Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dczmDh8r4TLrZfFgjOm8gA4L-LA.roa
File: dczmDh8r4TLrZfFgjOm8gA4L-LA.roa (raw, json)
Hash identifier: xQ4Pb5/iy5ZnqF2oHUd76Doloj9vsl2iitiA2V7DlG0=
Subject key identifier: 75:CC:E6:0E:1F:2B:E1:32:EB:65:F1:60:8C:E9:BC:80:0E:0B:F8:B0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186257155A73BD59BECAF25297E8C7D5D4C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dczmDh8r4TLrZfFgjOm8gA4L-LA.roa
Signing time: Mon 06 Feb 2023 06:37:09 +0000
ROA not before: Mon 06 Feb 2023 06:37:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 84.32.65.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.29.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.241.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
84.32.45.0/24 maxlen: 24
88.216.105.0/24 maxlen: 24
84.32.211.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
88.216.221.0/24 maxlen: 24
84.32.155.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:25:71:55:a7:3b:d5:9b:ec:af:25:29:7e:8c:7d:5d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 6 06:37:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75cce60e1f2be132eb65f1608ce9bc800e0bf8b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f7:b5:dc:f4:72:b0:3c:c0:a4:2b:32:2a:57:
26:ca:f4:1e:de:cb:93:46:25:41:10:df:b6:c8:80:
32:10:a7:2b:1c:d1:15:07:1e:8f:0e:c0:67:08:2e:
8c:b5:56:4e:bb:d4:e8:31:8a:0f:6e:fb:06:8e:68:
64:0b:9d:e1:86:c4:ab:9b:21:d4:ce:92:bf:3b:4e:
21:81:bb:3a:9e:b4:00:2d:ab:0c:b0:d0:60:ba:73:
96:d5:af:36:09:3a:02:aa:9a:9e:2c:3d:6c:4e:99:
39:8a:a0:8e:f6:6c:d3:3f:07:85:4c:91:2e:86:65:
72:16:17:5e:78:d0:e0:32:c3:1c:d6:12:e7:ea:96:
15:53:6f:98:02:75:58:86:4d:08:8c:59:4b:79:4f:
6f:73:cf:31:2d:0f:5f:e7:d1:2b:c2:57:80:6d:d5:
55:f0:0c:32:4c:5e:2d:0e:67:0e:e7:14:26:8b:e8:
fa:cd:04:fa:a7:e6:5d:4f:96:4f:63:ae:b2:66:f2:
47:28:3a:c0:33:fb:f8:14:c4:27:5e:a9:11:6e:20:
33:b0:53:45:3e:16:8d:c1:ad:cc:03:53:8f:9c:18:
89:08:88:b0:f4:1e:49:07:d8:12:a7:e4:0c:87:cf:
4d:7d:d9:55:3d:02:34:a3:f2:f0:4b:ed:27:ad:98:
bb:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:CC:E6:0E:1F:2B:E1:32:EB:65:F1:60:8C:E9:BC:80:0E:0B:F8:B0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dczmDh8r4TLrZfFgjOm8gA4L-LA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.29.0-84.32.30.255
84.32.45.0/24
84.32.65.0/24
84.32.76.0/23
84.32.79.0/24
84.32.89.0/24
84.32.92.0/24
84.32.94.0/24
84.32.155.0/24
84.32.210.0-84.32.212.255
84.32.241.0/24
84.32.243.0/24
88.216.105.0/24
