Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/avAnuBvs5YoEAJpggOLAUk7GOcg.roa
File: avAnuBvs5YoEAJpggOLAUk7GOcg.roa (raw, json)
Hash identifier: HjbhQCaPumrM+9Tb2b+TCsqUYykfuFXuzOKhLwOw0ps=
Subject key identifier: 6A:F0:27:B8:1B:EC:E5:8A:04:00:9A:60:80:E2:C0:52:4E:C6:39:C8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01867440524B3D0B2063383B25B33F4FABD9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/avAnuBvs5YoEAJpggOLAUk7GOcg.roa
Signing time: Tue 21 Feb 2023 13:53:37 +0000
ROA not before: Tue 21 Feb 2023 13:53:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 84.32.71.0/24 maxlen: 24
88.216.199.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
84.32.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Feb 2023 07:24:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:40:52:4b:3d:0b:20:63:38:3b:25:b3:3f:4f:ab:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 21 13:53:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6af027b81bece58a04009a6080e2c0524ec639c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f1:76:fe:f0:0f:54:29:a2:aa:ed:db:c2:55:
a4:26:cb:52:49:e9:0a:85:0b:de:49:75:fc:4e:f1:
8b:bd:96:a8:33:7f:b0:6c:06:dd:29:7c:70:99:e4:
5f:a4:b4:07:41:ac:bb:13:03:0c:5d:39:74:bc:9e:
1e:20:28:8f:2c:1b:c2:aa:77:97:31:03:fa:ef:f8:
a8:fd:6f:17:b8:c9:22:2e:ba:16:1c:a2:47:e5:23:
79:25:3b:e4:3e:4d:3b:98:06:8d:ad:f0:2e:37:f9:
2b:19:98:ed:2e:46:9c:66:93:54:c2:0e:03:8d:12:
49:f0:1b:0d:08:93:70:49:3f:30:a1:e3:f7:70:12:
ea:19:ef:11:da:8a:63:4b:1b:ad:75:00:ac:a4:0d:
31:50:ef:fb:7b:c4:a7:fb:60:b2:c8:54:f8:3c:30:
43:0a:f1:ce:25:bd:5a:73:50:37:87:65:c7:a5:05:
ee:04:f9:09:75:76:2a:49:2b:d8:f3:c0:af:79:91:
98:42:e6:2c:45:ee:0b:93:30:b9:1f:fc:48:32:3f:
53:b2:1e:2c:e5:de:a4:60:1e:e7:76:f4:b9:81:11:
0f:99:29:47:31:82:f7:a7:33:34:89:2a:f6:95:ab:
8c:ad:ab:a0:5a:c2:73:7f:21:3c:81:e6:fa:dc:a1:
b0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F0:27:B8:1B:EC:E5:8A:04:00:9A:60:80:E2:C0:52:4E:C6:39:C8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/avAnuBvs5YoEAJpggOLAUk7GOcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.50.0/24
84.32.71.0/24
84.32.88.0/24
84.32.150.0/23
84.32.232.0/24
84.32.245.0/24
88.216.3.0/24
88.216.92.0/24
88.216.199.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:01:21:b7:f9:1a:3d:44:74:4f:2a:75:50:cd:d9:d9:97:83:
8f:49:2d:a2:92:0f:c1:b3:68:9b:1b:91:ae:e8:ad:2e:53:5b:
93:26:bb:8a:18:13:cd:12:21:24:3d:a2:5f:6c:ba:03:94:67:
f6:33:78:3d:55:8d:0e:b4:e7:17:eb:04:b9:5a:7d:92:5b:14:
42:43:27:d4:a6:a4:bb:e4:de:e5:40:26:16:79:bf:ed:b3:7a:
ac:79:2a:e8:97:0f:b8:0e:26:59:9d:a5:a7:a4:3a:86:3d:b1:
86:a3:6f:c6:4c:58:58:98:c3:24:b2:67:8c:56:7f:69:22:6b:
af:72:6e:4a:3d:f7:91:5b:ea:ba:09:dc:5d:12:64:fe:9f:7a:
db:ef:2c:2f:96:f8:40:2e:02:cc:2b:2f:83:0c:6d:b8:ec:bc:
ae:92:f3:e0:7c:3d:49:1a:28:19:4c:24:7e:f8:46:52:78:42:
29:01:83:29:98:8f:8f:94:58:df:1e:f0:44:b8:25:a0:3d:93:
3d:b2:dc:31:b0:78:81:66:fb:c5:ab:29:97:d4:cc:35:ef:11:
cc:dd:86:49:3a:dc:be:f0:13:9f:26:44:e0:89:1b:0d:b1:59:
51:3d:3a:bd:cd:95:8a:30:0b:9f:4b:aa:50:03:4c:da:1b:ae:
fa:ec:4f:6f
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYZ0QFJLPQsgYzg7JbM/T6vZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIxMTM1MzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWYwMjdiODFiZWNlNThhMDQwMDlhNjA4MGUyYzA1MjRlYzYzOWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPF2/vAPVCmiqu3bwlWkJstSSekK
hQveSXX8TvGLvZaoM3+wbAbdKXxwmeRfpLQHQay7EwMMXTl0vJ4eICiPLBvCqneX
MQP67/io/W8XuMkiLroWHKJH5SN5JTvkPk07mAaNrfAuN/krGZjtLkacZpNUwg4D
jRJJ8BsNCJNwST8woeP3cBLqGe8R2opjSxutdQCspA0xUO/7e8Sn+2CyyFT4PDBD
CvHOJb1ac1A3h2XHpQXuBPkJdXYqSSvY88CveZGYQuYsRe4LkzC5H/xIMj9Tsh4s
5d6kYB7ndvS5gREPmSlHMYL3pzM0iSr2lauMraugWsJzfyE8geb63KGwlwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFGrwJ7gb7OWKBACaYIDiwFJOxjnIMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYXZBbnVCdnM1WW9FQUpwZ2dPTEFVazdHT2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAVCAIAwQA
VCAKAwQAVCAyAwQAVCBHAwQAVCBYAwQBVCCWAwQAVCDoAwQAVCD1AwQAWNgDAwQA
WNhcAwQAWNjHMA0GCSqGSIb3DQEBCwUAA4IBAQA7ASG3+Ro9RHRPKnVQzdnZl4OP
SS2ikg/Bs2ibG5Gu6K0uU1uTJruKGBPNEiEkPaJfbLoDlGf2M3g9VY0OtOcX6wS5
Wn2SWxRCQyfUpqS75N7lQCYWeb/ts3qseSrolw+4DiZZnaWnpDqGPbGGo2/GTFhY
mMMksmeMVn9pImuvcm5KPfeRW+q6CdxdEmT+n3rb7ywvlvhALgLMKy+DDG247Lyu
kvPgfD1JGigZTCR++EZSeEIpAYMpmI+PlFjfHvBEuCWgPZM9stwxsHiBZvvFqymX
1Mw17xHM3YZJOty+8BOfJkTgiRsNsVlRPTq9zZWKMAufS6pQA0zaG6767E9v
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:29 2024 by rpki-client on console-ams.rpki-client.org