Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/i2QhwEAuLO3KkKyD9doCq3JqRWs.roa
File: i2QhwEAuLO3KkKyD9doCq3JqRWs.roa (raw, json)
Hash identifier: ZjH4BXpeTWolBjJq40wNf0BbK5odLtYLPBv+Iwx4sGs=
Subject key identifier: 8B:64:21:C0:40:2E:2C:ED:CA:90:AC:83:F5:DA:02:AB:72:6A:45:6B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01877A4827E18A6F0261A1A664794383805E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/i2QhwEAuLO3KkKyD9doCq3JqRWs.roa
Signing time: Thu 13 Apr 2023 11:02:41 +0000
ROA not before: Thu 13 Apr 2023 11:02:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Apr 2023 13:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:48:27:e1:8a:6f:02:61:a1:a6:64:79:43:83:80:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 13 11:02:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b6421c0402e2cedca90ac83f5da02ab726a456b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:be:07:1f:5d:0c:07:31:69:8d:65:15:a6:e7:
cb:37:d7:9c:63:bd:6c:6b:8d:31:ba:3c:97:d7:cc:
78:28:b3:1e:2f:4f:cc:31:0a:61:b3:e1:8d:29:a3:
84:41:c6:ca:66:c0:fc:0c:d8:4b:32:cc:13:92:c6:
11:60:9e:b1:d7:dd:db:11:62:49:d2:bc:23:12:50:
a4:2b:78:13:3c:e8:43:63:58:30:dc:7e:4d:4c:8a:
ed:25:58:97:53:17:bc:67:99:0d:65:fb:27:79:cf:
e9:c3:38:59:c1:f5:ca:35:fa:7c:37:09:7e:53:f7:
f0:8d:c3:7c:bf:65:3c:7c:38:12:9d:41:e6:51:4e:
d7:4a:4f:d2:bd:60:a9:41:19:d2:c8:49:39:82:6c:
10:81:2e:e0:9c:3f:6f:46:04:cd:0d:6a:8a:f3:51:
cc:06:4a:6f:24:6e:df:ec:41:71:14:d1:2b:85:e1:
c5:97:e6:53:f3:ec:d6:9d:71:7b:3a:dd:37:f6:3e:
8c:65:24:9f:3b:67:66:b2:a7:05:76:27:d5:91:3b:
8c:6b:e2:17:5e:1a:9b:3d:e8:f5:a4:1b:39:b9:c9:
52:2f:29:24:c7:77:3a:6f:5d:4b:c9:47:7a:ab:6a:
11:a0:fd:ec:96:eb:a9:50:ce:70:d9:bd:8b:87:17:
fa:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:64:21:C0:40:2E:2C:ED:CA:90:AC:83:F5:DA:02:AB:72:6A:45:6B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/i2QhwEAuLO3KkKyD9doCq3JqRWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.44.0/24
84.32.47.0/24
84.32.66.0/24
84.32.68.0/24
84.32.225.0/24
88.216.95.0/24
88.216.103.0/24
Signature Algorithm: sha256WithRSAEncryption
24:c7:9d:2c:04:af:f8:9b:3a:9c:6e:3a:9a:3c:f4:5e:f9:31:
61:1d:a5:93:2e:be:90:af:d1:ab:16:fe:fb:7e:e3:79:a8:b3:
d8:2e:57:4e:41:13:6a:cc:81:0b:6b:9e:d1:85:07:8b:24:12:
c8:07:12:05:4d:b3:2a:4d:fa:f4:6b:30:82:84:be:0c:4e:86:
ab:ca:fb:b3:33:9c:19:92:45:b2:fa:27:48:32:93:96:d5:d8:
2b:95:34:51:6e:0d:57:84:03:80:9a:fe:ce:c5:2a:37:90:58:
b0:99:29:5e:0b:b2:d3:2c:57:8c:38:18:dd:c9:38:5b:43:9f:
d2:74:c6:89:fd:f3:e5:a2:b6:41:c4:f4:e2:bb:b1:f4:af:d1:
08:9c:49:5b:db:00:61:cd:d1:7b:fc:4c:65:61:0e:b3:1a:2d:
8a:b1:11:a8:e7:6f:37:59:9d:f2:51:ec:b4:6d:a5:b2:b9:cb:
b4:cc:ca:ac:57:47:d0:43:89:e3:b8:4c:da:eb:50:95:37:dc:
21:f6:eb:ef:2e:38:e5:5e:94:e8:74:1d:d1:dd:9f:0b:1f:4c:
73:82:63:f6:60:5d:be:b3:da:88:e6:f8:1e:78:8c:0e:76:33:
b2:da:fc:58:ad:14:4f:fa:54:a1:cc:bf:d8:d0:22:0d:4c:4f:
af:b1:a3:40
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYd6SCfhim8CYaGmZHlDg4BeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDEzMTEwMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjY0MjFjMDQwMmUyY2VkY2E5MGFjODNmNWRhMDJhYjcyNmE0NTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7r4HH10MBzFpjWUVpufLN9ecY71s
a40xujyX18x4KLMeL0/MMQphs+GNKaOEQcbKZsD8DNhLMswTksYRYJ6x193bEWJJ
0rwjElCkK3gTPOhDY1gw3H5NTIrtJViXUxe8Z5kNZfsnec/pwzhZwfXKNfp8Nwl+
U/fwjcN8v2U8fDgSnUHmUU7XSk/SvWCpQRnSyEk5gmwQgS7gnD9vRgTNDWqK81HM
BkpvJG7f7EFxFNErheHFl+ZT8+zWnXF7Ot039j6MZSSfO2dmsqcFdifVkTuMa+IX
XhqbPej1pBs5uclSLykkx3c6b11LyUd6q2oRoP3sluupUM5w2b2Lhxf6VwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFItkIcBALiztypCsg/XaAqtyakVrMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaTJRaHdFQXVMTzNLa0t5RDlkb0NxM0pxUldzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVCAsAwQA
VCAvAwQAVCBCAwQAVCBEAwQAVCDhAwQAWNhfAwQAWNhnMA0GCSqGSIb3DQEBCwUA
A4IBAQAkx50sBK/4mzqcbjqaPPRe+TFhHaWTLr6Qr9GrFv77fuN5qLPYLldOQRNq
zIELa57RhQeLJBLIBxIFTbMqTfr0azCChL4MToaryvuzM5wZkkWy+idIMpOW1dgr
lTRRbg1XhAOAmv7OxSo3kFiwmSleC7LTLFeMOBjdyThbQ5/SdMaJ/fPlorZBxPTi
u7H0r9EInElb2wBhzdF7/ExlYQ6zGi2KsRGo5283WZ3yUey0baWyucu0zMqsV0fQ
Q4njuEza61CVN9wh9uvvLjjlXpTodB3R3Z8LH0xzgmP2YF2+s9qI5vgeeIwOdjOy
2vxYrRRP+lShzL/Y0CINTE+vsaNA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org