Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XK5pnnG3OAExvbE0fUParf9PH4Y.roa
File: XK5pnnG3OAExvbE0fUParf9PH4Y.roa (raw, json)
Hash identifier: +Gt/os4lIeZYKdn5r/81Kh4WZZT+KFKDx7XyUDua0NY=
Subject key identifier: 5C:AE:69:9E:71:B7:38:01:31:BD:B1:34:7D:43:DA:AD:FF:4F:1F:86
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019508CFAC8C67508ED777FD1A20A5FD5FA4
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XK5pnnG3OAExvbE0fUParf9PH4Y.roa
Signing time: Sat 15 Feb 2025 08:53:02 +0000
ROA not before: Sat 15 Feb 2025 08:53:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Mar 2025 18:24:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:08:cf:ac:8c:67:50:8e:d7:77:fd:1a:20:a5:fd:5f:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 15 08:53:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cae699e71b7380131bdb1347d43daadff4f1f86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8c:b2:87:c5:54:d0:75:7a:eb:a0:ac:f1:c1:
da:25:9f:d8:2e:c0:c6:6d:d1:ad:bd:61:c3:05:74:
8f:1b:80:ba:42:6c:fd:2a:e3:39:ec:93:2d:d9:71:
70:0a:89:fc:16:07:d8:fd:1e:9a:57:15:ae:de:8b:
df:92:34:cb:36:73:98:4d:0f:4f:a3:74:53:1f:76:
2a:7c:5c:8b:a5:8a:75:dd:93:6e:60:55:34:88:18:
7c:63:f7:e2:25:3c:fd:db:ec:e9:3d:74:f1:40:e4:
a5:87:a8:03:44:2e:82:4a:2d:2a:cd:dc:e4:62:c6:
d5:dd:f8:c8:2b:b8:5a:03:eb:b7:55:c7:9d:2c:70:
2a:0d:6d:e0:3e:26:c3:bf:46:7c:c9:c0:40:cd:f1:
ad:ba:84:44:04:fa:68:b4:b7:de:6b:a0:f5:5a:cc:
8e:83:06:87:b0:08:21:77:01:83:ee:df:4b:50:bf:
39:1a:8e:01:ba:62:fb:47:ff:04:eb:4b:6d:ea:7f:
ba:15:bb:10:11:a1:1d:50:fb:20:cd:36:96:98:b0:
d1:da:19:f8:5e:5f:b1:c1:8e:8b:d2:62:00:30:a3:
ea:2f:92:63:6d:ab:1f:c8:de:3a:e9:1b:b4:4e:0d:
03:1d:5d:db:44:d5:03:08:91:e5:39:c9:10:47:0a:
78:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AE:69:9E:71:B7:38:01:31:BD:B1:34:7D:43:DA:AD:FF:4F:1F:86
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XK5pnnG3OAExvbE0fUParf9PH4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.66.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.187.0/24
88.216.220.0/24
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
71:d2:58:82:59:60:8f:f9:4e:a1:31:52:0c:dc:54:6e:48:55:
99:c4:8a:73:5b:65:be:cb:5c:f5:f9:f9:67:76:9d:75:3e:2c:
62:e3:b0:ea:89:ff:6c:05:e0:28:c1:f5:87:b2:0a:9c:24:2b:
16:df:82:2d:b9:8f:cc:d1:ea:1e:07:d9:74:0e:f8:50:32:c0:
df:2a:72:a6:df:d1:b8:09:b5:85:68:e1:5e:7b:fa:97:ae:99:
7a:32:0f:13:83:98:71:be:70:e3:1c:54:f9:be:ac:de:d4:19:
5f:b9:d4:a5:45:48:61:43:8b:02:5f:db:72:cb:c2:ea:d6:f2:
52:6d:09:a6:4b:26:3b:55:c1:4c:b7:a4:eb:fa:0f:b5:1d:c5:
0a:e6:51:bd:4b:eb:44:ea:8b:b3:a0:94:9b:94:58:64:86:8f:
86:d8:de:d8:f5:90:03:3d:73:fa:c3:44:46:fd:9c:02:2a:45:
0d:b4:49:32:b7:95:70:6b:4f:5b:db:57:cc:71:70:d9:df:7d:
98:d4:7e:d4:b7:82:8a:c4:85:33:74:3d:f1:bb:59:77:e1:24:
ea:8c:58:94:61:9f:f1:0f:bb:22:e7:2a:a2:07:19:b6:07:91:
69:bb:33:4b:e4:07:f5:fb:cd:be:fe:89:0d:73:38:e0:e6:79:
97:09:5f:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZUIz6yMZ1CO13f9GiCl/V+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMjE1MDg1MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2FlNjk5ZTcxYjczODAxMzFiZGIxMzQ3ZDQzZGFhZGZmNGYxZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYyyh8VU0HV666Cs8cHaJZ/YLsDG
bdGtvWHDBXSPG4C6Qmz9KuM57JMt2XFwCon8FgfY/R6aVxWu3ovfkjTLNnOYTQ9P
o3RTH3YqfFyLpYp13ZNuYFU0iBh8Y/fiJTz92+zpPXTxQOSlh6gDRC6CSi0qzdzk
YsbV3fjIK7haA+u3VcedLHAqDW3gPibDv0Z8ycBAzfGtuoREBPpotLfea6D1WsyO
gwaHsAghdwGD7t9LUL85Go4BumL7R/8E60tt6n+6FbsQEaEdUPsgzTaWmLDR2hn4
Xl+xwY6L0mIAMKPqL5JjbasfyN466Ru0Tg0DHV3bRNUDCJHlOckQRwp4ywIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFFyuaZ5xtzgBMb2xNH1D2q3/Tx+GMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWEs1cG5uRzNPQUV4dmJFMGZVUGFyZjlQSDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaDAMAwQAVCAH
AwQAVCAIAwQCVCAUAwQBVCAuAwQCVCCUAwQBVCCuAwQBVCDWAwQCVCD0AwQBWNgW
AwQBWNgsAwQBWNhCAwQAWNhdAwQBWNiCAwQBWNiGAwQAWNi7AwQAWNjcAwQAWNjf
MA0GCSqGSIb3DQEBCwUAA4IBAQBx0liCWWCP+U6hMVIM3FRuSFWZxIpzW2W+y1z1
+flndp11Pixi47Dqif9sBeAowfWHsgqcJCsW34ItuY/M0eoeB9l0DvhQMsDfKnKm
39G4CbWFaOFee/qXrpl6Mg8Tg5hxvnDjHFT5vqze1BlfudSlRUhhQ4sCX9tyy8Lq
1vJSbQmmSyY7VcFMt6Tr+g+1HcUK5lG9S+tE6ouzoJSblFhkho+G2N7Y9ZADPXP6
w0RG/ZwCKkUNtEkyt5Vwa09b21fMcXDZ332Y1H7Ut4KKxIUzdD3xu1l34STqjFiU
YZ/xD7si5yqiBxm2B5FpuzNL5Af1+82+/okNczjg5nmXCV84
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:06:07 2025 by rpki-client