Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/cMYWOGZFvWrt-9wpdajcRdjXgIk.roa
File: cMYWOGZFvWrt-9wpdajcRdjXgIk.roa (raw, json)
Hash identifier: W9AJVLWhVwX8KQSA8Xhk+/l2VKhRqyk85IOnQDBmbZM=
Subject key identifier: 70:C6:16:38:66:45:BD:6A:ED:FB:DC:29:75:A8:DC:45:D8:D7:80:89
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01876501B1A58E134B0E005B0E540A7263BF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/cMYWOGZFvWrt-9wpdajcRdjXgIk.roa
Signing time: Sun 09 Apr 2023 07:53:42 +0000
ROA not before: Sun 09 Apr 2023 07:53:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Apr 2023 11:02:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:65:01:b1:a5:8e:13:4b:0e:00:5b:0e:54:0a:72:63:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 9 07:53:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70c616386645bd6aedfbdc2975a8dc45d8d78089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9e:6a:54:5c:87:fe:c8:81:86:81:bd:03:39:
df:29:5c:b3:63:60:0c:7f:67:cd:23:b8:ee:14:1f:
57:a5:d7:ac:8a:62:87:92:2e:db:70:45:ba:e1:82:
1f:24:76:1c:6d:ca:a0:d1:42:18:61:4c:c2:76:29:
84:f7:51:a8:69:25:f5:10:5a:49:9b:f6:2d:ca:9d:
d6:09:c1:cf:a2:b4:03:22:66:a4:80:33:dc:09:88:
6e:88:70:01:09:80:2a:5d:66:13:e2:8f:d1:19:e6:
34:44:7c:d4:db:39:d8:a0:5f:7d:c6:08:ca:6f:0b:
25:c8:be:58:a1:0c:06:57:ce:86:2a:18:9d:13:db:
67:46:08:15:7a:c8:4d:fa:47:9f:42:d3:e6:f5:e8:
5c:43:20:a0:b4:87:14:94:82:6e:8c:9d:44:af:a0:
0f:81:bb:97:cb:c4:4a:8a:69:64:73:ed:8c:70:86:
f5:4f:c7:c4:7b:e1:25:07:36:09:76:1a:44:39:0e:
90:ef:4f:e2:9c:5c:10:61:b7:55:d2:f2:e8:e0:e8:
d3:1c:bd:de:22:41:41:fc:c6:33:e7:44:63:76:20:
35:33:14:84:97:3a:a9:3d:80:95:79:62:56:62:c1:
41:0e:6a:cc:44:a4:73:3b:3f:f4:f9:bf:3e:5a:f8:
37:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C6:16:38:66:45:BD:6A:ED:FB:DC:29:75:A8:DC:45:D8:D7:80:89
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/cMYWOGZFvWrt-9wpdajcRdjXgIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.44.0/24
84.32.47.0/24
84.32.66.0/24
84.32.68.0/24
84.32.90.0/24
84.32.225.0/24
88.216.95.0/24
88.216.103.0/24
Signature Algorithm: sha256WithRSAEncryption
26:79:35:d5:76:e2:dd:21:ca:91:a8:6a:b0:4a:8a:a1:fc:80:
8e:8f:59:4d:29:01:18:13:5a:40:f2:13:19:9e:cc:3f:18:0f:
cb:7b:4f:7a:27:64:b4:91:36:ca:77:ad:2a:70:9d:24:0c:c1:
13:8f:07:a2:d2:b7:90:60:60:9d:44:e1:45:4f:ab:34:a1:d8:
42:15:3d:6c:1c:56:76:d8:ac:0b:65:36:a4:2b:07:e0:2d:06:
c3:ce:2f:61:c0:40:b9:b0:f4:5e:51:e9:6a:0b:91:30:c0:55:
c9:88:21:25:9f:1e:8e:67:44:03:9f:ab:15:2c:38:bd:1e:c4:
fb:86:ae:95:3a:10:27:1a:aa:04:e7:f7:a8:ea:0e:dd:d2:39:
eb:72:ee:6b:1a:31:af:7c:02:0f:39:37:71:1a:38:18:18:4a:
01:6e:fb:18:ba:09:65:89:47:2a:12:1c:96:f6:53:ac:17:3d:
94:e9:36:be:18:21:5e:0c:33:44:0e:f2:bd:8b:fc:81:76:c4:
b8:03:36:f5:8f:8a:3d:ad:1f:f2:a5:48:35:d2:13:bb:0d:32:
70:e1:c2:55:a0:4a:70:b5:52:74:7d:e8:71:04:f5:70:f5:95:
a1:90:9d:21:97:39:ab:4a:03:8c:53:98:83:3e:70:dd:d6:c3:
30:07:11:52
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYdlAbGljhNLDgBbDlQKcmO/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDA5MDc1MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM2MTYzODY2NDViZDZhZWRmYmRjMjk3NWE4ZGM0NWQ4ZDc4MDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt55qVFyH/siBhoG9AznfKVyzY2AM
f2fNI7juFB9XpdesimKHki7bcEW64YIfJHYcbcqg0UIYYUzCdimE91GoaSX1EFpJ
m/Ytyp3WCcHPorQDImakgDPcCYhuiHABCYAqXWYT4o/RGeY0RHzU2znYoF99xgjK
bwslyL5YoQwGV86GKhidE9tnRggVeshN+kefQtPm9ehcQyCgtIcUlIJujJ1Er6AP
gbuXy8RKimlkc+2McIb1T8fEe+ElBzYJdhpEOQ6Q70/inFwQYbdV0vLo4OjTHL3e
IkFB/MYz50RjdiA1MxSElzqpPYCVeWJWYsFBDmrMRKRzOz/0+b8+Wvg3SQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHDGFjhmRb1q7fvcKXWo3EXY14CJMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvY01ZV09HWkZ2V3J0LTl3cGRhamNSZGpYZ0lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVCAsAwQA
VCAvAwQAVCBCAwQAVCBEAwQAVCBaAwQAVCDhAwQAWNhfAwQAWNhnMA0GCSqGSIb3
DQEBCwUAA4IBAQAmeTXVduLdIcqRqGqwSoqh/ICOj1lNKQEYE1pA8hMZnsw/GA/L
e096J2S0kTbKd60qcJ0kDMETjwei0reQYGCdROFFT6s0odhCFT1sHFZ22KwLZTak
KwfgLQbDzi9hwEC5sPReUelqC5EwwFXJiCElnx6OZ0QDn6sVLDi9HsT7hq6VOhAn
GqoE5/eo6g7d0jnrcu5rGjGvfAIPOTdxGjgYGEoBbvsYuglliUcqEhyW9lOsFz2U
6Ta+GCFeDDNEDvK9i/yBdsS4Azb1j4o9rR/ypUg10hO7DTJw4cJVoEpwtVJ0fehx
BPVw9ZWhkJ0hlzmrSgOMU5iDPnDd1sMwBxFS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org