Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fEmAQcjnY2IjsXeGVtuIcU1CGvg.roa
File: fEmAQcjnY2IjsXeGVtuIcU1CGvg.roa (raw, json)
Hash identifier: +Q4Uinh9zJD4l0VDpfeBodK8eJWb5tZ59+qIusQMSDU=
Subject key identifier: 7C:49:80:41:C8:E7:63:62:23:B1:77:86:56:DB:88:71:4D:42:1A:F8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0190897D7537638A89446901D257292A851F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fEmAQcjnY2IjsXeGVtuIcU1CGvg.roa
Signing time: Sat 06 Jul 2024 19:20:18 +0000
ROA not before: Sat 06 Jul 2024 19:20:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204770
IP address blocks: 84.32.34.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.128.0/22 maxlen: 32
88.216.39.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jul 2024 06:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:89:7d:75:37:63:8a:89:44:69:01:d2:57:29:2a:85:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 6 19:20:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c498041c8e7636223b1778656db88714d421af8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cd:20:02:f7:73:45:26:7b:63:6f:4f:26:4d:
36:58:7d:1a:95:79:66:45:f1:52:3a:86:74:70:37:
ba:ca:b4:6d:fc:47:44:76:ca:67:4b:84:c1:09:0a:
31:8a:96:be:7a:7a:11:cb:29:bb:89:7e:3c:84:77:
2f:79:cd:b3:0b:3f:ce:dc:de:b0:47:b5:be:cc:b6:
a5:fb:be:7d:f0:7c:69:f3:70:f5:e6:85:53:93:a1:
af:7a:1a:85:fa:e4:e0:2b:12:fd:26:1d:59:2f:d9:
f0:fb:4d:ef:f1:98:dc:55:86:e4:dd:2e:fa:80:84:
3b:fc:60:d7:95:c8:43:3b:96:da:35:22:91:40:22:
c3:fe:88:ec:cf:7c:cf:05:d6:2e:36:bb:d0:59:ac:
17:d9:82:55:93:e8:0f:df:12:a7:31:aa:a4:bf:17:
36:f6:05:78:7f:c9:f2:2b:f2:d0:23:3e:1b:c5:01:
26:97:50:c0:5d:db:88:86:4e:f6:9e:e9:4a:27:70:
02:eb:7e:af:79:79:9d:42:44:86:71:26:b3:48:9b:
04:eb:6b:b6:31:0d:be:4b:ee:46:8e:a7:a0:df:67:
92:3f:7b:04:a0:82:6e:53:a1:e9:6b:fd:90:29:b3:
d2:32:b1:af:b1:58:a2:66:e6:81:93:6a:3d:45:7c:
00:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:49:80:41:C8:E7:63:62:23:B1:77:86:56:DB:88:71:4D:42:1A:F8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fEmAQcjnY2IjsXeGVtuIcU1CGvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.34.0/24
84.32.71.0/24
84.32.128.0/22
88.216.39.0/24
88.216.198.0/24
88.216.210.0/24
88.216.222.0/24
Signature Algorithm: sha256WithRSAEncryption
32:75:40:20:59:5d:a2:88:b8:9e:d4:76:87:c9:24:cf:00:bf:
ff:75:b5:28:67:92:3e:2d:8d:b1:86:ee:ac:2a:4c:4a:4c:bc:
9f:a7:ac:4d:21:7f:7b:93:78:44:d9:05:1b:9b:48:79:36:60:
1f:13:99:bc:66:da:db:62:8e:56:98:2c:dd:ba:fe:fb:3a:4a:
88:bf:3b:a0:f1:5a:37:dd:33:13:0e:0e:4c:03:06:e0:1f:5a:
ad:8c:13:e2:d6:cb:c3:4a:77:01:d5:36:a0:a2:6b:33:11:a7:
63:ed:6b:23:81:dd:e1:ec:38:f2:c2:5e:9b:2a:32:6f:b2:ef:
5a:3f:ae:5c:f7:1e:61:5e:fe:35:49:34:6d:be:c8:35:7f:a1:
e3:1d:eb:1b:75:37:ca:4e:57:44:5b:93:d9:87:f5:6b:22:a8:
06:9f:9e:0c:3c:54:1d:2e:98:08:4c:c8:3c:5c:2b:f8:1d:4c:
bf:b6:07:28:48:45:7b:8d:4b:99:14:d8:fa:f7:2e:b6:cb:0a:
1a:f7:c7:fd:0c:91:7e:40:d6:9f:85:ca:90:9a:fe:b3:4d:ed:
32:66:81:d5:ea:ef:5c:3d:30:f8:e0:0e:ac:07:de:f4:d7:ff:
bb:8e:a3:e1:3f:7c:54:03:44:7e:8a:96:5b:b1:06:49:a4:07:
80:4c:f9:af
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZCJfXU3Y4qJRGkB0lcpKoUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNzA2MTkyMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzQ5ODA0MWM4ZTc2MzYyMjNiMTc3ODY1NmRiODg3MTRkNDIxYWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1s0gAvdzRSZ7Y29PJk02WH0alXlm
RfFSOoZ0cDe6yrRt/EdEdspnS4TBCQoxipa+enoRyym7iX48hHcvec2zCz/O3N6w
R7W+zLal+7598Hxp83D15oVTk6GvehqF+uTgKxL9Jh1ZL9nw+03v8ZjcVYbk3S76
gIQ7/GDXlchDO5baNSKRQCLD/ojsz3zPBdYuNrvQWawX2YJVk+gP3xKnMaqkvxc2
9gV4f8nyK/LQIz4bxQEml1DAXduIhk72nulKJ3AC636veXmdQkSGcSazSJsE62u2
MQ2+S+5Gjqeg32eSP3sEoIJuU6Hpa/2QKbPSMrGvsViiZuaBk2o9RXwALwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHxJgEHI52NiI7F3hlbbiHFNQhr4MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZkVtQVFjam5ZMklqc1hlR1Z0dUljVTFDR3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVCAiAwQA
VCBHAwQCVCCAAwQAWNgnAwQAWNjGAwQAWNjSAwQAWNjeMA0GCSqGSIb3DQEBCwUA
A4IBAQAydUAgWV2iiLie1HaHySTPAL//dbUoZ5I+LY2xhu6sKkxKTLyfp6xNIX97
k3hE2QUbm0h5NmAfE5m8ZtrbYo5WmCzduv77OkqIvzug8Vo33TMTDg5MAwbgH1qt
jBPi1svDSncB1TagomszEadj7Wsjgd3h7Djywl6bKjJvsu9aP65c9x5hXv41STRt
vsg1f6HjHesbdTfKTldEW5PZh/VrIqgGn54MPFQdLpgITMg8XCv4HUy/tgcoSEV7
jUuZFNj69y62ywoa98f9DJF+QNafhcqQmv6zTe0yZoHV6u9cPTD44A6sB9701/+7
jqPhP3xUA0R+ipZbsQZJpAeATPmv
-----END CERTIFICATE-----
Generated at Mon Jul 15 07:22:22 2024 by rpki-client on console-ams.rpki-client.org