Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Sh36Ao5kkiygARiDdvYDtSBag5A.roa
File: Sh36Ao5kkiygARiDdvYDtSBag5A.roa (raw, json)
Hash identifier: HkhGNtAZnsSqICjmJlXh1RqAwLE7Vor3r6Gksm3Z5pE=
Subject key identifier: 4A:1D:FA:02:8E:64:92:2C:A0:01:18:83:76:F6:03:B5:20:5A:83:90
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018ADA7FAD059319C4A28C3062F781561F27
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Sh36Ao5kkiygARiDdvYDtSBag5A.roa
Signing time: Thu 28 Sep 2023 06:35:15 +0000
ROA not before: Thu 28 Sep 2023 06:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 84.32.56.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Nov 2023 18:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:7f:ad:05:93:19:c4:a2:8c:30:62:f7:81:56:1f:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 28 06:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a1dfa028e64922ca001188376f603b5205a8390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cc:b2:af:d2:69:0e:d7:85:64:3f:9f:83:a5:
e4:ac:b2:33:d1:59:d8:de:45:b1:07:7f:1b:7e:7e:
2c:bb:7d:d8:65:eb:5f:df:a3:09:66:89:90:a0:3b:
c2:7d:dd:41:58:33:97:6e:84:73:5d:52:42:1e:68:
a6:1b:fb:c3:b8:ed:e0:67:5d:08:a0:b8:77:ec:0f:
c6:8d:18:b6:25:96:03:d4:59:a6:ab:cd:2c:65:16:
3c:41:9e:f5:e7:e0:2f:9d:d1:28:9d:c1:de:92:89:
31:46:c7:5a:c2:90:52:ea:5e:0c:c9:88:63:b6:68:
17:e7:97:a0:c0:41:c2:70:15:91:a8:33:fc:20:6e:
f7:80:56:25:42:64:97:65:44:c1:a9:16:7c:06:66:
98:8f:a9:71:6c:97:64:b6:cd:e9:6e:77:cc:f0:30:
6a:67:9f:3c:53:98:52:7e:f1:fd:55:57:5d:31:2c:
76:43:af:34:fa:d0:33:f7:d1:46:b7:63:fe:3f:8b:
6c:7f:7f:9b:5b:b7:d2:d3:d2:87:a6:a2:72:2c:c5:
11:7a:5a:b2:a1:04:f1:10:ed:07:22:95:2f:05:74:
72:16:8b:00:c3:2c:41:9b:3a:6e:e8:f4:8d:4a:92:
1d:30:e5:c1:68:33:ba:14:8f:c6:b0:3e:05:fe:6d:
a5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1D:FA:02:8E:64:92:2C:A0:01:18:83:76:F6:03:B5:20:5A:83:90
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Sh36Ao5kkiygARiDdvYDtSBag5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.56.0/24
88.216.20.0/23
88.216.103.0/24
88.216.185.0/24
88.216.212.0/23
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
50:89:1a:fe:3f:62:b7:24:89:2c:08:f7:24:40:74:ca:96:2c:
2e:be:47:6e:b2:04:60:0e:65:73:7f:9c:96:06:d2:3c:72:13:
5b:2a:ea:be:e5:29:21:c1:90:d1:62:2e:b5:12:96:ca:c3:1c:
d7:2d:f2:ed:2a:3f:fc:b2:04:4a:e0:ff:0d:d3:0f:0d:f8:0f:
58:eb:da:58:f8:31:4d:b5:c7:1b:33:53:44:50:cd:20:74:92:
49:d8:a6:53:df:79:22:80:fd:2e:ad:a8:1a:df:98:d9:73:e9:
84:ca:8d:79:a1:5a:14:3e:f6:87:41:22:83:5a:cd:ee:80:fb:
f0:e7:b0:13:16:1c:98:3e:33:ae:be:06:34:50:0a:b7:29:08:
bf:35:d0:c2:62:b9:04:3a:06:b2:29:21:f5:55:cd:21:5e:09:
91:c1:e5:54:b8:26:f6:68:9e:93:2e:a5:fb:3c:ff:6e:a6:78:
ee:10:48:c3:33:9e:61:68:ce:11:aa:37:66:e7:64:4f:27:ce:
bc:83:b1:22:33:b5:50:66:5e:c5:0f:13:59:fa:40:f2:73:58:
2d:0e:0f:71:a6:d1:9e:cb:00:bf:ab:15:0c:a6:60:a4:96:4b:
4c:e5:53:93:a1:65:46:e6:b1:e1:50:76:e0:49:95:91:ac:1e:
89:94:0b:72
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYraf60FkxnEoowwYveBVh8nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwOTI4MDYzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTFkZmEwMjhlNjQ5MjJjYTAwMTE4ODM3NmY2MDNiNTIwNWE4MzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcyyr9JpDteFZD+fg6XkrLIz0VnY
3kWxB38bfn4su33YZetf36MJZomQoDvCfd1BWDOXboRzXVJCHmimG/vDuO3gZ10I
oLh37A/GjRi2JZYD1Fmmq80sZRY8QZ715+AvndEoncHekokxRsdawpBS6l4MyYhj
tmgX55egwEHCcBWRqDP8IG73gFYlQmSXZUTBqRZ8BmaYj6lxbJdkts3pbnfM8DBq
Z588U5hSfvH9VVddMSx2Q680+tAz99FGt2P+P4tsf3+bW7fS09KHpqJyLMURelqy
oQTxEO0HIpUvBXRyFosAwyxBmzpu6PSNSpIdMOXBaDO6FI/GsD4F/m2lVwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEod+gKOZJIsoAEYg3b2A7UgWoOQMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvU2gzNkFvNWtraXlnQVJpRGR2WUR0U0JhZzVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCA4AwQB
WNgUAwQAWNhnAwQAWNi5AwQBWNjUAwQAWNjXMA0GCSqGSIb3DQEBCwUAA4IBAQBQ
iRr+P2K3JIksCPckQHTKliwuvkdusgRgDmVzf5yWBtI8chNbKuq+5SkhwZDRYi61
EpbKwxzXLfLtKj/8sgRK4P8N0w8N+A9Y69pY+DFNtccbM1NEUM0gdJJJ2KZT33ki
gP0uraga35jZc+mEyo15oVoUPvaHQSKDWs3ugPvw57ATFhyYPjOuvgY0UAq3KQi/
NdDCYrkEOgayKSH1Vc0hXgmRweVUuCb2aJ6TLqX7PP9upnjuEEjDM55haM4Rqjdm
52RPJ868g7EiM7VQZl7FDxNZ+kDyc1gtDg9xptGeywC/qxUMpmCklktM5VOToWVG
5rHhUHbgSZWRrB6JlAty
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org