Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/f01l42uAhuvkPWvToCVK0oSu-Kk.roa
File: f01l42uAhuvkPWvToCVK0oSu-Kk.roa (raw, json)
Hash identifier: XXm4U92lC1tw3DPlFf2E0o5MmSHg5U/3rSPbJftGGmA=
Subject key identifier: 7F:4D:65:E3:6B:80:86:EB:E4:3D:6B:D3:A0:25:4A:D2:84:AE:F8:A9
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018745E2F51AD3D6DEFFB2236BB99155CE6C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/f01l42uAhuvkPWvToCVK0oSu-Kk.roa
Signing time: Mon 03 Apr 2023 06:51:54 +0000
ROA not before: Mon 03 Apr 2023 06:51:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.66.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Apr 2023 07:53:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:45:e2:f5:1a:d3:d6:de:ff:b2:23:6b:b9:91:55:ce:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 3 06:51:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f4d65e36b8086ebe43d6bd3a0254ad284aef8a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7c:c1:21:67:03:ea:8c:9e:5e:d6:61:15:a0:
9b:b3:b1:c5:16:42:27:53:89:07:4e:c3:cd:9c:80:
d8:df:c0:30:ed:f7:26:ae:40:96:31:01:3b:f0:3f:
c1:ec:92:8c:bb:23:25:4d:08:bc:48:58:21:3b:d3:
dd:c6:d8:4d:91:b7:38:80:42:5c:e4:3b:c1:18:87:
de:d0:8d:8b:97:a5:9f:8a:d2:81:cf:25:e4:4e:b4:
4c:d7:bb:35:ff:cd:b1:bb:ad:43:a1:12:39:af:84:
de:1c:5c:69:d9:8b:f2:45:b6:0a:09:49:0f:62:04:
7a:34:73:f7:43:72:82:6e:48:a3:13:16:16:b0:59:
64:50:cb:e1:ca:4e:e0:6f:59:a0:48:fe:19:ba:31:
4c:a7:9e:5e:77:8a:db:d1:2b:02:fa:ce:a2:07:44:
e9:50:ff:c0:f9:64:ba:78:65:dd:37:a1:48:5f:13:
00:f5:fe:a2:9f:5e:4c:d4:34:07:11:ce:50:88:a1:
46:0b:78:55:89:84:4d:d9:d9:4a:83:82:76:59:f4:
a2:a3:c7:67:16:cb:8e:92:f7:39:d2:97:16:ed:e9:
5b:63:37:39:16:37:d8:9f:12:75:c2:2e:de:4b:20:
5d:76:63:84:c8:98:a7:38:a5:d4:57:4f:30:3e:d1:
84:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:4D:65:E3:6B:80:86:EB:E4:3D:6B:D3:A0:25:4A:D2:84:AE:F8:A9
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/f01l42uAhuvkPWvToCVK0oSu-Kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.44.0/24
84.32.47.0/24
84.32.66.0/24
84.32.68.0/24
84.32.90.0/24
84.32.178.0/24
84.32.225.0/24
88.216.95.0/24
88.216.103.0/24
Signature Algorithm: sha256WithRSAEncryption
38:0e:d8:56:f9:49:2f:d7:73:2c:78:aa:d2:e8:2c:67:fd:b1:
81:86:b4:7b:6d:77:6e:79:40:02:69:3f:2b:23:a6:9f:28:3e:
3d:5d:f4:d7:55:b5:bb:46:ad:9a:8b:f4:2e:9f:c4:a6:f5:ed:
7a:9a:93:f4:5c:75:9c:00:56:c7:fe:cd:42:20:cb:20:0d:00:
d8:11:5d:53:02:2f:39:a0:82:20:64:78:be:31:4c:e4:4c:c7:
5a:03:77:74:4b:f5:a9:18:20:36:7e:a3:c7:b8:27:35:65:3f:
4d:7c:89:f1:60:43:54:1c:fd:ca:60:a8:c1:18:f6:25:63:9f:
78:ca:d4:cf:c7:b9:12:6d:0e:62:93:13:28:71:36:61:b8:ef:
07:45:57:f4:a0:9a:0e:49:b3:60:32:0f:80:58:96:c4:8e:bc:
15:5f:6b:6e:d5:c4:48:52:72:3c:24:2c:b3:76:25:e2:c2:6c:
2a:8c:d4:d9:8a:a1:b3:22:1c:1b:eb:cc:78:62:24:d6:b1:73:
19:41:02:dc:6a:7b:4f:35:64:80:d4:39:d8:83:ed:82:ad:60:
9d:97:1d:bf:c7:de:19:d5:29:a0:8c:9f:2e:65:10:2c:61:16:
ec:09:bb:e5:05:71:66:72:db:2c:e9:5b:95:4d:96:d6:8d:a7:
b5:b1:b8:55
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYdF4vUa09be/7Ija7mRVc5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDAzMDY1MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjRkNjVlMzZiODA4NmViZTQzZDZiZDNhMDI1NGFkMjg0YWVmOGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3zBIWcD6oyeXtZhFaCbs7HFFkIn
U4kHTsPNnIDY38Aw7fcmrkCWMQE78D/B7JKMuyMlTQi8SFghO9PdxthNkbc4gEJc
5DvBGIfe0I2Ll6WfitKBzyXkTrRM17s1/82xu61DoRI5r4TeHFxp2YvyRbYKCUkP
YgR6NHP3Q3KCbkijExYWsFlkUMvhyk7gb1mgSP4ZujFMp55ed4rb0SsC+s6iB0Tp
UP/A+WS6eGXdN6FIXxMA9f6in15M1DQHEc5QiKFGC3hViYRN2dlKg4J2WfSio8dn
FsuOkvc50pcW7elbYzc5FjfYnxJ1wi7eSyBddmOEyJinOKXUV08wPtGEjQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFH9NZeNrgIbr5D1r06AlStKErvipMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZjAxbDQydUFodXZrUFd2VG9DVkswb1N1LUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVCAsAwQA
VCAvAwQAVCBCAwQAVCBEAwQAVCBaAwQAVCCyAwQAVCDhAwQAWNhfAwQAWNhnMA0G
CSqGSIb3DQEBCwUAA4IBAQA4DthW+Ukv13MseKrS6Cxn/bGBhrR7bXdueUACaT8r
I6afKD49XfTXVbW7Rq2ai/Qun8Sm9e16mpP0XHWcAFbH/s1CIMsgDQDYEV1TAi85
oIIgZHi+MUzkTMdaA3d0S/WpGCA2fqPHuCc1ZT9NfInxYENUHP3KYKjBGPYlY594
ytTPx7kSbQ5ikxMocTZhuO8HRVf0oJoOSbNgMg+AWJbEjrwVX2tu1cRIUnI8JCyz
diXiwmwqjNTZiqGzIhwb68x4YiTWsXMZQQLcantPNWSA1DnYg+2CrWCdlx2/x94Z
1SmgjJ8uZRAsYRbsCbvlBXFmctss6VuVTZbWjae1sbhV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:30 2024 by rpki-client on console-ams.rpki-client.org