Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Sn1NyTm6bNua7ZfUwcIuJ1Q7i6w.roa
File: Sn1NyTm6bNua7ZfUwcIuJ1Q7i6w.roa (raw, json)
Hash identifier: rTYf15nivK+PTn2YLlq1H/wT2a1roxYK7eTmbvbGNbE=
Subject key identifier: 4A:7D:4D:C9:39:BA:6C:DB:9A:ED:97:D4:C1:C2:2E:27:54:3B:8B:AC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018AF6CA8C91B308AA0069BC923952FC0930
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Sn1NyTm6bNua7ZfUwcIuJ1Q7i6w.roa
Signing time: Tue 03 Oct 2023 18:26:23 +0000
ROA not before: Tue 03 Oct 2023 18:26:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 88.216.60.0/22 maxlen: 24
84.32.208.0/23 maxlen: 24
84.32.108.0/22 maxlen: 24
84.32.25.0/24 maxlen: 24
84.32.48.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f6:ca:8c:91:b3:08:aa:00:69:bc:92:39:52:fc:09:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 3 18:26:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a7d4dc939ba6cdb9aed97d4c1c22e27543b8bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fa:7b:38:d8:3b:d2:73:95:9b:73:2b:97:06:
74:78:70:81:c2:71:b6:7c:b1:82:cb:3c:aa:09:46:
39:bd:cf:80:7c:10:6c:ce:95:c4:8b:c0:d1:58:73:
38:5b:2d:90:0c:f3:4e:4a:2c:92:8a:08:b2:02:0f:
bf:6d:cd:20:d8:ca:8c:ff:23:3d:0b:03:a8:c6:cb:
27:15:5a:3a:8c:87:08:f0:8f:dc:57:22:bb:d2:bd:
6c:3e:1a:30:d7:51:81:42:f8:2a:97:0e:2f:be:d2:
71:e2:6b:66:12:e1:bb:1a:2c:73:27:ea:62:42:4c:
a4:bb:4f:12:a0:f3:b2:98:62:eb:78:d2:9b:91:9b:
ff:fa:7f:ee:18:e8:fb:6c:73:f9:ef:46:62:88:37:
b7:1d:52:61:04:ce:aa:6b:ff:83:ba:54:f6:b8:e9:
89:1f:a6:4f:65:53:10:ab:dc:4d:f1:5e:ea:45:63:
89:e5:60:07:fa:4f:74:8e:8a:0c:00:87:f2:87:f9:
e2:67:b4:c3:f0:d5:97:c7:4c:a7:10:c5:d6:44:ef:
c0:07:b0:02:89:d6:cb:fc:f8:84:1d:ed:ab:f9:1a:
73:38:09:72:19:74:cc:31:74:70:7b:5f:77:7f:b5:
13:a6:82:a6:d6:8f:40:be:f6:72:04:4d:df:d0:1e:
30:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:7D:4D:C9:39:BA:6C:DB:9A:ED:97:D4:C1:C2:2E:27:54:3B:8B:AC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Sn1NyTm6bNua7ZfUwcIuJ1Q7i6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.25.0/24
84.32.48.0/22
84.32.108.0/22
84.32.208.0/23
88.216.60.0/22
Signature Algorithm: sha256WithRSAEncryption
40:14:c0:ab:69:ab:47:b7:c8:b4:8b:1c:ee:32:ad:21:99:7b:
39:b4:1b:d2:57:34:d7:01:d4:11:69:83:b9:c4:1c:96:36:4b:
0f:37:70:6b:e4:a7:8a:59:f6:23:aa:49:45:40:5a:9a:0b:0b:
99:4d:86:b3:d5:df:9f:09:32:5a:1f:d7:be:a2:4e:75:2f:6a:
c5:1f:05:b1:1b:40:fc:80:f7:7a:c8:76:4c:00:bb:9e:eb:c3:
d2:56:42:98:b0:fa:88:89:20:fe:0d:60:9f:3b:3b:7b:51:a8:
cf:28:6a:b2:58:87:06:c8:a1:09:4d:c0:36:b9:07:6f:00:e9:
b6:3c:e9:a3:60:b5:97:a4:bb:7a:08:0f:54:43:7d:5c:8e:9a:
a2:4f:b6:a0:0c:0d:ae:4f:cc:2a:ec:6f:f7:01:ec:ce:b6:94:
d6:75:82:f9:e5:62:dd:43:47:07:e3:cd:dd:19:39:b1:cf:01:
9b:14:fb:89:64:3b:8f:07:5d:6b:34:7a:ad:32:00:ba:d8:df:
fd:69:58:3f:21:bc:d5:91:e8:f2:26:72:5d:53:e8:24:bf:1d:
b0:2c:0e:3d:01:17:3c:5e:1f:ce:56:0e:3b:04:a9:2c:8b:62:
d1:5b:fe:c8:aa:85:70:91:3d:fc:d2:c3:2b:ea:cc:de:25:f8:
e4:ba:c1:c5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYr2yoyRswiqAGm8kjlS/AkwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDAzMTgyNjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTdkNGRjOTM5YmE2Y2RiOWFlZDk3ZDRjMWMyMmUyNzU0M2I4YmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fp7ONg70nOVm3MrlwZ0eHCBwnG2
fLGCyzyqCUY5vc+AfBBszpXEi8DRWHM4Wy2QDPNOSiySigiyAg+/bc0g2MqM/yM9
CwOoxssnFVo6jIcI8I/cVyK70r1sPhow11GBQvgqlw4vvtJx4mtmEuG7GixzJ+pi
Qkyku08SoPOymGLreNKbkZv/+n/uGOj7bHP570ZiiDe3HVJhBM6qa/+DulT2uOmJ
H6ZPZVMQq9xN8V7qRWOJ5WAH+k90jooMAIfyh/niZ7TD8NWXx0ynEMXWRO/AB7AC
idbL/PiEHe2r+RpzOAlyGXTMMXRwe193f7UTpoKm1o9AvvZyBE3f0B4w3wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEp9Tck5umzbmu2X1MHCLidUO4usMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvU24xTnlUbTZiTnVhN1pmVXdjSXVKMVE3aTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCAZAwQC
VCAwAwQCVCBsAwQBVCDQAwQCWNg8MA0GCSqGSIb3DQEBCwUAA4IBAQBAFMCraatH
t8i0ixzuMq0hmXs5tBvSVzTXAdQRaYO5xByWNksPN3Br5KeKWfYjqklFQFqaCwuZ
TYaz1d+fCTJaH9e+ok51L2rFHwWxG0D8gPd6yHZMALue68PSVkKYsPqIiSD+DWCf
Ozt7UajPKGqyWIcGyKEJTcA2uQdvAOm2POmjYLWXpLt6CA9UQ31cjpqiT7agDA2u
T8wq7G/3AezOtpTWdYL55WLdQ0cH483dGTmxzwGbFPuJZDuPB11rNHqtMgC62N/9
aVg/IbzVkejyJnJdU+gkvx2wLA49ARc8Xh/OVg47BKksi2LRW/7IqoVwkT380sMr
6szeJfjkusHF
-----END CERTIFICATE-----
Generated at Fri Nov 17 15:27:18 2023 by rpki-client on console-fra.rpki-client.org