88.216.131.0/24
88.216.134.0/24
88.216.190.0/23
88.216.198.0/24
88.216.211.0/24
88.216.221.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:f5:63:a6:28:32:9c:35:57:c9:1b:7f:28:fd:05:0f:4f:86:
57:cf:5f:e2:6a:37:b1:b9:25:05:78:ee:1a:17:78:e6:16:ef:
7f:94:fa:d9:8f:5c:03:87:ce:17:b6:3e:04:a4:f4:f9:54:99:
04:99:65:87:5a:c7:0b:ee:81:5a:a0:53:35:40:b3:f0:a9:a1:
17:e4:17:41:13:91:66:91:bb:a5:2b:52:97:39:d1:53:c9:ce:
2c:c2:ef:9e:84:49:44:e0:ab:8f:76:70:3b:3b:a0:eb:60:f5:
cc:49:0d:f2:a4:ff:18:a2:99:ed:49:d8:bc:0d:54:9f:34:b5:
39:ff:31:c2:08:ae:25:09:17:ac:6d:5c:ca:e8:8e:ba:6c:90:
c4:e6:c4:91:dc:93:8b:97:90:a6:c4:50:50:08:72:da:ff:f4:
f1:43:f8:13:ee:71:c3:6e:9e:9c:6c:51:ff:80:ba:db:06:34:
d0:0b:23:07:78:3f:e2:eb:b4:b8:fe:d6:54:d5:a9:ab:0b:4b:
fc:d1:99:2d:16:bf:8f:a2:0a:65:b9:44:e1:c1:6a:98:10:60:
e3:62:f1:1e:c2:9e:65:80:b9:8c:11:6e:e6:a9:9f:86:43:04:
d3:40:94:b4:57:0d:c5:ab:70:b1:13:9f:5f:67:f7:30:61:fa:
83:61:ad:11
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYYlcVWnO9Wb7K8lKX6MfV1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjA2MDYzNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWNjZTYwZTFmMmJlMTMyZWI2NWYxNjA4Y2U5YmM4MDBlMGJmOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfe13PRysDzApCsyKlcmyvQe3suT
RiVBEN+2yIAyEKcrHNEVBx6PDsBnCC6MtVZOu9ToMYoPbvsGjmhkC53hhsSrmyHU
zpK/O04hgbs6nrQALasMsNBgunOW1a82CToCqpqeLD1sTpk5iqCO9mzTPweFTJEu
hmVyFhdeeNDgMsMc1hLn6pYVU2+YAnVYhk0IjFlLeU9vc88xLQ9f59ErwleAbdVV
8AwyTF4tDmcO5xQmi+j6zQT6p+ZdT5ZPY66yZvJHKDrAM/v4FMQnXqkRbiAzsFNF
PhaNwa3MA1OPnBiJCIiw9B5JB9gSp+QMh89NfdlVPQI0o/LwS+0nrZi7RQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFHXM5g4fK+Ey62XxYIzpvIAOC/iwMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZGN6bURoOHI0VExyWmZGZ2pPbThnQTRMLUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIwDAME
AFQgHQMEAFQgHgMEAFQgLQMEAFQgQQMEAVQgTAMEAFQgTwMEAFQgWQMEAFQgXAME
AFQgXgMEAFQgmzAMAwQBVCDSAwQAVCDUAwQAVCDxAwQAVCDzAwQAWNhpAwQAWNiD
AwQAWNiGAwQBWNi+AwQAWNjGAwQAWNjTAwQAWNjdMA0GCSqGSIb3DQEBCwUAA4IB
AQCb9WOmKDKcNVfJG38o/QUPT4ZXz1/iajexuSUFeO4aF3jmFu9/lPrZj1wDh84X
tj4EpPT5VJkEmWWHWscL7oFaoFM1QLPwqaEX5BdBE5FmkbulK1KXOdFTyc4swu+e
hElE4KuPdnA7O6DrYPXMSQ3ypP8YopntSdi8DVSfNLU5/zHCCK4lCResbVzK6I66
bJDE5sSR3JOLl5CmxFBQCHLa//TxQ/gT7nHDbp6cbFH/gLrbBjTQCyMHeD/i67S4
/tZU1amrC0v80ZktFr+PogpluUThwWqYEGDjYvEewp5lgLmMEW7mqZ+GQwTTQJS0
Vw3Fq3CxE59fZ/cwYfqDYa0R
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:49 2023 by rpki-client on console-fra.rpki-client.org