Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aMjOfAKbIR2MQH7fGap9oy9BsRY.roa
File: aMjOfAKbIR2MQH7fGap9oy9BsRY.roa (raw, json)
Hash identifier: HJ5BvFNMOWbsNdz+EUUl5VvYUK6WgC3ZVIQENKrxlF8=
Subject key identifier: 68:C8:CE:7C:02:9B:21:1D:8C:40:7E:DF:19:AA:7D:A3:2F:41:B1:16
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018E0D5AD9A23BF0A74F0B105680DA60E82E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aMjOfAKbIR2MQH7fGap9oy9BsRY.roa
Signing time: Tue 05 Mar 2024 06:44:01 +0000
ROA not before: Tue 05 Mar 2024 06:44:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.26.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Mar 2024 09:20:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:5a:d9:a2:3b:f0:a7:4f:0b:10:56:80:da:60:e8:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 5 06:44:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68c8ce7c029b211d8c407edf19aa7da32f41b116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:09:b0:46:74:b5:d6:fe:fe:d6:25:8f:01:ec:
b1:3d:8f:56:f4:d1:a6:f2:56:3c:5e:21:d0:f0:30:
7b:b6:10:ba:4f:ec:c3:7c:c9:a7:c1:b3:5a:98:2c:
a6:fb:9d:a8:d7:fe:e2:3b:fa:22:68:92:c8:8c:19:
c4:ed:31:9c:83:f4:04:b8:6e:23:75:3a:2d:b1:91:
88:83:c4:ab:4f:7e:70:28:c2:1d:06:0e:5d:95:9a:
eb:ad:db:7d:ab:7b:42:7f:75:f1:5c:6f:4e:18:80:
b6:cd:d3:3f:af:7d:ac:54:3e:b2:64:f7:fa:d9:52:
9b:06:1f:03:1a:38:43:d3:a9:a7:f9:25:65:4e:02:
93:55:ab:63:52:e2:25:9c:98:3b:1a:a0:e5:30:07:
f3:07:ff:6c:88:fa:85:3c:b4:a5:aa:28:70:73:7b:
fd:cb:c9:8c:75:55:c6:32:5b:2f:6e:8a:23:16:37:
47:43:1f:4b:f1:af:7b:d2:92:3a:21:1c:03:da:01:
bb:8c:7d:f1:5c:8e:11:ff:f3:41:ef:6e:d7:7a:3c:
89:56:03:d4:e1:f8:7d:09:e9:a8:e6:20:19:e1:f6:
6a:6d:43:03:f2:1f:0e:46:28:28:55:b3:8b:79:fa:
7f:b9:ae:f9:5a:f6:e6:18:82:52:79:81:a8:17:b3:
2d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C8:CE:7C:02:9B:21:1D:8C:40:7E:DF:19:AA:7D:A3:2F:41:B1:16
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aMjOfAKbIR2MQH7fGap9oy9BsRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.188.0/22
88.216.211.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
6d:c7:69:ec:86:ee:72:fe:4a:61:60:ef:65:fe:6d:53:ca:93:
c0:dd:4a:42:1b:13:69:ca:cc:13:5a:32:e5:01:f8:a9:9f:e0:
49:06:fa:02:1b:da:7b:6c:3b:39:00:bb:8e:d5:5e:a7:4b:00:
39:4a:84:5f:c9:50:1d:ee:17:53:1f:a0:63:fa:46:28:5a:42:
82:a0:18:0a:3e:8e:3c:99:d0:f8:c4:79:d7:64:93:9f:77:a4:
bc:23:e5:c5:4e:05:b7:61:e7:62:80:0d:ac:3e:06:92:31:d9:
ae:0e:b1:c8:bc:e6:a0:71:57:d5:65:56:0d:0a:eb:5d:45:92:
36:f7:d5:9f:bf:b5:66:61:81:14:fe:29:ad:8f:12:8e:93:99:
3b:c6:9e:83:dd:26:eb:c2:2b:78:a0:4b:72:95:27:0c:7b:eb:
5b:82:49:b8:5d:dc:2b:2e:d4:25:f6:c4:17:92:05:7d:af:c6:
fb:20:1b:3d:ab:9d:dd:79:ff:c4:bf:c1:66:67:a6:91:55:21:
c0:25:26:ed:6a:bb:3c:cc:c3:8f:15:73:42:99:10:1b:26:08:
96:6e:18:8c:9b:d3:96:a9:4d:e2:f3:e5:b5:fd:fd:fd:a1:56:
0f:ea:1a:d5:72:c4:a8:16:76:95:e6:5e:6f:48:82:15:05:d5:
d2:98:75:87
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAY4NWtmiO/CnTwsQVoDaYOguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMzA1MDY0NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGM4Y2U3YzAyOWIyMTFkOGM0MDdlZGYxOWFhN2RhMzJmNDFiMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAmwRnS11v7+1iWPAeyxPY9W9NGm
8lY8XiHQ8DB7thC6T+zDfMmnwbNamCym+52o1/7iO/oiaJLIjBnE7TGcg/QEuG4j
dTotsZGIg8SrT35wKMIdBg5dlZrrrdt9q3tCf3XxXG9OGIC2zdM/r32sVD6yZPf6
2VKbBh8DGjhD06mn+SVlTgKTVatjUuIlnJg7GqDlMAfzB/9siPqFPLSlqihwc3v9
y8mMdVXGMlsvboojFjdHQx9L8a970pI6IRwD2gG7jH3xXI4R//NB727XejyJVgPU
4fh9Cemo5iAZ4fZqbUMD8h8ORigoVbOLefp/ua75WvbmGIJSeYGoF7MtXQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFGjIznwCmyEdjEB+3xmqfaMvQbEWMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYU1qT2ZBS2JJUjJNUUg3ZkdhcDlveTlCc1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwejAMAwQA
VCAHAwQAVCAIMAwDBAJUIBQDBAJUIBgDBAFUIC4DBABUIF8DBAJUIJQDBAFUIK4D
BAFUINYDBAJUIPQDBAFY2BYDBAFY2CwDBABY2F0wDAMEAVjYggMEAFjYhAMEAVjY
hgMEAljYvDAMAwQAWNjTAwQDWNjQMA0GCSqGSIb3DQEBCwUAA4IBAQBtx2nshu5y
/kphYO9l/m1TypPA3UpCGxNpyswTWjLlAfipn+BJBvoCG9p7bDs5ALuO1V6nSwA5
SoRfyVAd7hdTH6Bj+kYoWkKCoBgKPo48mdD4xHnXZJOfd6S8I+XFTgW3YedigA2s
PgaSMdmuDrHIvOagcVfVZVYNCutdRZI299Wfv7VmYYEU/imtjxKOk5k7xp6D3Sbr
wit4oEtylScMe+tbgkm4XdwrLtQl9sQXkgV9r8b7IBs9q53def/Ev8FmZ6aRVSHA
JSbtars8zMOPFXNCmRAbJgiWbhiMm9OWqU3i8+W1/f39oVYP6hrVcsSoFnaV5l5v
SIIVBdXSmHWH
-----END CERTIFICATE-----
Generated at Thu Mar 7 13:55:43 2024 by rpki-client on console-fra.rpki-client.org