Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_zAouf-A2jVlbQkm6I76KSgdnS4.roa
File: _zAouf-A2jVlbQkm6I76KSgdnS4.roa (raw, json)
Hash identifier: Rl0LTmEmg4Thg/aIEhbAmTxXE1XkhgrEkQ917i0RWtA=
Subject key identifier: FF:30:28:B9:FF:80:DA:35:65:6D:09:26:E8:8E:FA:29:28:1D:9D:2E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFB197D36FD02C357484358016D38E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_zAouf-A2jVlbQkm6I76KSgdnS4.roa
Signing time: Sun 01 Jan 2023 18:54:46 +0000
ROA not before: Sun 01 Jan 2023 18:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.214.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.36.0/24 maxlen: 24
88.216.252.0/22 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:b1:97:d3:6f:d0:2c:35:74:84:35:80:16:d3:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff3028b9ff80da35656d0926e88efa29281d9d2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b8:25:79:d1:24:da:4d:90:dd:50:01:ec:7a:
96:ee:33:5e:e2:fc:21:24:08:5e:cf:1e:4e:5c:23:
17:f6:99:5e:4d:02:72:05:8b:8c:81:36:71:05:e5:
b4:af:00:a7:f7:9d:14:a6:7f:52:6c:f7:02:5c:c0:
50:f5:22:cc:1e:c3:57:98:ba:f0:5f:17:cd:e4:c9:
6f:8d:59:8d:77:d9:04:4f:84:bf:ec:62:b3:0a:8b:
6d:ef:26:61:21:ca:b1:38:69:e7:b3:cb:16:29:02:
c1:f6:72:da:b5:56:0e:fa:df:a0:8d:86:0b:9b:1d:
a0:24:10:5a:e2:42:43:7e:e7:29:61:59:8b:92:30:
e6:c1:26:ae:2e:26:dd:aa:e3:4b:94:2f:f8:cd:2e:
44:3c:4d:38:9b:9d:ba:ac:15:2a:84:3d:81:aa:fe:
8e:8e:6f:45:f0:31:d8:13:a6:f0:d3:fb:2f:a2:a7:
5a:b8:26:1a:f1:19:da:07:e3:39:6a:db:91:de:62:
66:04:9c:d9:a0:bf:20:c3:1d:90:25:61:b6:5d:13:
21:82:8b:23:f0:4a:ad:59:20:24:50:b2:33:7b:1a:
3f:01:44:64:97:ac:b0:91:bf:89:d2:a3:0b:9e:94:
22:82:82:b4:4a:91:fc:08:a3:77:7f:86:78:3c:a2:
0e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:30:28:B9:FF:80:DA:35:65:6D:09:26:E8:8E:FA:29:28:1D:9D:2E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_zAouf-A2jVlbQkm6I76KSgdnS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.42.0/24
84.32.52.0/22
84.32.76.0/23
84.32.240.0/24
84.32.243.0/24
88.216.17.0/24
88.216.36.0/24
88.216.40.0/24
88.216.43.0/24
88.216.98.0/24
88.216.132.0/23
88.216.190.0/24
88.216.214.0/24
88.216.228.0-88.216.247.255
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:06:16:89:2e:9a:4a:de:a8:86:56:97:b8:57:06:5d:e4:13:
c3:64:83:96:28:51:fe:f0:6d:a1:29:be:dd:f0:8d:5e:9f:7d:
01:11:e7:5a:84:a2:4f:8f:5e:8e:8d:74:7c:46:24:15:26:45:
48:60:fe:53:fd:d4:62:df:59:5d:1a:0a:44:99:08:04:9c:1f:
3e:a7:20:85:a1:50:8d:eb:d2:8b:70:ce:2e:c1:6d:0d:97:49:
00:f2:bf:34:5c:d5:3b:55:08:9f:92:ff:45:29:c4:e6:9d:ab:
d3:49:64:4b:dc:b0:43:c8:0a:bc:0f:f8:61:cc:35:63:e1:14:
f0:cf:f6:d4:cc:45:9c:65:b9:cb:5f:b0:ab:3b:15:f1:16:af:
08:27:96:5a:3a:64:a5:6f:87:bc:fa:70:90:92:17:28:f1:fc:
b2:57:89:36:2c:f9:be:59:9a:28:4c:29:53:d4:01:d8:3c:15:
fb:ee:82:69:c8:cc:84:e0:f8:c6:31:c1:df:fd:37:10:5a:26:
37:73:d7:18:3d:71:c3:73:0c:44:f6:65:3e:8c:fd:99:34:2c:
a3:45:c9:47:61:d5:05:0b:47:8d:33:c4:34:cc:2e:6e:1e:55:
ed:dd:3c:fc:e5:29:d3:c1:7d:80:1a:88:21:9e:85:87:be:8e:
ba:c0:d2:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYVur7GX02/QLDV0hDWAFtOOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjMwMjhiOWZmODBkYTM1NjU2ZDA5MjZlODhlZmEyOTI4MWQ5ZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLgledEk2k2Q3VAB7HqW7jNe4vwh
JAhezx5OXCMX9pleTQJyBYuMgTZxBeW0rwCn950Upn9SbPcCXMBQ9SLMHsNXmLrw
XxfN5MlvjVmNd9kET4S/7GKzCott7yZhIcqxOGnns8sWKQLB9nLatVYO+t+gjYYL
mx2gJBBa4kJDfucpYVmLkjDmwSauLibdquNLlC/4zS5EPE04m526rBUqhD2Bqv6O
jm9F8DHYE6bw0/svoqdauCYa8RnaB+M5atuR3mJmBJzZoL8gwx2QJWG2XRMhgosj
8EqtWSAkULIzexo/AURkl6ywkb+J0qMLnpQigoK0SpH8CKN3f4Z4PKIOHQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFP8wKLn/gNo1ZW0JJuiO+ikoHZ0uMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvX3pBb3VmLUEyalZsYlFrbTZJNzZLU2dkblM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAFQgBgME
AFQgKgMEAlQgNAMEAVQgTAMEAFQg8AMEAFQg8wMEAFjYEQMEAFjYJAMEAFjYKAME
AFjYKwMEAFjYYgMEAVjYhAMEAFjYvgMEAFjY1jAMAwQCWNjkAwQDWNjwAwQCWNj8
MA0GCSqGSIb3DQEBCwUAA4IBAQAdBhaJLppK3qiGVpe4VwZd5BPDZIOWKFH+8G2h
Kb7d8I1en30BEedahKJPj16OjXR8RiQVJkVIYP5T/dRi31ldGgpEmQgEnB8+pyCF
oVCN69KLcM4uwW0Nl0kA8r80XNU7VQifkv9FKcTmnavTSWRL3LBDyAq8D/hhzDVj
4RTwz/bUzEWcZbnLX7CrOxXxFq8IJ5ZaOmSlb4e8+nCQkhco8fyyV4k2LPm+WZoo
TClT1AHYPBX77oJpyMyE4PjGMcHf/TcQWiY3c9cYPXHDcwxE9mU+jP2ZNCyjRclH
YdUFC0eNM8Q0zC5uHlXt3Tz85SnTwX2AGoghnoWHvo66wNK4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:31 2023 by rpki-client on console-ams.rpki-client.org