Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/eqvI9ijNJNq5FHfTQSz8pAMhvRg.roa
File: eqvI9ijNJNq5FHfTQSz8pAMhvRg.roa (raw, json)
Hash identifier: vamPT2LWwzbkBKMoLxDeKlvANx4Jzq1CRzZ02Dgi7uY=
Subject key identifier: 7A:AB:C8:F6:28:CD:24:DA:B9:14:77:D3:41:2C:FC:A4:03:21:BD:18
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01893EA9E9D62F4DAB27C500DB0110051B5C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/eqvI9ijNJNq5FHfTQSz8pAMhvRg.roa
Signing time: Mon 10 Jul 2023 07:17:50 +0000
ROA not before: Mon 10 Jul 2023 07:17:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 84.32.76.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
84.32.211.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
84.32.26.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jul 2023 18:15:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:a9:e9:d6:2f:4d:ab:27:c5:00:db:01:10:05:1b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 10 07:17:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7aabc8f628cd24dab91477d3412cfca40321bd18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4b:6b:85:5b:c0:3c:7d:4d:8d:3f:df:b0:1d:
e8:e7:2f:70:9d:47:dc:31:15:15:fc:78:fe:0f:6a:
12:e2:ab:8f:33:3e:70:99:02:0b:c1:bd:b2:a8:69:
8d:fe:e2:5e:be:27:8a:f1:b3:f4:75:ad:00:da:9f:
ed:02:13:6a:2b:6c:b0:ba:99:65:e0:48:85:11:c5:
5f:0a:ec:0f:a7:ba:8f:d1:e8:97:20:86:bb:05:03:
6b:2e:d0:5a:53:60:a4:4d:d7:6e:44:c8:c0:03:23:
b5:19:26:46:4a:bf:e3:8c:93:2a:c0:fc:b5:ee:a8:
88:75:41:07:2d:01:34:78:18:a2:3d:0a:dd:7f:d6:
44:39:fe:fb:b2:d8:a4:cc:c2:d2:a4:25:93:06:65:
1c:0d:ba:0b:7b:03:20:0d:04:28:f8:ef:f4:ef:d0:
c2:5d:41:76:81:a4:2d:74:9c:ce:47:8f:b5:d1:85:
d9:a0:dc:66:39:bc:09:1d:92:58:bb:26:64:a6:04:
df:97:fc:e3:cc:e3:c3:a6:b7:50:df:7f:42:b6:2d:
bc:06:08:38:9f:b7:ff:07:53:21:4d:74:b2:71:45:
6f:a7:95:46:1c:3c:fd:f6:bd:cf:4c:1b:c1:3e:09:
5b:4c:ed:e2:00:33:31:7f:2c:ca:7e:0d:8e:8b:a3:
61:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:AB:C8:F6:28:CD:24:DA:B9:14:77:D3:41:2C:FC:A4:03:21:BD:18
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/eqvI9ijNJNq5FHfTQSz8pAMhvRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.26.0/24
84.32.76.0/24
84.32.79.0/24
84.32.210.0/23
84.32.243.0/24
84.32.255.0/24
88.216.190.0/23
88.216.198.0/24
88.216.211.0/24
Signature Algorithm: sha256WithRSAEncryption
06:be:e8:b6:e2:2a:2a:0d:21:86:e5:73:26:32:b6:c3:06:e7:
b9:ff:87:09:fd:9a:7f:71:71:6f:f9:1c:a3:b4:20:10:5e:83:
61:ca:bb:62:cb:5c:8d:3d:13:27:7a:cb:4b:c2:a1:c9:bc:77:
f9:7c:3e:18:34:98:39:7e:86:84:0e:e9:3b:c9:1b:bb:19:e3:
d2:f3:ab:37:50:38:9a:a3:89:89:ba:4d:41:13:60:06:36:9d:
35:e8:1f:b2:ce:ba:74:1d:9a:0f:47:02:ea:06:19:f3:5e:24:
ba:26:74:45:63:ed:b8:8a:30:91:49:41:24:ab:3a:1f:12:2e:
7d:bb:ba:5e:b3:ae:53:89:51:cd:15:a4:bf:d7:fb:4a:3e:ac:
6a:f8:ce:73:38:72:55:b5:88:57:26:c2:af:04:11:0b:c8:7c:
c0:74:30:bb:b2:77:50:02:22:fc:33:7b:56:a5:fb:39:6d:85:
32:0e:45:e7:4f:e7:ac:b0:2a:8b:f9:ec:4f:42:36:3e:ae:af:
26:92:ee:27:88:f1:ac:93:d7:61:61:9e:e7:ff:fb:2a:ad:a3:
03:f6:86:5e:7c:71:e0:2a:94:50:bd:e8:f8:91:dc:97:45:c3:
e7:a2:fb:d0:4e:9b:af:b9:20:de:5d:69:14:f7:f0:af:4a:d8:
30:d1:bf:2b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYk+qenWL02rJ8UA2wEQBRtcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNzEwMDcxNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWFiYzhmNjI4Y2QyNGRhYjkxNDc3ZDM0MTJjZmNhNDAzMjFiZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEtrhVvAPH1NjT/fsB3o5y9wnUfc
MRUV/Hj+D2oS4quPMz5wmQILwb2yqGmN/uJevieK8bP0da0A2p/tAhNqK2ywupll
4EiFEcVfCuwPp7qP0eiXIIa7BQNrLtBaU2CkTdduRMjAAyO1GSZGSr/jjJMqwPy1
7qiIdUEHLQE0eBiiPQrdf9ZEOf77stikzMLSpCWTBmUcDboLewMgDQQo+O/079DC
XUF2gaQtdJzOR4+10YXZoNxmObwJHZJYuyZkpgTfl/zjzOPDprdQ339Cti28Bgg4
n7f/B1MhTXSycUVvp5VGHDz99r3PTBvBPglbTO3iADMxfyzKfg2Oi6Nh/QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHqryPYozSTauRR300Es/KQDIb0YMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZXF2STlpak5KTnE1RkhmVFFTejhwQU1odlJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVCAaAwQA
VCBMAwQAVCBPAwQBVCDSAwQAVCDzAwQAVCD/AwQBWNi+AwQAWNjGAwQAWNjTMA0G
CSqGSIb3DQEBCwUAA4IBAQAGvui24ioqDSGG5XMmMrbDBue5/4cJ/Zp/cXFv+Ryj
tCAQXoNhyrtiy1yNPRMnestLwqHJvHf5fD4YNJg5foaEDuk7yRu7GePS86s3UDia
o4mJuk1BE2AGNp016B+yzrp0HZoPRwLqBhnzXiS6JnRFY+24ijCRSUEkqzofEi59
u7pes65TiVHNFaS/1/tKPqxq+M5zOHJVtYhXJsKvBBELyHzAdDC7sndQAiL8M3tW
pfs5bYUyDkXnT+essCqL+exPQjY+rq8mku4niPGsk9dhYZ7n//sqraMD9oZefHHg
KpRQvej4kdyXRcPnovvQTpuvuSDeXWkU9/CvStgw0b8r
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:30 2024 by rpki-client on console-ams.rpki-client.org