Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Y3IqjiTKPi-iWMwzqhloAJ45E28.roa
File: Y3IqjiTKPi-iWMwzqhloAJ45E28.roa (raw, json)
Hash identifier: G0ceK/2wFaZqKK5MWsyxY89gY7JjHoteRI2Qa9bcGcI=
Subject key identifier: 63:72:2A:8E:24:CA:3E:2F:A2:58:CC:33:AA:19:68:00:9E:39:13:6F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CE325675CFE86C566DE82D4581D8B8ADA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Y3IqjiTKPi-iWMwzqhloAJ45E28.roa
Signing time: Sun 07 Jan 2024 08:58:48 +0000
ROA not before: Sun 07 Jan 2024 08:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43289
IP address blocks: 84.32.66.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
84.32.83.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jan 2024 18:13:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e3:25:67:5c:fe:86:c5:66:de:82:d4:58:1d:8b:8a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 7 08:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63722a8e24ca3e2fa258cc33aa1968009e39136f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c7:49:58:d4:61:4c:13:b4:e6:81:e9:5e:e9:
a9:e3:b3:97:03:35:ec:95:de:2b:14:1c:38:50:d0:
6d:68:cc:0c:c0:8b:a6:ff:3f:17:3e:14:8d:64:6f:
d7:ca:7e:18:3d:b1:04:4a:56:6a:f9:9d:71:b8:08:
e9:dc:24:c0:bb:c9:8e:22:37:e6:52:91:cc:1b:2d:
ab:47:34:eb:a7:01:48:98:5d:4b:c5:82:1b:ca:17:
09:fe:a8:ab:3c:3f:d9:8a:8c:a0:9a:3d:f3:6d:35:
5f:22:bb:f5:7b:f1:36:a3:13:c8:ee:95:92:24:09:
6d:d0:90:a8:de:ea:67:7f:3f:83:27:ee:52:f4:60:
b9:52:7c:12:68:d7:01:db:72:2b:04:0b:d8:d8:9e:
a1:d4:01:fc:4b:eb:15:de:04:c3:e2:2a:eb:ee:14:
9d:5b:fd:b7:8a:07:15:40:d0:c7:95:b1:d3:d8:76:
f9:68:dd:d3:8d:92:80:07:45:5f:f1:a0:55:8b:eb:
66:18:90:00:c4:3c:ed:5a:d7:a3:c4:cf:31:94:59:
16:16:65:1a:6f:3f:06:b7:60:4b:7c:b7:51:da:3d:
71:68:92:7a:24:0b:35:8d:eb:f8:49:87:0a:82:d7:
3f:28:e3:55:f9:4f:79:13:b1:1e:d2:05:c1:ae:fc:
8c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:72:2A:8E:24:CA:3E:2F:A2:58:CC:33:AA:19:68:00:9E:39:13:6F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Y3IqjiTKPi-iWMwzqhloAJ45E28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.66.0/24
84.32.83.0/24
84.32.210.0/24
88.216.180.0/24
88.216.198.0/24
88.216.211.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:c3:96:bd:ae:f5:0f:6f:b5:52:b7:a1:3a:6d:2f:c1:27:b7:
f1:81:6e:76:ae:9e:40:64:8d:db:78:ca:5c:ec:2c:f4:f6:19:
5c:23:1e:36:18:b2:cd:33:bb:39:07:10:35:23:50:b3:37:48:
d4:e9:3b:a4:13:37:65:1a:5c:6c:cd:fc:f7:ab:e1:8b:dd:77:
58:a5:8f:4d:a1:23:a5:a5:f1:2e:1b:2b:e2:73:e9:f1:59:1c:
bc:56:5e:f6:e6:5f:73:f9:e9:a7:a1:cf:28:72:01:49:75:78:
07:89:c3:e7:00:fc:d2:24:b5:38:fd:ac:9e:6b:02:82:56:fb:
70:f6:63:a0:e8:1a:99:3c:8d:10:31:3c:9c:53:3c:76:fc:b2:
55:49:61:6b:36:df:aa:94:0d:52:32:6d:7a:95:6a:67:63:e5:
58:f4:7b:47:f0:2f:77:ca:26:2b:8b:54:90:b8:7d:39:af:8a:
b2:5d:a8:ce:4d:b9:58:2d:c3:b1:57:0f:67:35:19:b7:82:67:
ba:7e:f4:59:19:42:9a:20:e2:8a:01:68:e9:3a:a0:8f:d1:f0:
cb:d1:b4:6b:e8:41:78:e1:26:75:84:83:b1:df:27:8e:7e:6f:
3a:63:3d:3f:9e:1c:23:9c:fc:f6:24:8f:c4:f2:4c:78:aa:d0:
9f:67:a8:03
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzjJWdc/obFZt6C1Fgdi4raMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTA3MDg1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzcyMmE4ZTI0Y2EzZTJmYTI1OGNjMzNhYTE5NjgwMDllMzkxMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsdJWNRhTBO05oHpXump47OXAzXs
ld4rFBw4UNBtaMwMwIum/z8XPhSNZG/Xyn4YPbEESlZq+Z1xuAjp3CTAu8mOIjfm
UpHMGy2rRzTrpwFImF1LxYIbyhcJ/qirPD/Zioygmj3zbTVfIrv1e/E2oxPI7pWS
JAlt0JCo3upnfz+DJ+5S9GC5UnwSaNcB23IrBAvY2J6h1AH8S+sV3gTD4irr7hSd
W/23igcVQNDHlbHT2Hb5aN3TjZKAB0Vf8aBVi+tmGJAAxDztWtejxM8xlFkWFmUa
bz8Gt2BLfLdR2j1xaJJ6JAs1jev4SYcKgtc/KONV+U95E7Ee0gXBrvyMxwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGNyKo4kyj4voljMM6oZaACeORNvMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWTNJcWppVEtQaS1pV013enFobG9BSjQ1RTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCBCAwQA
VCBTAwQAVCDSAwQAWNi0AwQAWNjGAwQAWNjTMA0GCSqGSIb3DQEBCwUAA4IBAQAL
w5a9rvUPb7VSt6E6bS/BJ7fxgW52rp5AZI3beMpc7Cz09hlcIx42GLLNM7s5BxA1
I1CzN0jU6TukEzdlGlxszfz3q+GL3XdYpY9NoSOlpfEuGyvic+nxWRy8Vl725l9z
+emnoc8ocgFJdXgHicPnAPzSJLU4/ayeawKCVvtw9mOg6BqZPI0QMTycUzx2/LJV
SWFrNt+qlA1SMm16lWpnY+VY9HtH8C93yiYri1SQuH05r4qyXajOTblYLcOxVw9n
NRm3gme6fvRZGUKaIOKKAWjpOqCP0fDL0bRr6EF44SZ1hIOx3yeOfm86Yz0/nhwj
nPz2JI/E8kx4qtCfZ6gD
-----END CERTIFICATE-----
Generated at Sun Jan 28 19:13:31 2024 by rpki-client on console-ams.rpki-client.org