Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ZdHvDPz3LMe6SHeg7V_ghNSqPvk.roa
File: ZdHvDPz3LMe6SHeg7V_ghNSqPvk.roa (raw, json)
Hash identifier: 429wmIr57EFwfb94iRmP0c3mF5tykruyRH64VJD1OPE=
Subject key identifier: 65:D1:EF:0C:FC:F7:2C:C7:BA:48:77:A0:ED:5F:E0:84:D4:AA:3E:F9
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC96302957BF664A460664A42DDDB1133
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ZdHvDPz3LMe6SHeg7V_ghNSqPvk.roa
Signing time: Tue 02 Jan 2024 08:55:58 +0000
ROA not before: Tue 02 Jan 2024 08:55:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.26.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.178.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Jan 2024 08:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:63:02:95:7b:f6:64:a4:60:66:4a:42:dd:db:11:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 08:55:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65d1ef0cfcf72cc7ba4877a0ed5fe084d4aa3ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7f:10:42:c2:49:ca:0c:67:fc:30:ca:7b:fb:
8e:cc:3e:fd:4c:24:31:c3:b6:30:06:0e:ce:0f:fd:
07:9c:25:c4:4c:9f:26:1f:10:ab:57:6c:60:c7:3d:
da:0a:14:91:21:73:b0:0e:56:cf:2d:85:29:c7:ee:
ea:38:f6:f9:ee:90:7b:47:5d:74:c0:b6:fe:5d:79:
51:bf:90:ac:53:23:88:08:d2:91:66:04:84:45:31:
98:22:c2:ea:c6:61:31:ef:19:be:2c:36:06:c9:e5:
b8:49:6c:2f:f6:6d:c2:00:59:6d:fb:af:ef:e4:cc:
56:e2:a6:da:25:94:d5:68:03:75:0f:9d:fb:25:31:
88:f1:6e:ad:44:b7:a9:67:0c:ec:0c:cd:29:fd:5c:
79:32:9f:5b:47:c5:af:40:28:e5:bd:b7:d8:5d:65:
60:26:60:70:b4:ec:33:fc:71:05:47:d0:1e:44:6a:
a7:9b:43:e2:9a:fa:17:8c:d2:5f:ce:04:65:5d:4c:
5e:18:05:c4:48:49:b9:40:f9:51:8e:85:11:f8:af:
c8:78:fd:09:9f:0e:03:f4:bc:54:de:4b:39:a9:c7:
39:90:89:d0:c3:72:a4:c6:9b:93:f0:65:e6:bf:88:
b0:9c:b7:28:97:60:ce:af:21:8e:5b:14:81:71:67:
f8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D1:EF:0C:FC:F7:2C:C7:BA:48:77:A0:ED:5F:E0:84:D4:AA:3E:F9
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ZdHvDPz3LMe6SHeg7V_ghNSqPvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.39.0/24
84.32.46.0/23
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.188.0/22
88.216.198.0/24
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
18:27:e2:63:88:43:b2:26:ff:8a:90:e9:84:65:9b:bb:3f:a1:
61:c4:e1:f7:d8:09:ed:e2:cd:c4:2a:c3:c7:e7:5a:b5:bc:ac:
b1:08:f8:b6:16:1d:97:6d:5e:86:66:fc:c0:8d:22:f5:9a:22:
a3:d5:75:97:65:4e:e6:e2:60:9d:df:3f:c5:e3:fc:4e:d3:7d:
ac:01:6b:01:18:4c:b9:21:6d:9d:0b:30:59:f5:2f:da:45:d4:
2b:26:86:c7:9a:54:45:94:08:91:ce:64:64:cc:ed:22:8a:57:
ba:6c:17:19:c2:3c:8b:4a:01:5f:2e:c6:af:f1:e3:31:ff:58:
8e:2d:67:54:b4:93:a1:67:7f:58:3c:f6:dc:ec:c4:2c:a2:b9:
96:dc:33:2e:06:aa:8c:30:cf:de:16:25:42:0a:16:50:92:ed:
f1:85:52:83:a6:10:e9:8c:00:51:17:bb:8f:48:bd:5d:7a:15:
a7:05:26:1a:e6:ac:0f:df:d0:b2:35:de:e8:01:15:cf:3b:e1:
10:73:87:7f:64:49:f7:3a:05:b7:5a:14:6e:1a:db:c4:ca:21:
a2:83:19:60:bd:92:16:e7:ec:15:f9:12:99:a5:8c:75:9b:15:
10:6a:53:9b:79:0a:c3:13:1c:48:11:ae:0a:df:46:6e:93:11:
51:8b:76:c0
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYzJYwKVe/ZkpGBmSkLd2xEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAyMDg1NTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQxZWYwY2ZjZjcyY2M3YmE0ODc3YTBlZDVmZTA4NGQ0YWEzZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiH8QQsJJygxn/DDKe/uOzD79TCQx
w7YwBg7OD/0HnCXETJ8mHxCrV2xgxz3aChSRIXOwDlbPLYUpx+7qOPb57pB7R110
wLb+XXlRv5CsUyOICNKRZgSERTGYIsLqxmEx7xm+LDYGyeW4SWwv9m3CAFlt+6/v
5MxW4qbaJZTVaAN1D537JTGI8W6tRLepZwzsDM0p/Vx5Mp9bR8WvQCjlvbfYXWVg
JmBwtOwz/HEFR9AeRGqnm0PimvoXjNJfzgRlXUxeGAXESEm5QPlRjoUR+K/IeP0J
nw4D9LxU3ks5qcc5kInQw3KkxpuT8GXmv4iwnLcol2DOryGOWxSBcWf4ZwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFGXR7wz89yzHukh3oO1f4ITUqj75MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWmRIdkRQejNMTWU2U0hlZzdWX2doTlNxUHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQwDAME
AFQgBwMEAFQgCDAMAwQCVCAUAwQCVCAYAwQAVCAnAwQBVCAuAwQAVCBfAwQCVCCU
AwQBVCCuAwQBVCCyAwQBVCDWAwQCVCD0AwQBWNgWAwQBWNgsAwQAWNhdMAwDBAFY
2IIDBABY2IQDBAFY2IYDBAJY2LwDBABY2MYDBAJY2NQwDQYJKoZIhvcNAQELBQAD
ggEBABgn4mOIQ7Im/4qQ6YRlm7s/oWHE4ffYCe3izcQqw8fnWrW8rLEI+LYWHZdt
XoZm/MCNIvWaIqPVdZdlTubiYJ3fP8Xj/E7TfawBawEYTLkhbZ0LMFn1L9pF1Csm
hseaVEWUCJHOZGTM7SKKV7psFxnCPItKAV8uxq/x4zH/WI4tZ1S0k6Fnf1g89tzs
xCyiuZbcMy4Gqowwz94WJUIKFlCS7fGFUoOmEOmMAFEXu49IvV16FacFJhrmrA/f
0LI13ugBFc874RBzh39kSfc6BbdaFG4a28TKIaKDGWC9khbn7BX5EpmljHWbFRBq
U5t5CsMTHEgRrgrfRm6TEVGLdsA=
-----END CERTIFICATE-----
Generated at Sun Jan 7 12:32:41 2024 by rpki-client on console-ams.rpki-client.org