Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XhFljRvP6T2q5BRRO5ZZNGrV4eU.roa
File: XhFljRvP6T2q5BRRO5ZZNGrV4eU.roa (raw, json)
Hash identifier: PY3FDYExE2ntmeOtDX5yG4eC3BksuQhXTA8jo+o3EHo=
Subject key identifier: 5E:11:65:8D:1B:CF:E9:3D:AA:E4:14:51:3B:96:59:34:6A:D5:E1:E5
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01881DF3B11A20F0C6B4E84468E61B12390E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XhFljRvP6T2q5BRRO5ZZNGrV4eU.roa
Signing time: Mon 15 May 2023 05:48:09 +0000
ROA not before: Mon 15 May 2023 05:48:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 84.32.65.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.29.0/24 maxlen: 24
84.32.26.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.241.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
84.32.45.0/24 maxlen: 24
84.32.211.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
84.32.155.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1d:f3:b1:1a:20:f0:c6:b4:e8:44:68:e6:1b:12:39:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 15 05:48:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e11658d1bcfe93daae414513b9659346ad5e1e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d5:53:80:a2:c0:1b:16:6f:9c:3a:e0:8a:fe:
f3:e0:ef:50:35:3d:f4:0c:5d:ff:9f:2f:3a:8b:a2:
06:58:cd:34:20:53:28:55:04:3c:5c:cb:c1:13:4e:
37:1a:e4:ac:44:01:e4:a9:8d:76:c3:d1:f3:48:a2:
5c:0b:b6:4c:df:e7:3d:fd:4c:47:68:99:82:7f:97:
2c:03:82:a3:80:68:e2:70:0a:a8:c6:fe:00:29:84:
41:0d:1a:77:00:e7:23:df:5b:bc:c4:4c:ee:dc:7e:
88:2f:81:38:bf:ee:b2:b6:0d:6c:7e:46:03:15:1d:
fd:f9:50:cd:a3:d4:6e:19:15:55:3e:d1:71:93:45:
ed:c2:90:cf:3b:93:8a:13:eb:ff:98:a9:bf:29:42:
a6:6e:61:2c:79:d3:5c:39:b3:0a:06:58:38:9f:ec:
1d:a0:cb:ad:42:ef:13:e9:fa:0a:c9:46:55:89:09:
49:4d:ff:75:b6:07:ba:cd:4e:55:01:e9:3d:ad:d2:
4f:44:1d:e3:58:94:61:2a:c7:ec:ff:fc:e6:62:08:
60:b9:46:17:99:79:6d:18:d8:60:a0:a1:97:9d:32:
ed:dd:0e:09:b0:af:97:1d:7a:a0:36:49:e8:1b:c3:
2d:60:3d:c4:04:fd:1f:8f:a3:35:22:fc:0e:a8:eb:
48:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:11:65:8D:1B:CF:E9:3D:AA:E4:14:51:3B:96:59:34:6A:D5:E1:E5
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XhFljRvP6T2q5BRRO5ZZNGrV4eU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.26.0/24
84.32.29.0-84.32.30.255
84.32.45.0/24
84.32.65.0/24
84.32.76.0/23
84.32.79.0/24
84.32.92.0/24
84.32.94.0/24
84.32.155.0/24
84.32.210.0-84.32.212.255
84.32.241.0/24
84.32.243.0/24
84.32.255.0/24
88.216.190.0/23
88.216.198.0/24
88.216.211.0/24
Signature Algorithm: sha256WithRSAEncryption
81:c9:f0:7b:f0:06:e9:c4:ce:b0:3a:30:ba:a7:56:45:f5:b0:
0b:07:08:31:5c:cb:d3:e8:da:a6:f9:8f:94:ea:eb:ae:4b:0b:
6f:c1:62:a6:3e:86:13:5b:6c:e9:5a:eb:f3:2b:ab:67:27:89:
5e:b8:9d:3b:79:8f:05:c7:00:0e:81:36:cb:40:48:3c:63:f8:
d9:2d:e5:5e:c8:47:c7:76:8e:9e:bc:9d:d8:b0:50:87:96:6b:
4b:0f:b7:ed:65:fc:17:1b:6d:fd:e3:08:70:78:5a:94:cf:d9:
91:f0:d4:07:75:3f:70:6d:c1:ba:18:bb:14:e4:49:ff:58:32:
fd:59:41:d4:91:ae:30:ba:0b:90:8b:2a:de:15:c7:83:9f:27:
d9:b9:82:e2:ad:41:4b:a3:7b:6c:a7:e0:e3:13:4d:97:27:90:
bf:49:13:fe:ea:4f:40:86:ba:79:56:56:51:1a:c1:32:72:3c:
ce:fd:26:1d:8a:f5:56:e6:7a:cb:41:3f:16:92:4a:ac:70:91:
8b:66:b9:ea:12:f2:3e:ed:c5:77:54:53:73:f5:be:82:f5:33:
66:5f:4c:19:2f:7c:c5:f2:f8:26:ac:4f:f2:13:6a:73:45:c5:
6d:f8:7c:e5:93:b1:ff:f2:f7:54:38:08:0f:f8:68:63:8d:6c:
15:d7:11:39
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYgd87EaIPDGtOhEaOYbEjkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTE1MDU0ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTExNjU4ZDFiY2ZlOTNkYWFlNDE0NTEzYjk2NTkzNDZhZDVlMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9VTgKLAGxZvnDrgiv7z4O9QNT30
DF3/ny86i6IGWM00IFMoVQQ8XMvBE043GuSsRAHkqY12w9HzSKJcC7ZM3+c9/UxH
aJmCf5csA4KjgGjicAqoxv4AKYRBDRp3AOcj31u8xEzu3H6IL4E4v+6ytg1sfkYD
FR39+VDNo9RuGRVVPtFxk0XtwpDPO5OKE+v/mKm/KUKmbmEsedNcObMKBlg4n+wd
oMutQu8T6foKyUZViQlJTf91tge6zU5VAek9rdJPRB3jWJRhKsfs//zmYghguUYX
mXltGNhgoKGXnTLt3Q4JsK+XHXqgNknoG8MtYD3EBP0fj6M1IvwOqOtIFwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFF4RZY0bz+k9quQUUTuWWTRq1eHlMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWGhGbGpSdlA2VDJxNUJSUk81WlpOR3JWNGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAFQgGjAM
AwQAVCAdAwQAVCAeAwQAVCAtAwQAVCBBAwQBVCBMAwQAVCBPAwQAVCBcAwQAVCBe
AwQAVCCbMAwDBAFUINIDBABUINQDBABUIPEDBABUIPMDBABUIP8DBAFY2L4DBABY
2MYDBABY2NMwDQYJKoZIhvcNAQELBQADggEBAIHJ8HvwBunEzrA6MLqnVkX1sAsH
CDFcy9Po2qb5j5Tq665LC2/BYqY+hhNbbOla6/Mrq2cniV64nTt5jwXHAA6BNstA
SDxj+Nkt5V7IR8d2jp68ndiwUIeWa0sPt+1l/Bcbbf3jCHB4WpTP2ZHw1Ad1P3Bt
wboYuxTkSf9YMv1ZQdSRrjC6C5CLKt4Vx4OfJ9m5guKtQUuje2yn4OMTTZcnkL9J
E/7qT0CGunlWVlEawTJyPM79Jh2K9VbmestBPxaSSqxwkYtmueoS8j7txXdUU3P1
voL1M2ZfTBkvfMXy+CasT/ITanNFxW34fOWTsf/y91Q4CA/4aGONbBXXETk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:48 2023 by rpki-client on console-fra.rpki-client.org