Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VdI141Y3_MfUBpVLQtcnpfuMQtg.roa
File: VdI141Y3_MfUBpVLQtcnpfuMQtg.roa (raw, json)
Hash identifier: Tfj7dr44L9OI08c0e0yIzCCY5j/JW7brT2GoNrwINuQ=
Subject key identifier: 55:D2:35:E3:56:37:FC:C7:D4:06:95:4B:42:D7:27:A5:FB:8C:42:D8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01931A7DA30DDC7F2374B42E648E80A06959
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VdI141Y3_MfUBpVLQtcnpfuMQtg.roa
Signing time: Mon 11 Nov 2024 09:11:01 +0000
ROA not before: Mon 11 Nov 2024 09:11:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 01:55:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:7d:a3:0d:dc:7f:23:74:b4:2e:64:8e:80:a0:69:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 11 09:11:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55d235e35637fcc7d406954b42d727a5fb8c42d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6e:92:b8:da:e4:56:ed:55:f6:00:13:4f:8b:
a1:45:a2:f4:78:b2:16:2f:d4:ad:ca:7f:c4:0b:1b:
9d:a6:75:eb:be:ad:a7:96:f0:5a:4e:5d:67:bf:c1:
65:5f:cb:9f:2a:32:9e:18:ca:37:6a:cf:81:0b:b3:
ce:9e:1f:c9:0b:c7:60:0e:2a:ac:35:95:ba:16:7d:
52:ae:7d:8c:b0:d8:ed:2b:27:c1:ae:9f:8a:5a:57:
45:20:da:bf:cc:fd:a2:fa:05:9c:17:c3:eb:4f:58:
c4:af:1d:4e:27:3e:e6:36:0b:8f:a2:83:e9:61:5d:
07:65:8f:2f:bd:86:c4:6a:07:04:54:0e:44:7c:1b:
cf:25:a1:26:6a:0b:8d:d3:f8:92:25:d2:99:49:1c:
bf:81:45:56:cd:95:ac:62:3b:85:f5:82:a7:ce:9d:
2e:00:50:cc:a4:87:3f:b4:96:2a:4d:f2:63:45:50:
ed:80:bc:90:7e:7c:cb:bd:4a:c7:50:8f:92:f5:ef:
13:da:d1:73:5f:cf:ab:75:68:3d:03:ee:fc:60:8a:
79:33:19:6f:0c:f9:7f:93:48:ea:66:70:7a:21:39:
6d:e3:90:bd:a7:a1:0f:74:83:91:1c:8a:6f:f0:f9:
28:72:0b:04:06:03:4a:ac:27:c6:5f:fe:a4:44:4e:
12:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D2:35:E3:56:37:FC:C7:D4:06:95:4B:42:D7:27:A5:FB:8C:42:D8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VdI141Y3_MfUBpVLQtcnpfuMQtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.70.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:a2:61:a0:b5:3a:68:cd:91:5e:4b:f6:b8:c7:e2:f2:78:f6:
15:8f:63:58:20:0d:b5:b6:bb:86:31:fa:58:ca:61:3d:93:07:
24:6b:69:b6:41:03:10:ca:99:f6:fa:41:6e:0c:bc:af:5a:a7:
ba:bd:5c:59:dc:e9:a3:96:e4:05:4d:7e:11:7c:3c:3d:f9:72:
6d:3a:49:c7:2b:a1:b0:6f:fc:ec:b3:05:ad:55:4c:f0:22:e8:
af:50:83:75:d3:7c:df:72:35:3e:70:2c:b0:43:8f:81:cd:f3:
ae:b1:98:df:57:60:cf:1f:c8:e4:ba:90:25:68:96:6a:95:34:
8e:35:0f:92:3d:df:9a:b1:fe:bd:7a:7c:8b:95:88:74:94:ba:
ea:af:48:af:be:c8:ca:98:f3:9d:71:6c:2b:f0:14:30:b8:cc:
6a:2b:fd:a2:b1:e7:72:58:57:25:b5:e8:c1:2b:2c:b5:4b:be:
cc:74:a6:e5:97:4b:31:8c:b0:0e:7e:e7:c0:c1:05:eb:47:11:
3d:de:c1:49:f3:d9:08:af:41:d2:5e:89:3e:84:52:9b:83:86:
aa:df:5b:90:9e:dd:04:ad:9f:27:86:90:a5:36:9f:f6:97:6a:
b9:2f:2f:da:27:28:72:f7:af:b1:d1:a5:ad:ef:8b:05:ae:1f:
ea:c8:db:4b
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZMafaMN3H8jdLQuZI6AoGlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQxMTExMDkxMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWQyMzVlMzU2MzdmY2M3ZDQwNjk1NGI0MmQ3MjdhNWZiOGM0MmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgm6SuNrkVu1V9gATT4uhRaL0eLIW
L9Styn/ECxudpnXrvq2nlvBaTl1nv8FlX8ufKjKeGMo3as+BC7POnh/JC8dgDiqs
NZW6Fn1Srn2MsNjtKyfBrp+KWldFINq/zP2i+gWcF8PrT1jErx1OJz7mNguPooPp
YV0HZY8vvYbEagcEVA5EfBvPJaEmaguN0/iSJdKZSRy/gUVWzZWsYjuF9YKnzp0u
AFDMpIc/tJYqTfJjRVDtgLyQfnzLvUrHUI+S9e8T2tFzX8+rdWg9A+78YIp5Mxlv
DPl/k0jqZnB6ITlt45C9p6EPdIORHIpv8PkocgsEBgNKrCfGX/6kRE4SKwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFFXSNeNWN/zH1AaVS0LXJ6X7jELYMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVmRJMTQxWTNfTWZVQnBWTFF0Y25wZnVNUXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQAVCAH
AwQAVCAIMAwDBAJUIBQDBAJUIBgDBAFUIC4DBABUIEYDBABUIF8DBAJUIJQDBAFU
IK4DBAFUINYDBAJUIPQDBAFY2BYDBAFY2CwDBABY2F0DBAFY2IIDBAFY2IYDBABY
2MUwDQYJKoZIhvcNAQELBQADggEBAJuiYaC1OmjNkV5L9rjH4vJ49hWPY1ggDbW2
u4Yx+ljKYT2TByRrabZBAxDKmfb6QW4MvK9ap7q9XFnc6aOW5AVNfhF8PD35cm06
SccrobBv/OyzBa1VTPAi6K9Qg3XTfN9yNT5wLLBDj4HN866xmN9XYM8fyOS6kCVo
lmqVNI41D5I935qx/r16fIuViHSUuuqvSK++yMqY851xbCvwFDC4zGor/aKx53JY
VyW16MErLLVLvsx0puWXSzGMsA5+58DBBetHET3ewUnz2QivQdJeiT6EUpuDhqrf
W5Ce3QStnyeGkKU2n/aXarkvL9onKHL3r7HRpa3viwWuH+rI20s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:02:53 2024 by rpki-client on console-ams.rpki-client.org