Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/iVMbS-XKoYGIyWb3AmRkxm5ATTE.roa
File: iVMbS-XKoYGIyWb3AmRkxm5ATTE.roa (raw, json)
Hash identifier: kZ8/2BuYQ1sB0S1CnYDsc/oLTMHGZkZ8dTzWe1YWV+s=
Subject key identifier: 89:53:1B:4B:E5:CA:A1:81:88:C9:66:F7:02:64:64:C6:6E:40:4D:31
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185B6039D606F39B4066F8EB065A30DB008
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/iVMbS-XKoYGIyWb3AmRkxm5ATTE.roa
Signing time: Sun 15 Jan 2023 15:19:28 +0000
ROA not before: Sun 15 Jan 2023 15:19:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.59.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.28.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Jan 2023 18:51:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b6:03:9d:60:6f:39:b4:06:6f:8e:b0:65:a3:0d:b0:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 15 15:19:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89531b4be5caa18188c966f7026464c66e404d31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:58:36:1e:5e:80:88:02:83:83:06:97:a7:fc:
98:47:fd:df:3f:3f:69:4b:4b:ed:32:bd:8a:00:21:
3c:c1:ec:4e:7a:f3:f2:4a:47:92:6f:d8:f4:29:aa:
dd:e9:d8:47:c2:0d:c5:93:bb:01:f0:53:32:31:fc:
c9:f6:c6:63:9c:bd:33:c9:05:f8:47:2b:f5:7d:c8:
f8:f8:60:28:b0:a4:00:0a:50:bc:97:f3:43:0b:9f:
3e:b3:be:52:fe:85:7e:9e:29:d8:66:43:c0:5f:da:
d0:c5:50:57:be:ce:4c:b3:05:ab:d0:94:92:86:86:
9e:99:1f:e7:0b:49:0f:a2:be:76:ad:13:4e:44:fc:
57:d5:45:c5:a4:aa:e3:82:37:8a:43:29:5a:35:ff:
3b:2a:07:ae:11:ad:4f:27:ad:8e:c0:d7:80:89:08:
75:b5:21:79:50:3a:26:cc:b3:38:53:71:98:6a:35:
b5:bd:5b:61:d2:5e:24:9d:c2:43:37:f3:f4:b6:3d:
9f:fc:dd:6b:09:2a:09:a4:a8:12:bb:47:cf:0a:01:
02:ce:a9:a5:4b:d2:6f:77:1a:a0:71:74:8d:3b:b8:
b2:f1:64:93:e7:96:0a:9f:84:82:25:a2:d6:9e:1e:
e7:16:ac:cb:f3:38:a9:5c:92:6c:a1:57:75:86:e1:
9d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:53:1B:4B:E5:CA:A1:81:88:C9:66:F7:02:64:64:C6:6E:40:4D:31
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/iVMbS-XKoYGIyWb3AmRkxm5ATTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.28.0/24
84.32.44.0/24
84.32.46.0/23
84.32.59.0-84.32.60.255
84.32.66.0/24
84.32.68.0/24
84.32.90.0/24
84.32.178.0/24
84.32.225.0/24
84.32.227.0/24
84.32.255.0/24
88.216.95.0/24
88.216.103.0/24
88.216.188.0/24
88.216.209.0/24
Signature Algorithm: sha256WithRSAEncryption
80:bc:37:df:ff:2d:29:1b:2f:e1:04:d8:34:93:0a:fe:a0:ea:
ef:fe:a2:ee:f3:11:56:6a:59:09:65:04:e8:91:a6:d9:b7:36:
6a:e8:6e:6a:c4:3b:2d:0e:c3:00:d1:64:67:35:10:26:c8:54:
50:87:47:6c:1d:12:bc:86:29:f6:de:59:bb:da:b1:ac:6f:43:
a8:bf:1e:0d:c6:1f:72:8a:93:18:4f:7d:9c:81:71:58:ed:a2:
9a:13:b5:ed:31:65:5c:9a:c9:03:89:77:55:1d:44:d6:38:39:
40:c5:a0:f6:fa:d6:45:f7:db:5f:0a:2a:be:14:94:46:ab:4d:
ad:2a:68:63:40:16:19:fb:9f:34:ab:59:47:59:fe:e5:c4:82:
1b:e8:38:49:bb:30:10:13:3d:7f:a8:20:38:52:14:58:c8:28:
cd:ab:ef:71:dd:58:bc:af:1e:78:66:ca:4b:07:65:04:5b:95:
04:f8:41:51:08:ff:dc:13:72:9e:63:3b:ca:be:ef:a9:2e:3b:
f9:61:29:67:dd:32:c4:b1:5b:26:10:29:77:ee:3f:bf:5d:79:
75:8d:51:b9:f4:06:39:ae:41:00:42:d4:36:9e:93:9a:82:a3:
ff:c4:4e:f6:db:32:9b:b2:39:13:45:7c:e4:62:b0:99:b4:00:
1e:b3:42:1e
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYW2A51gbzm0Bm+OsGWjDbAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTE1MTUxOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTUzMWI0YmU1Y2FhMTgxODhjOTY2ZjcwMjY0NjRjNjZlNDA0ZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVg2Hl6AiAKDgwaXp/yYR/3fPz9p
S0vtMr2KACE8wexOevPySkeSb9j0Kard6dhHwg3Fk7sB8FMyMfzJ9sZjnL0zyQX4
Ryv1fcj4+GAosKQAClC8l/NDC58+s75S/oV+ninYZkPAX9rQxVBXvs5MswWr0JSS
hoaemR/nC0kPor52rRNORPxX1UXFpKrjgjeKQylaNf87KgeuEa1PJ62OwNeAiQh1
tSF5UDomzLM4U3GYajW1vVth0l4kncJDN/P0tj2f/N1rCSoJpKgSu0fPCgECzqml
S9JvdxqgcXSNO7iy8WST55YKn4SCJaLWnh7nFqzL8zipXJJsoVd1huGdvwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFIlTG0vlyqGBiMlm9wJkZMZuQE0xMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaVZNYlMtWEtvWUdJeVdiM0FtUmt4bTVBVFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAVCAcAwQA
VCAsAwQBVCAuMAwDBABUIDsDBABUIDwDBABUIEIDBABUIEQDBABUIFoDBABUILID
BABUIOEDBABUIOMDBABUIP8DBABY2F8DBABY2GcDBABY2LwDBABY2NEwDQYJKoZI
hvcNAQELBQADggEBAIC8N9//LSkbL+EE2DSTCv6g6u/+ou7zEVZqWQllBOiRptm3
NmrobmrEOy0OwwDRZGc1ECbIVFCHR2wdEryGKfbeWbvasaxvQ6i/Hg3GH3KKkxhP
fZyBcVjtopoTte0xZVyayQOJd1UdRNY4OUDFoPb61kX3218KKr4UlEarTa0qaGNA
Fhn7nzSrWUdZ/uXEghvoOEm7MBATPX+oIDhSFFjIKM2r73HdWLyvHnhmyksHZQRb
lQT4QVEI/9wTcp5jO8q+76kuO/lhKWfdMsSxWyYQKXfuP79deXWNUbn0BjmuQQBC
1Daek5qCo//ETvbbMpuyORNFfORisJm0AB6zQh4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org