Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/X_0A2rMm-6i-LIT5HUenbQzvHhg.roa
File: X_0A2rMm-6i-LIT5HUenbQzvHhg.roa (raw, json)
Hash identifier: d2QSii+wNpBObZV1mjtLynNY/aQee0KxgX6goXfkNN4=
Subject key identifier: 5F:FD:00:DA:B3:26:FB:A8:BE:2C:84:F9:1D:47:A7:6D:0C:EF:1E:18
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018FA5F27B93275F74D4D3B39D8E9CABE52B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/X_0A2rMm-6i-LIT5HUenbQzvHhg.roa
Signing time: Thu 23 May 2024 14:54:42 +0000
ROA not before: Thu 23 May 2024 14:54:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.32.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.220.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Jun 2024 19:52:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a5:f2:7b:93:27:5f:74:d4:d3:b3:9d:8e:9c:ab:e5:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 23 14:54:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ffd00dab326fba8be2c84f91d47a76d0cef1e18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e6:41:c1:14:01:b2:50:fb:55:ce:a9:a1:53:
b1:9d:44:21:5b:5e:3c:13:c0:f6:90:23:c4:7c:c9:
52:a8:1e:e6:d3:b7:f5:a6:42:d5:d2:44:e5:36:42:
0f:53:9c:41:3d:13:71:81:b6:9f:3d:19:f6:ed:7a:
6e:b7:61:91:34:12:30:bb:7e:75:a5:e5:f3:3c:d8:
10:d0:ce:7f:ac:8c:5a:07:a9:8a:00:24:17:25:b8:
93:f3:78:fe:6e:ab:69:22:07:92:92:83:cf:28:81:
e1:e4:98:7a:da:98:19:3d:b3:22:86:20:c5:b6:9a:
23:65:8b:3d:9c:72:95:33:98:de:11:00:ee:07:d7:
7b:0e:89:4d:72:52:8e:b7:a2:3c:43:64:0c:27:e5:
28:0f:19:31:63:8d:d0:39:23:93:3c:88:0b:3d:96:
72:eb:35:d5:74:37:87:af:8a:90:6c:d0:93:87:01:
c2:bd:f4:8b:a0:9b:29:7f:0d:84:30:53:bc:43:6d:
bf:df:4a:04:a2:57:bb:29:ab:3f:e4:66:75:65:a5:
f2:6e:63:d2:16:3a:66:0d:57:46:5b:cd:a5:56:6e:
74:71:4f:15:1f:de:43:b2:bb:b2:37:17:5b:82:94:
09:3f:6c:61:c8:14:45:52:a4:13:9c:e4:6a:52:5e:
0f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:FD:00:DA:B3:26:FB:A8:BE:2C:84:F9:1D:47:A7:6D:0C:EF:1E:18
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/X_0A2rMm-6i-LIT5HUenbQzvHhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.32.0/24
84.32.46.0/23
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.220.0/24
84.32.244.0/22
88.216.22.0/23
88.216.39.0/24
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
98:ed:57:36:43:73:1c:8a:0a:61:91:b0:be:f8:77:99:4a:28:
e5:cd:7b:05:9e:78:08:cc:78:b3:cf:e6:0a:a8:e9:cd:12:ce:
56:86:a7:e4:8a:85:f1:f9:25:a9:ac:a4:97:1e:02:f5:6b:bd:
ce:1e:c9:27:e7:d5:88:01:d7:02:d7:1d:62:5b:e7:bd:87:bf:
f3:1b:b5:5e:a1:37:24:99:07:5a:b1:16:35:26:ba:e7:4a:8d:
f3:de:6f:65:41:6d:f2:25:c6:18:e0:ce:5f:3c:ae:dd:27:c8:
7b:f6:3d:1e:e3:f8:8a:80:48:c4:41:93:b0:59:cc:d1:21:f9:
9d:71:fa:70:37:81:fc:3c:96:e1:e9:0f:c9:15:d8:23:9c:d5:
e7:d5:1a:bb:24:15:04:26:c1:fc:60:fe:e2:ad:b9:f4:9a:14:
ea:c5:16:9a:0e:bd:07:ae:9c:86:81:3e:8a:3c:cd:51:84:32:
2f:9e:ab:9f:3d:06:3b:b8:5b:08:af:db:1d:b4:c5:8e:f9:4f:
7d:3b:e2:a1:19:8d:34:c5:d8:95:a9:3b:a4:7d:8a:6f:7b:15:
f9:9e:29:2a:1a:ce:51:b9:84:09:6e:2b:99:b7:2e:16:55:15:
47:39:43:76:e9:7b:b2:73:e7:e2:18:3e:42:55:19:4f:d7:ce:
5d:df:d2:ad
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAY+l8nuTJ1901NOznY6cq+UrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNTIzMTQ1NDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmZkMDBkYWIzMjZmYmE4YmUyYzg0ZjkxZDQ3YTc2ZDBjZWYxZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eZBwRQBslD7Vc6poVOxnUQhW148
E8D2kCPEfMlSqB7m07f1pkLV0kTlNkIPU5xBPRNxgbafPRn27Xput2GRNBIwu351
peXzPNgQ0M5/rIxaB6mKACQXJbiT83j+bqtpIgeSkoPPKIHh5Jh62pgZPbMihiDF
tpojZYs9nHKVM5jeEQDuB9d7DolNclKOt6I8Q2QMJ+UoDxkxY43QOSOTPIgLPZZy
6zXVdDeHr4qQbNCThwHCvfSLoJspfw2EMFO8Q22/30oEole7Kas/5GZ1ZaXybmPS
FjpmDVdGW82lVm50cU8VH95DsruyNxdbgpQJP2xhyBRFUqQTnORqUl4PMwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFF/9ANqzJvuoviyE+R1Hp20M7x4YMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWF8wQTJyTW0tNmktTElUNUhVZW5iUXp2SGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYwDAMEAFQg
BwMEAFQgCDAMAwQCVCAUAwQCVCAYAwQAVCAgAwQBVCAuAwQAVCBfAwQCVCCUAwQB
VCCuAwQBVCDWAwQAVCDcAwQCVCD0AwQBWNgWAwQAWNgnAwQBWNgsAwQAWNhdAwQB
WNiCAwQBWNiGAwQCWNjUMA0GCSqGSIb3DQEBCwUAA4IBAQCY7Vc2Q3McigphkbC+
+HeZSijlzXsFnngIzHizz+YKqOnNEs5WhqfkioXx+SWprKSXHgL1a73OHskn59WI
AdcC1x1iW+e9h7/zG7VeoTckmQdasRY1JrrnSo3z3m9lQW3yJcYY4M5fPK7dJ8h7
9j0e4/iKgEjEQZOwWczRIfmdcfpwN4H8PJbh6Q/JFdgjnNXn1Rq7JBUEJsH8YP7i
rbn0mhTqxRaaDr0HrpyGgT6KPM1RhDIvnqufPQY7uFsIr9sdtMWO+U99O+KhGY00
xdiVqTukfYpvexX5nikqGs5RuYQJbiuZty4WVRVHOUN26Xuyc+fiGD5CVRlP185d
39Kt
-----END CERTIFICATE-----
Generated at Sun Jun 9 20:36:25 2024 by rpki-client on console-fra.rpki-client.org