
39:b0:b2:68:be:f6:c7:c2:8c:b7:87:68:17:f4:46:
95:22:f5:b6:5b:55:60:c4:3b:7c:ac:d8:3d:12:9b:
b8:2a:56:9c:d2:0e:48:78:67:f8:cb:82:c8:a2:ab:
79:b2:9d:3a:c7:cf:a9:ce:83:04:4f:9c:49:c5:91:
b4:56:b0:f8:0b:13:39:46:df:c8:3f:75:71:3a:e0:
10:37:1a:29:02:a6:3a:a3:32:2a:22:0c:e8:84:93:
0d:dc:12:1f:db:2d:97:44:a7:fb:90:1a:9f:01:f8:
6b:6b:28:23:bb:88:9e:29:24:8f:0d:96:f1:a7:9a:
db:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A6:53:44:C9:60:D9:85:DA:55:1F:C9:24:4F:1F:3C:D5:FF:D5:36
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/S6ZTRMlg2YXaVR_JJE8fPNX_1TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.29.0-84.32.30.255
84.32.45.0/24
84.32.65.0/24
84.32.76.0/23
84.32.79.0/24
84.32.89.0/24
84.32.92.0/24
84.32.94.0/24
84.32.155.0/24
84.32.210.0-84.32.212.255
84.32.241.0/24
84.32.243.0/24
88.216.105.0/24
88.216.190.0/23
88.216.198.0/24
88.216.211.0/24
88.216.221.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:0c:1a:2b:b7:e5:d5:e2:a6:2c:5b:07:8e:9b:7f:71:03:a3:
77:68:20:25:bc:56:45:b0:0b:b3:1a:6d:1e:a7:83:e4:8e:f1:
3f:32:77:49:b0:93:cf:7f:94:1f:08:7b:14:96:ff:b2:46:eb:
9e:89:6d:1f:ed:c0:5b:59:9b:2b:76:cb:88:c3:d3:41:34:48:
36:30:ae:c6:88:48:63:c0:1d:8d:83:4d:89:41:9a:f9:6a:25:
3a:3d:7e:52:7d:5a:80:2b:7e:2d:31:e1:d0:28:cf:17:4b:f3:
ec:ec:b8:4d:78:7f:12:75:20:f1:af:d9:83:a8:d0:d4:0e:86:
24:32:59:7b:62:95:9c:2b:80:23:a9:d0:f7:ac:b1:9c:f8:07:
9c:53:a1:e6:e1:1e:60:a2:78:e0:6a:69:b3:45:9d:6e:7f:ad:
67:47:16:75:0f:af:b9:b1:86:5c:ff:4f:c8:cb:37:f9:bd:25:
82:d2:41:0b:ae:3b:4c:03:bd:28:19:9a:25:15:a9:11:18:51:
f4:3c:7d:13:4d:bc:4f:70:b3:03:9f:19:a3:3c:37:5e:5e:a4:
bf:7f:c1:a1:be:59:b9:86:6b:11:84:58:67:20:f7:4e:25:74:
b1:69:6a:c8:eb:3f:c4:c1:82:53:83:a4:01:f0:15:89:9e:e9:
68:7a:2d:7f
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYYRAlsuA+Z+s7PK76tk3CdSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjAyMDcyMzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmE2NTM0NGM5NjBkOTg1ZGE1NTFmYzkyNDRmMWYzY2Q1ZmZkNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0u1EL/P/SvSzmsJknmmCarrHms7R
kVMuK1NTmEPW9oAD99O+UOdWHm5ht0AflpPxpzfHxVz4nfynMD1WaHuZUqPtiOV2
Ow216Q5K7nkHpTmNd2lqE/EwpQFc/dRbXi8vjj/Y34cwNJakqS1gkTvFNN1ecxl+
B53YRPhatMNn8nqnUvfpbbE5sLJovvbHwoy3h2gX9EaVIvW2W1VgxDt8rNg9Epu4
Klac0g5IeGf4y4LIoqt5sp06x8+pzoMET5xJxZG0VrD4CxM5Rt/IP3VxOuAQNxop
AqY6ozIqIgzohJMN3BIf2y2XRKf7kBqfAfhraygju4ieKSSPDZbxp5rbEwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFEumU0TJYNmF2lUfySRPHzzV/9U2MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUzZaVFJNbGcyWVhhVlJfSkpFOGZQTlhfMVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYwDAMEAFQg
HQMEAFQgHgMEAFQgLQMEAFQgQQMEAVQgTAMEAFQgTwMEAFQgWQMEAFQgXAMEAFQg
XgMEAFQgmzAMAwQBVCDSAwQAVCDUAwQAVCDxAwQAVCDzAwQAWNhpAwQBWNi+AwQA
WNjGAwQAWNjTAwQAWNjdMA0GCSqGSIb3DQEBCwUAA4IBAQBcDBort+XV4qYsWweO
m39xA6N3aCAlvFZFsAuzGm0ep4PkjvE/MndJsJPPf5QfCHsUlv+yRuueiW0f7cBb
WZsrdsuIw9NBNEg2MK7GiEhjwB2Ng02JQZr5aiU6PX5SfVqAK34tMeHQKM8XS/Ps
7LhNeH8SdSDxr9mDqNDUDoYkMll7YpWcK4AjqdD3rLGc+AecU6Hm4R5gonjgammz
RZ1uf61nRxZ1D6+5sYZc/0/Iyzf5vSWC0kELrjtMA70oGZolFakRGFH0PH0TTbxP
cLMDnxmjPDdeXqS/f8Ghvlm5hmsRhFhnIPdOJXSxaWrI6z/EwYJTg6QB8BWJnulo
ei1/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:29 2023 by rpki-client on console-ams.rpki-client.org