Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/YjzrFnzxKrVnUtii7JTuPTNVjTI.roa
File: YjzrFnzxKrVnUtii7JTuPTNVjTI.roa (raw, json)
Hash identifier: 8iM0sXoT4Tg3e9qtNR0jTOO8OkZzwTSqFu1iHvBXGsA=
Subject key identifier: 62:3C:EB:16:7C:F1:2A:B5:67:52:D8:A2:EC:94:EE:3D:33:55:8D:32
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFC0FD3A86C6F9934F31C9D3FF06BC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/YjzrFnzxKrVnUtii7JTuPTNVjTI.roa
Signing time: Sun 01 Jan 2023 18:54:50 +0000
ROA not before: Sun 01 Jan 2023 18:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.59.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
84.32.219.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.28.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jan 2023 07:10:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:c0:fd:3a:86:c6:f9:93:4f:31:c9:d3:ff:06:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=623ceb167cf12ab56752d8a2ec94ee3d33558d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5d:31:d1:d5:51:0d:aa:b6:cd:8e:bf:1b:f9:
46:38:fa:f8:ae:a8:6a:a2:33:a2:d3:cf:ae:9b:07:
53:4b:f5:20:cb:db:35:e2:44:bb:60:97:b2:bd:fd:
2c:af:03:68:b6:99:64:10:b3:b3:07:07:52:80:d1:
4e:bd:b7:b6:9d:df:63:c5:27:bd:99:94:a0:8a:4f:
e5:10:23:04:12:c0:bf:3c:68:df:85:e1:6c:38:6e:
32:b4:23:a9:d2:24:31:b7:d3:5f:ee:ea:82:18:b6:
a7:40:85:4c:e7:04:02:d2:ce:8a:4e:34:8c:89:db:
7a:15:da:39:31:44:3d:fb:2c:da:f6:be:78:c7:aa:
37:5f:ca:0e:1b:7b:29:f5:10:ff:d4:91:f8:7f:98:
a8:86:5b:11:b7:7b:9f:0d:c7:03:e6:bd:55:40:2a:
a6:1c:aa:2b:00:c2:33:d2:5e:a3:03:5b:6a:c5:99:
e4:0e:f1:fd:19:a4:0c:91:e1:b0:9c:e1:7f:d6:43:
0f:b9:04:7e:3b:af:b8:fd:a0:30:40:c5:49:f3:29:
2d:3d:51:01:01:2b:ee:9b:12:f4:78:16:e9:24:0e:
43:f6:e2:5d:de:9d:24:66:1e:ba:ff:6d:52:01:b5:
ea:b5:75:ce:81:27:1f:b7:78:ff:15:81:c6:98:8c:
52:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:3C:EB:16:7C:F1:2A:B5:67:52:D8:A2:EC:94:EE:3D:33:55:8D:32
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/YjzrFnzxKrVnUtii7JTuPTNVjTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.28.0/24
84.32.30.0/24
84.32.44.0/24
84.32.46.0/23
84.32.59.0-84.32.60.255
84.32.66.0/24
84.32.68.0/24
84.32.90.0/24
84.32.92.0/24
84.32.219.0/24
84.32.225.0/24
84.32.227.0/24
84.32.255.0/24
88.216.95.0/24
88.216.103.0/24
88.216.188.0/24
88.216.209.0/24
Signature Algorithm: sha256WithRSAEncryption
81:4f:79:5a:26:0e:e4:05:2b:d9:ed:e0:c3:a2:72:0a:b3:99:
18:dc:71:41:41:f7:9f:ea:69:b7:37:7b:ea:1a:5f:7c:87:6c:
19:bf:9f:5d:e1:0c:3e:c4:54:d4:fc:49:9f:0a:04:65:40:fa:
de:e8:43:a2:88:55:15:4a:53:5f:e6:7b:26:f0:84:95:51:70:
ff:13:17:a8:2f:f3:31:9b:16:76:a1:0f:ff:24:85:f2:84:fd:
84:a5:c5:93:3f:41:42:52:26:5c:0b:97:3b:26:ea:01:b6:15:
89:9e:5b:70:81:ed:fd:63:eb:fa:db:86:e3:27:fc:57:12:57:
e1:00:79:86:b9:44:09:51:19:44:67:d4:b2:f6:78:80:32:10:
88:80:2e:a8:ce:c3:d0:79:a7:4e:2f:e5:87:df:8d:1b:7d:1c:
85:2b:88:86:18:a1:53:4b:37:3c:73:9c:cc:db:43:f4:59:04:
93:07:00:7a:26:5e:55:c1:26:4b:f2:3a:1d:eb:e2:bd:1d:4c:
2d:d8:60:3b:b6:dc:f3:ed:dd:03:f3:6e:d2:d6:88:de:af:c1:
76:13:47:ce:6b:6e:19:e4:fa:d9:98:46:41:88:b0:1a:51:6a:
be:39:dd:f3:d9:33:a3:ad:1c:9f:89:54:60:41:dd:28:1e:29:
3b:b1:c7:db
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYVur8D9OobG+ZNPMcnT/wa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjNjZWIxNjdjZjEyYWI1Njc1MmQ4YTJlYzk0ZWUzZDMzNTU4ZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF0x0dVRDaq2zY6/G/lGOPr4rqhq
ojOi08+umwdTS/Ugy9s14kS7YJeyvf0srwNotplkELOzBwdSgNFOvbe2nd9jxSe9
mZSgik/lECMEEsC/PGjfheFsOG4ytCOp0iQxt9Nf7uqCGLanQIVM5wQC0s6KTjSM
idt6Fdo5MUQ9+yza9r54x6o3X8oOG3sp9RD/1JH4f5iohlsRt3ufDccD5r1VQCqm
HKorAMIz0l6jA1tqxZnkDvH9GaQMkeGwnOF/1kMPuQR+O6+4/aAwQMVJ8yktPVEB
ASvumxL0eBbpJA5D9uJd3p0kZh66/21SAbXqtXXOgScft3j/FYHGmIxSqQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFGI86xZ88Sq1Z1LYouyU7j0zVY0yMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWWp6ckZuenhLclZuVXRpaTdKVHVQVE5WalRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAFQgHAME
AFQgHgMEAFQgLAMEAVQgLjAMAwQAVCA7AwQAVCA8AwQAVCBCAwQAVCBEAwQAVCBa
AwQAVCBcAwQAVCDbAwQAVCDhAwQAVCDjAwQAVCD/AwQAWNhfAwQAWNhnAwQAWNi8
AwQAWNjRMA0GCSqGSIb3DQEBCwUAA4IBAQCBT3laJg7kBSvZ7eDDonIKs5kY3HFB
Qfef6mm3N3vqGl98h2wZv59d4Qw+xFTU/EmfCgRlQPre6EOiiFUVSlNf5nsm8ISV
UXD/ExeoL/MxmxZ2oQ//JIXyhP2EpcWTP0FCUiZcC5c7JuoBthWJnltwge39Y+v6
24bjJ/xXElfhAHmGuUQJURlEZ9Sy9niAMhCIgC6ozsPQeadOL+WH340bfRyFK4iG
GKFTSzc8c5zM20P0WQSTBwB6Jl5VwSZL8jod6+K9HUwt2GA7ttzz7d0D827S1oje
r8F2E0fOa24Z5PrZmEZBiLAaUWq+Od3z2TOjrRyfiVRgQd0oHik7scfb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org