Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/S9yHmxexGOaQf3JNyMePZzQTeAA.roa
File: S9yHmxexGOaQf3JNyMePZzQTeAA.roa (raw, json)
Hash identifier: zGBqlgk7fVkPtYpzmbVkKuEqVj67Y3BvO7pecI6tMd8=
Subject key identifier: 4B:DC:87:9B:17:B1:18:E6:90:7F:72:4D:C8:C7:8F:67:34:13:78:00
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01862FDA6EE5B2F58BF0C8D1F34744AA5CEC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/S9yHmxexGOaQf3JNyMePZzQTeAA.roa
Signing time: Wed 08 Feb 2023 07:08:09 +0000
ROA not before: Wed 08 Feb 2023 07:08:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.108.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
84.32.172.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 11:27:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2f:da:6e:e5:b2:f5:8b:f0:c8:d1:f3:47:44:aa:5c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 8 07:08:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bdc879b17b118e6907f724dc8c78f6734137800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:92:ef:2f:5d:a6:75:c4:db:80:1c:27:0e:e6:
75:04:70:46:f0:5e:6d:b6:7e:f4:34:21:c5:7c:df:
1f:73:64:51:7b:22:8d:b7:cf:d4:44:3e:6b:67:d4:
87:42:0b:a2:29:c5:ef:0e:ad:77:50:c4:81:34:6b:
98:cb:fe:4b:34:4f:34:c7:ef:cc:a5:08:b9:9d:a3:
77:1f:99:87:3b:53:6d:82:27:0a:4d:51:11:2c:74:
16:67:7d:31:35:8e:ad:bb:6d:64:9e:0c:32:dd:c8:
4d:0d:09:a7:aa:f4:06:15:b7:a8:5b:d8:61:95:91:
67:8b:16:1d:bd:62:b0:fb:a5:21:5d:b8:e2:06:27:
29:d6:bd:fb:97:f0:4f:87:f6:b1:44:77:93:7e:67:
6c:9e:ca:e6:7f:6f:0c:df:9b:09:ef:9f:27:a7:a7:
fe:63:fb:04:89:18:e3:a2:79:29:db:71:a8:5c:b3:
bf:3d:4f:c7:dd:78:75:3c:91:b3:e5:86:d6:ea:dc:
ac:02:05:8e:be:b2:12:3d:3c:bb:36:d2:d7:c7:49:
a3:c1:4c:e8:3e:a0:57:27:3a:e1:8c:e9:aa:c8:fd:
b3:99:a9:86:a1:c5:87:8f:00:67:57:f3:70:98:86:
2f:f4:3f:db:99:9f:36:82:e1:53:65:75:a7:a1:84:
75:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DC:87:9B:17:B1:18:E6:90:7F:72:4D:C8:C7:8F:67:34:13:78:00
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/S9yHmxexGOaQf3JNyMePZzQTeAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.64.0/24
84.32.148.0/23
84.32.152.0-84.32.154.255
84.32.156.0/22
84.32.172.0/24
84.32.175.0/24
88.216.20.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.108.0/24
88.216.111.0/24
88.216.132.0/24
88.216.185.0/24
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
19:be:44:4b:2c:05:d1:32:97:40:25:fa:6c:0b:30:2f:87:d1:
d1:2e:62:1f:47:83:04:92:3a:6d:b4:35:68:4b:0d:9d:25:3b:
80:77:72:74:2e:e5:0f:23:25:7c:67:e4:bf:e1:d9:a7:d2:b4:
e3:37:32:25:83:3a:61:85:d8:57:9d:93:c5:9c:cb:33:bb:ee:
d8:fe:86:4d:06:15:03:9f:6c:d2:ec:bc:2c:1f:94:47:d8:e5:
f6:13:b4:16:91:87:e5:af:66:66:1e:9e:8b:94:8d:f7:9d:dd:
57:19:c1:4b:66:0b:f4:51:46:ac:74:aa:48:de:d5:b5:0e:56:
34:f0:41:95:1b:b0:4e:2f:6b:50:7c:59:8c:e5:76:8c:6c:9c:
b7:d6:2f:70:fe:5c:0a:74:93:0b:74:98:3e:a8:2a:a4:2b:59:
10:df:42:61:66:61:25:e5:57:62:69:e1:6b:26:e0:eb:8c:b0:
f2:72:a5:2b:73:ce:87:53:76:d8:0c:65:91:0d:b9:27:23:44:
65:d7:45:d3:fa:b6:0e:c0:3b:67:bc:31:d5:84:95:57:45:6a:
fc:99:41:76:0e:18:c6:57:86:35:e1:ae:69:10:39:d8:27:29:
38:a1:af:15:b3:b7:53:d1:11:10:c0:6c:65:7d:b4:a0:6a:99:
aa:dd:5c:84
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYYv2m7lsvWL8MjR80dEqlzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjA4MDcwODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmRjODc5YjE3YjExOGU2OTA3ZjcyNGRjOGM3OGY2NzM0MTM3ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJLvL12mdcTbgBwnDuZ1BHBG8F5t
tn70NCHFfN8fc2RReyKNt8/URD5rZ9SHQguiKcXvDq13UMSBNGuYy/5LNE80x+/M
pQi5naN3H5mHO1NtgicKTVERLHQWZ30xNY6tu21kngwy3chNDQmnqvQGFbeoW9hh
lZFnixYdvWKw+6UhXbjiBicp1r37l/BPh/axRHeTfmdsnsrmf28M35sJ758np6f+
Y/sEiRjjonkp23GoXLO/PU/H3Xh1PJGz5YbW6tysAgWOvrISPTy7NtLXx0mjwUzo
PqBXJzrhjOmqyP2zmamGocWHjwBnV/NwmIYv9D/bmZ82guFTZXWnoYR1kQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFEvch5sXsRjmkH9yTcjHj2c0E3gAMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUzl5SG14ZXhHT2FRZjNKTnlNZVBaelFUZUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQAVCBAAwQB
VCCUMAwDBANUIJgDBABUIJoDBAJUIJwDBABUIKwDBABUIK8DBABY2BQDBAFY2Cww
DAMEA1jYOAMEAVjYQAMEAFjYbAMEAFjYbwMEAFjYhAMEAFjYuQMEAFjY1zANBgkq
hkiG9w0BAQsFAAOCAQEAGb5ESywF0TKXQCX6bAswL4fR0S5iH0eDBJI6bbQ1aEsN
nSU7gHdydC7lDyMlfGfkv+HZp9K04zcyJYM6YYXYV52TxZzLM7vu2P6GTQYVA59s
0uy8LB+UR9jl9hO0FpGH5a9mZh6ei5SN953dVxnBS2YL9FFGrHSqSN7VtQ5WNPBB
lRuwTi9rUHxZjOV2jGyct9YvcP5cCnSTC3SYPqgqpCtZEN9CYWZhJeVXYmnhaybg
64yw8nKlK3POh1N22AxlkQ25JyNEZddF0/q2DsA7Z7wx1YSVV0Vq/JlBdg4YxleG
NeGuaRA52CcpOKGvFbO3U9EREMBsZX20oGqZqt1chA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org