Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/em1N1ezSvfORlNUi0CJacwF_RZo.roa
File: em1N1ezSvfORlNUi0CJacwF_RZo.roa (raw, json)
Hash identifier: M/z+NqEfksvJWAsn1Yw5N21GbX2CGOLqaIFts7VeZ7g=
Subject key identifier: 7A:6D:4D:D5:EC:D2:BD:F3:91:94:D5:22:D0:22:5A:73:01:7F:45:9A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019006FA71477958093C12B7E3C77C67941C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/em1N1ezSvfORlNUi0CJacwF_RZo.roa
Signing time: Tue 11 Jun 2024 11:06:34 +0000
ROA not before: Tue 11 Jun 2024 11:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 84.32.56.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.184.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 10:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:fa:71:47:79:58:09:3c:12:b7:e3:c7:7c:67:94:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 11 11:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a6d4dd5ecd2bdf39194d522d0225a73017f459a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9a:24:06:5b:89:92:39:8f:6a:23:c2:cc:c3:
ab:98:8b:8a:d2:e1:92:48:18:e2:55:d5:6f:87:e6:
b8:83:25:e2:c6:c0:1a:c4:f0:7b:35:d9:01:7c:03:
ea:7b:12:00:ce:81:ff:b8:bc:cf:85:2d:9c:2a:d1:
85:95:93:16:eb:bc:a5:74:6f:9a:69:ce:bf:b2:af:
76:85:f6:d5:52:f9:54:8b:e6:f2:76:c3:f2:cb:c4:
0d:d5:f3:9d:67:dd:c7:6b:5c:57:78:8b:f4:17:02:
92:4d:84:70:1a:6d:0b:ac:18:31:05:0c:7c:e4:34:
40:25:73:b3:e4:68:f8:5a:a7:df:d5:d6:5b:33:b1:
38:0c:35:0f:1e:38:b6:4b:db:c8:4b:b6:77:8a:cb:
aa:66:5b:e8:dc:58:13:8f:dc:c5:d9:97:11:18:4e:
82:2d:9f:5b:3c:58:06:2e:8d:66:5e:63:4c:d8:ef:
3d:58:6e:f6:8c:51:10:2a:51:09:7e:a2:fe:df:79:
f6:a2:6b:4f:37:f8:f1:58:61:66:83:59:24:3c:44:
dc:02:0a:10:4b:2b:70:f5:07:4f:e5:d0:20:9e:62:
1c:46:12:e9:41:64:ab:9f:c5:4a:43:65:95:69:d5:
c9:e6:09:0b:df:43:1f:40:eb:73:cd:ee:8c:f7:51:
f7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:6D:4D:D5:EC:D2:BD:F3:91:94:D5:22:D0:22:5A:73:01:7F:45:9A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/em1N1ezSvfORlNUi0CJacwF_RZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.56.0/24
88.216.20.0/23
88.216.103.0/24
88.216.181.0/24
88.216.184.0/23
88.216.211.0-88.216.213.255
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
01:96:8b:38:6a:8a:06:20:2c:df:4c:60:f5:62:e3:b3:b1:38:
35:68:e9:73:eb:67:7a:ed:d3:35:9b:73:ac:40:e8:db:a2:c5:
17:70:f1:03:47:98:dd:6e:67:f2:4c:00:4e:60:ec:0e:22:77:
15:c3:52:24:83:64:01:19:8f:db:22:0b:00:fd:77:97:34:67:
a7:d2:bb:d7:1c:bd:09:83:18:d4:88:41:36:f2:80:27:f6:75:
5e:a2:3f:86:bb:41:b0:82:5b:fe:aa:34:9f:07:7f:3a:c4:01:
2d:b4:88:90:ad:e9:72:be:75:de:87:16:14:63:c9:82:43:cf:
61:8a:2c:c0:17:75:e3:7a:db:eb:6a:c5:9b:41:1f:79:1c:30:
f1:71:96:ff:02:7f:65:1f:23:a2:a0:b5:2b:c4:3e:ac:55:45:
0b:22:3d:44:0f:6c:59:27:2d:45:89:64:72:70:26:d2:98:5d:
64:81:e2:31:67:d8:ee:41:09:96:e6:02:9d:fb:3c:e4:b9:38:
40:07:1d:c6:b0:33:03:0d:99:94:cd:97:64:34:0c:bb:e7:86:
37:21:14:23:a9:fa:34:a1:ee:cc:9c:56:db:9b:86:0e:66:46:
b2:ee:bc:02:e5:c5:ff:99:72:e8:af:d2:f2:2a:03:3b:b1:59:
9e:53:5b:c6
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZAG+nFHeVgJPBK348d8Z5QcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNjExMTEwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTZkNGRkNWVjZDJiZGYzOTE5NGQ1MjJkMDIyNWE3MzAxN2Y0NTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZokBluJkjmPaiPCzMOrmIuK0uGS
SBjiVdVvh+a4gyXixsAaxPB7NdkBfAPqexIAzoH/uLzPhS2cKtGFlZMW67yldG+a
ac6/sq92hfbVUvlUi+bydsPyy8QN1fOdZ93Ha1xXeIv0FwKSTYRwGm0LrBgxBQx8
5DRAJXOz5Gj4Wqff1dZbM7E4DDUPHji2S9vIS7Z3isuqZlvo3FgTj9zF2ZcRGE6C
LZ9bPFgGLo1mXmNM2O89WG72jFEQKlEJfqL+33n2omtPN/jxWGFmg1kkPETcAgoQ
Sytw9QdP5dAgnmIcRhLpQWSrn8VKQ2WVadXJ5gkL30MfQOtzze6M91H3uwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHptTdXs0r3zkZTVItAiWnMBf0WaMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZW0xTjFlelN2Zk9SbE5VaTBDSmFjd0ZfUlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAVCA4AwQB
WNgUAwQAWNhnAwQAWNi1AwQBWNi4MAwDBABY2NMDBAFY2NQDBABY2NcwDQYJKoZI
hvcNAQELBQADggEBAAGWizhqigYgLN9MYPVi47OxODVo6XPrZ3rt0zWbc6xA6Nui
xRdw8QNHmN1uZ/JMAE5g7A4idxXDUiSDZAEZj9siCwD9d5c0Z6fSu9ccvQmDGNSI
QTbygCf2dV6iP4a7QbCCW/6qNJ8HfzrEAS20iJCt6XK+dd6HFhRjyYJDz2GKLMAX
deN62+tqxZtBH3kcMPFxlv8Cf2UfI6KgtSvEPqxVRQsiPUQPbFknLUWJZHJwJtKY
XWSB4jFn2O5BCZbmAp37POS5OEAHHcawMwMNmZTNl2Q0DLvnhjchFCOp+jSh7syc
Vtubhg5mRrLuvALlxf+Zcuiv0vIqAzuxWZ5TW8Y=
-----END CERTIFICATE-----
Generated at Thu Oct 24 12:46:46 2024 by rpki-client on console-fra.rpki-client.org