Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aJgUSM4tmBncz_E_cP0IrlAzn18.roa
File: aJgUSM4tmBncz_E_cP0IrlAzn18.roa (raw, json)
Hash identifier: 7geRifKFbKX6LcdG5yoW5K15VCqlFbY/qMyrRuUR2bg=
Subject key identifier: 68:98:14:48:CE:2D:98:19:DC:CF:F1:3F:70:FD:08:AE:50:33:9F:5F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185B0D624CB038DA8AD3B0451342850B82F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aJgUSM4tmBncz_E_cP0IrlAzn18.roa
Signing time: Sat 14 Jan 2023 15:11:42 +0000
ROA not before: Sat 14 Jan 2023 15:11:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 88.216.67.0/24 maxlen: 24
88.216.66.0/24 maxlen: 24
84.32.213.0/24 maxlen: 24
84.32.216.0/24 maxlen: 24
88.216.109.0/24 maxlen: 24
88.216.110.0/24 maxlen: 24
88.216.106.0/24 maxlen: 24
88.216.107.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
84.32.49.0/24 maxlen: 24
84.32.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Feb 2023 07:10:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b0:d6:24:cb:03:8d:a8:ad:3b:04:51:34:28:50:b8:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 14 15:11:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68981448ce2d9819dccff13f70fd08ae50339f5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:d2:66:a9:62:09:7e:aa:c1:84:ea:3d:fe:e4:
72:34:9e:56:d9:0d:5d:5f:a8:81:aa:b9:d6:38:69:
ef:1b:8d:8a:52:8f:b5:ab:53:7e:5c:dd:51:89:be:
74:ff:1f:2a:b2:62:59:04:28:74:01:52:a8:81:5f:
87:85:44:42:6b:15:b4:ae:5b:a7:cd:57:7a:59:c1:
0a:5d:b8:07:cb:d4:4b:be:c5:58:fd:85:9b:75:c4:
b7:c3:11:f9:ca:3f:ea:c5:5d:66:a5:22:0f:ad:20:
40:1d:32:e5:b6:df:7b:ef:66:60:9c:7b:27:b1:af:
73:38:be:58:b8:1b:e1:18:1a:89:7e:41:f2:b9:9b:
13:05:6d:c3:c2:30:c4:cc:91:c6:47:2e:1d:4b:46:
23:e6:2b:55:6d:ab:ea:ba:d4:63:df:a8:be:60:68:
91:7d:e9:ec:d6:b8:38:de:3c:1a:f9:0b:b3:45:8d:
d1:ba:39:af:88:07:a6:b3:b6:d0:dd:c4:dc:13:45:
18:3f:ea:cb:76:51:40:3a:65:9e:6a:59:1e:9b:49:
61:a8:5a:b1:76:e5:6d:f8:fc:61:a1:73:10:4f:ea:
c0:2e:29:af:a4:9c:2e:59:47:27:a7:0b:96:92:35:
39:79:7c:09:86:4c:db:18:68:42:e5:35:5b:0f:c1:
fe:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:98:14:48:CE:2D:98:19:DC:CF:F1:3F:70:FD:08:AE:50:33:9F:5F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aJgUSM4tmBncz_E_cP0IrlAzn18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.49.0/24
84.32.51.0/24
84.32.213.0/24
84.32.216.0/24
88.216.66.0/23
88.216.106.0/23
88.216.109.0-88.216.110.255
88.216.222.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:2b:12:84:2c:15:5d:f1:84:de:7a:95:d1:25:1e:50:b2:a0:
10:da:e1:b5:f9:5d:2d:a3:80:61:03:f5:6f:ee:50:86:a0:08:
bf:c4:91:f3:ec:f8:6b:3c:fc:4a:2e:6f:79:86:64:0a:56:db:
6b:12:76:21:67:69:ab:3b:1a:e1:3d:8b:3d:52:62:fb:a0:fe:
4f:4b:c2:60:b6:ae:4d:c8:f7:35:fa:f0:10:8e:65:c1:04:d7:
61:da:0b:bb:f7:53:dd:0a:67:96:7f:9b:2e:ba:3b:4a:cc:4c:
90:5b:e8:48:52:c6:20:20:f0:5e:6f:0b:ec:6c:2d:c8:95:05:
36:5c:a7:1f:ec:b5:2b:8c:14:c7:8d:b8:48:9a:e0:67:00:5b:
d8:b0:93:54:2f:d9:8b:30:43:6a:61:ab:50:29:78:15:4c:da:
5e:04:d6:3e:86:7c:bb:e6:3e:a6:5a:3e:e1:0f:e7:24:3f:c4:
12:76:82:88:54:52:a0:5e:78:61:91:6d:09:d2:aa:e0:84:a3:
cd:3e:69:1f:3c:39:51:76:31:d4:59:6c:a0:a7:28:a7:96:b0:
30:30:a2:1a:b2:dd:f6:43:ca:20:ad:86:bd:aa:ca:85:37:67:
cb:89:45:13:5c:be:1e:c9:1c:46:d8:b1:93:c3:d2:78:c9:04:
ef:33:8a:6e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYWw1iTLA42orTsEUTQoULgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTE0MTUxMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODk4MTQ0OGNlMmQ5ODE5ZGNjZmYxM2Y3MGZkMDhhZTUwMzM5ZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59JmqWIJfqrBhOo9/uRyNJ5W2Q1d
X6iBqrnWOGnvG42KUo+1q1N+XN1Rib50/x8qsmJZBCh0AVKogV+HhURCaxW0rlun
zVd6WcEKXbgHy9RLvsVY/YWbdcS3wxH5yj/qxV1mpSIPrSBAHTLltt9772ZgnHsn
sa9zOL5YuBvhGBqJfkHyuZsTBW3DwjDEzJHGRy4dS0Yj5itVbavqutRj36i+YGiR
fens1rg43jwa+QuzRY3RujmviAems7bQ3cTcE0UYP+rLdlFAOmWealkem0lhqFqx
duVt+PxhoXMQT+rALimvpJwuWUcnpwuWkjU5eXwJhkzbGGhC5TVbD8H+pwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGiYFEjOLZgZ3M/xP3D9CK5QM59fMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYUpnVVNNNHRtQm5jel9FX2NQMElybEF6bjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAVCAxAwQA
VCAzAwQAVCDVAwQAVCDYAwQBWNhCAwQBWNhqMAwDBABY2G0DBABY2G4DBAFY2N4w
DQYJKoZIhvcNAQELBQADggEBAA0rEoQsFV3xhN56ldElHlCyoBDa4bX5XS2jgGED
9W/uUIagCL/EkfPs+Gs8/Eoub3mGZApW22sSdiFnaas7GuE9iz1SYvug/k9LwmC2
rk3I9zX68BCOZcEE12HaC7v3U90KZ5Z/my66O0rMTJBb6EhSxiAg8F5vC+xsLciV
BTZcpx/stSuMFMeNuEia4GcAW9iwk1Qv2YswQ2phq1ApeBVM2l4E1j6GfLvmPqZa
PuEP5yQ/xBJ2gohUUqBeeGGRbQnSquCEo80+aR88OVF2MdRZbKCnKKeWsDAwohqy
3fZDyiCthr2qyoU3Z8uJRRNcvh7JHEbYsZPD0njJBO8zim4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:29 2024 by rpki-client on console-ams.rpki-client.org