Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/iA907ahj8aYTQrQL6grReG_cGjY.roa
File: iA907ahj8aYTQrQL6grReG_cGjY.roa (raw, json)
Hash identifier: kYSs3DzbzN243kJpJK5R6ZQQHEV8JuIKr449vSykV64=
Subject key identifier: 88:0F:74:ED:A8:63:F1:A6:13:42:B4:0B:EA:0A:D1:78:6F:DC:1A:36
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CAF910DA5E73A98A16F52686EF58D1267
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/iA907ahj8aYTQrQL6grReG_cGjY.roa
Signing time: Thu 28 Dec 2023 08:36:08 +0000
ROA not before: Thu 28 Dec 2023 08:36:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43289
IP address blocks: 84.32.66.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
84.32.83.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:91:0d:a5:e7:3a:98:a1:6f:52:68:6e:f5:8d:12:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 28 08:36:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=880f74eda863f1a61342b40bea0ad1786fdc1a36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:10:84:2e:9e:3d:4f:aa:5d:b1:29:41:e7:5a:
19:48:f6:27:20:6b:5b:12:52:8d:e0:76:c0:cf:3c:
f8:0e:a6:67:84:df:d5:6f:b8:af:52:f0:29:8c:e0:
cf:e3:c5:24:b6:c9:47:12:fe:6a:e2:ee:37:2c:d0:
a4:24:d9:3a:a3:bf:cb:5a:f4:36:5b:b6:10:56:7e:
c9:d0:fd:d0:3d:f3:25:4e:af:89:07:86:7b:05:c6:
bb:a4:01:3c:99:9a:ec:ce:14:2e:fc:2a:44:f1:3f:
aa:0f:a4:1d:e5:48:ac:b3:40:68:e8:ed:91:74:ff:
f1:40:0b:a7:3f:30:5c:02:52:4f:fc:a1:e6:5f:8e:
6a:ef:fe:ee:59:0c:ac:c9:93:51:d8:66:35:fb:91:
49:9b:8a:f5:a6:84:08:e8:70:87:8d:b7:95:16:41:
c4:f7:d1:84:d4:f9:3e:0a:cc:c2:8a:ac:5c:7c:69:
64:38:e3:5c:75:68:4a:df:7d:91:24:51:df:54:29:
b4:5e:71:1e:d5:77:70:07:f6:59:43:a6:d3:79:4b:
45:06:14:6b:8e:75:68:b1:53:0d:c8:ae:cb:d4:7c:
f8:44:cd:f0:bd:44:91:a0:8b:74:f7:76:f3:73:99:
7e:45:60:cf:58:ae:50:40:a9:fc:d7:82:b4:09:e5:
53:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:0F:74:ED:A8:63:F1:A6:13:42:B4:0B:EA:0A:D1:78:6F:DC:1A:36
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/iA907ahj8aYTQrQL6grReG_cGjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.66.0/24
84.32.83.0/24
84.32.210.0/24
88.216.180.0/24
88.216.211.0/24
Signature Algorithm: sha256WithRSAEncryption
67:63:40:90:a5:af:80:6c:72:7c:15:9d:f2:ad:28:77:59:9e:
81:28:45:d4:e1:c1:93:1e:40:c2:a6:70:22:75:25:3a:91:46:
ec:b6:14:8c:82:2e:4c:45:fd:17:7a:ca:b4:b8:9e:a0:55:39:
98:d3:6d:92:b1:47:13:f7:ea:4e:72:dc:5c:4e:be:52:be:a3:
7c:b7:b4:e3:91:86:48:f9:1e:f2:63:fa:17:94:19:21:50:00:
07:fe:98:06:eb:6c:7f:98:2e:b3:3b:ba:22:c5:15:4c:2e:c2:
62:11:cf:e0:df:56:7f:00:1f:67:aa:7a:3f:93:9f:cf:75:df:
87:4e:d7:86:1b:cd:86:bd:1d:9e:81:23:0f:c5:b6:6c:ab:a8:
e5:1f:93:67:9d:e7:d3:a6:75:cf:f0:90:84:17:96:00:85:7e:
f5:7a:cc:4d:89:20:4f:ba:a7:1e:1b:f4:63:7c:04:70:f1:19:
42:8d:a9:4b:62:66:d1:43:21:0c:3d:1c:12:42:95:06:1b:28:
93:88:21:06:41:49:bc:1c:67:59:1a:bc:f1:f4:cd:3b:96:08:
cf:5c:61:37:32:97:7d:92:28:50:9a:5b:31:e2:c3:ac:31:38:
67:00:86:91:18:5b:e9:06:40:1f:2e:29:5d:a5:ea:5f:f6:eb:
15:26:91:3f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYyvkQ2l5zqYoW9SaG71jRJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMjI4MDgzNjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODBmNzRlZGE4NjNmMWE2MTM0MmI0MGJlYTBhZDE3ODZmZGMxYTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRCELp49T6pdsSlB51oZSPYnIGtb
ElKN4HbAzzz4DqZnhN/Vb7ivUvApjODP48UktslHEv5q4u43LNCkJNk6o7/LWvQ2
W7YQVn7J0P3QPfMlTq+JB4Z7Bca7pAE8mZrszhQu/CpE8T+qD6Qd5Uiss0Bo6O2R
dP/xQAunPzBcAlJP/KHmX45q7/7uWQysyZNR2GY1+5FJm4r1poQI6HCHjbeVFkHE
99GE1Pk+CszCiqxcfGlkOONcdWhK332RJFHfVCm0XnEe1XdwB/ZZQ6bTeUtFBhRr
jnVosVMNyK7L1Hz4RM3wvUSRoIt093bzc5l+RWDPWK5QQKn814K0CeVTPQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIgPdO2oY/GmE0K0C+oK0Xhv3Bo2MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaUE5MDdhaGo4YVlUUXJRTDZnclJlR19jR2pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCBCAwQA
VCBTAwQAVCDSAwQAWNi0AwQAWNjTMA0GCSqGSIb3DQEBCwUAA4IBAQBnY0CQpa+A
bHJ8FZ3yrSh3WZ6BKEXU4cGTHkDCpnAidSU6kUbsthSMgi5MRf0Xesq0uJ6gVTmY
022SsUcT9+pOctxcTr5SvqN8t7TjkYZI+R7yY/oXlBkhUAAH/pgG62x/mC6zO7oi
xRVMLsJiEc/g31Z/AB9nqno/k5/Pdd+HTteGG82GvR2egSMPxbZsq6jlH5NnnefT
pnXP8JCEF5YAhX71esxNiSBPuqceG/RjfARw8RlCjalLYmbRQyEMPRwSQpUGGyiT
iCEGQUm8HGdZGrzx9M07lgjPXGE3Mpd9kihQmlsx4sOsMThnAIaRGFvpBkAfLild
pepf9usVJpE/
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:41 2024 by rpki-client on console-ams.rpki-client.org