Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WbY5YTpt77Z1NOkF_3zOHv5I8H4.roa
File: WbY5YTpt77Z1NOkF_3zOHv5I8H4.roa (raw, json)
Hash identifier: +wgaYeLo/33x1/ajuWTIlI04Gbb0oWPr90IVQb644qk=
Subject key identifier: 59:B6:39:61:3A:6D:EF:B6:75:34:E9:05:FF:7C:CE:1E:FE:48:F0:7E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018649BA3F801E90B2A9606BC3D859F109C0
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WbY5YTpt77Z1NOkF_3zOHv5I8H4.roa
Signing time: Mon 13 Feb 2023 07:43:08 +0000
ROA not before: Mon 13 Feb 2023 07:43:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16125
IP address blocks: 84.32.215.0/24 maxlen: 24
84.32.214.0/24 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 15:37:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:ba:3f:80:1e:90:b2:a9:60:6b:c3:d8:59:f1:09:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 13 07:43:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59b639613a6defb67534e905ff7cce1efe48f07e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:90:31:d5:31:66:b2:23:3b:4b:98:f6:b6:70:
38:17:2c:d2:ce:42:2b:4e:0f:fb:19:7c:a6:16:97:
c1:b7:c6:10:66:03:65:68:7f:22:67:7c:f5:28:67:
74:6f:22:a0:5a:ce:de:08:3f:10:c0:3f:0f:e2:ac:
ba:69:62:1e:3e:58:04:69:51:e1:ab:92:78:bb:dd:
cf:6b:3b:02:5e:9e:dc:c3:a5:ca:0c:d3:9e:40:af:
31:96:4c:a5:06:d7:5d:2c:38:fa:be:7e:89:79:4f:
b1:49:7d:38:0e:0f:85:b5:66:05:e8:f9:64:c1:82:
01:2e:e0:05:e4:28:e3:bc:77:84:a2:a0:49:56:4f:
b8:2e:52:95:7d:8c:af:3a:5d:87:72:ff:4e:1e:12:
e4:cd:ce:21:67:8e:99:31:29:53:8b:6d:ad:27:4d:
96:0c:f4:52:d1:4b:07:90:c6:74:e3:4f:a4:af:41:
f8:e7:bb:51:db:70:4f:10:74:21:a2:85:fd:a1:01:
31:1e:9b:01:51:05:db:20:72:a2:4f:71:3f:d0:8d:
af:92:07:eb:d6:ed:a0:65:77:e3:0e:7e:ca:75:ce:
57:e7:c1:09:72:04:4c:95:a6:5f:45:15:21:3f:47:
96:38:1b:56:31:74:c8:c8:65:fb:10:23:a1:03:51:
44:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B6:39:61:3A:6D:EF:B6:75:34:E9:05:FF:7C:CE:1E:FE:48:F0:7E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WbY5YTpt77Z1NOkF_3zOHv5I8H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.214.0/23
84.32.248.0/24
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
31:d1:dc:26:b3:4f:b5:53:6c:02:36:ab:c3:0e:06:58:5c:44:
f1:82:34:97:59:98:ba:e8:9e:28:45:f0:14:e1:04:c2:a6:54:
5e:e4:f4:40:32:71:2f:6e:36:27:c4:96:72:fb:04:bd:51:6e:
21:dd:f5:5d:08:f9:3e:e4:97:18:5a:af:aa:86:cd:f3:d6:ed:
db:56:f2:fa:29:6f:20:a8:4d:b2:37:06:68:b3:5e:91:f5:f5:
c7:3a:d0:55:d0:9b:4b:62:3b:98:e1:1f:35:97:d6:58:4c:51:
8a:96:10:86:5c:b5:73:bd:18:e6:a4:27:90:db:dd:de:84:18:
10:dd:7d:a7:50:cc:43:d2:71:b9:24:77:97:b5:1c:6b:8e:c4:
b9:95:d1:a4:b4:33:dd:b1:e4:8f:5f:80:0a:df:bd:ad:b2:b6:
6a:c6:68:bc:f3:da:69:d2:d3:a0:e4:46:c0:14:88:c7:56:13:
42:b3:d2:c0:f3:57:8d:64:ae:ef:e0:a2:91:f2:25:69:3a:3e:
0e:6f:a0:05:14:f9:81:d9:8b:4b:42:59:ac:7a:d9:2f:fa:a9:
ae:59:d7:91:36:47:c7:9b:06:5f:de:f1:5f:33:1b:dd:ab:72:
b6:02:fb:30:27:8d:3a:a3:75:c6:7e:2b:c4:fc:98:54:b9:38:
52:bd:3b:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZJuj+AHpCyqWBrw9hZ8QnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjEzMDc0MzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWI2Mzk2MTNhNmRlZmI2NzUzNGU5MDVmZjdjY2UxZWZlNDhmMDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipAx1TFmsiM7S5j2tnA4FyzSzkIr
Tg/7GXymFpfBt8YQZgNlaH8iZ3z1KGd0byKgWs7eCD8QwD8P4qy6aWIePlgEaVHh
q5J4u93PazsCXp7cw6XKDNOeQK8xlkylBtddLDj6vn6JeU+xSX04Dg+FtWYF6Plk
wYIBLuAF5CjjvHeEoqBJVk+4LlKVfYyvOl2Hcv9OHhLkzc4hZ46ZMSlTi22tJ02W
DPRS0UsHkMZ040+kr0H457tR23BPEHQhooX9oQExHpsBUQXbIHKiT3E/0I2vkgfr
1u2gZXfjDn7Kdc5X58EJcgRMlaZfRRUhP0eWOBtWMXTIyGX7ECOhA1FEJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFm2OWE6be+2dTTpBf98zh7+SPB+MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvV2JZNVlUcHQ3N1oxTk9rRl8zek9IdjVJOEg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVCDWAwQA
VCD4AwQCWNjsMA0GCSqGSIb3DQEBCwUAA4IBAQAx0dwms0+1U2wCNqvDDgZYXETx
gjSXWZi66J4oRfAU4QTCplRe5PRAMnEvbjYnxJZy+wS9UW4h3fVdCPk+5JcYWq+q
hs3z1u3bVvL6KW8gqE2yNwZos16R9fXHOtBV0JtLYjuY4R81l9ZYTFGKlhCGXLVz
vRjmpCeQ293ehBgQ3X2nUMxD0nG5JHeXtRxrjsS5ldGktDPdseSPX4AK372tsrZq
xmi889pp0tOg5EbAFIjHVhNCs9LA81eNZK7v4KKR8iVpOj4Ob6AFFPmB2YtLQlms
etkv+qmuWdeRNkfHmwZf3vFfMxvdq3K2AvswJ406o3XGfivE/JhUuThSvTvG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org