Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/jS2S9uR9xc0m9eFkqHXmcmj-bf8.roa
File: jS2S9uR9xc0m9eFkqHXmcmj-bf8.roa (raw, json)
Hash identifier: DS50xmj7ATY+dFYLnHBw/5mrOyOIWPgQsaGe3pXgBro=
Subject key identifier: 8D:2D:92:F6:E4:7D:C5:CD:26:F5:E1:64:A8:75:E6:72:68:FE:6D:FF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186D036BCAE3E61CD94D732772E436E80A8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/jS2S9uR9xc0m9eFkqHXmcmj-bf8.roa
Signing time: Sat 11 Mar 2023 10:28:13 +0000
ROA not before: Sat 11 Mar 2023 10:28:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.59.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Mar 2023 18:59:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d0:36:bc:ae:3e:61:cd:94:d7:32:77:2e:43:6e:80:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 11 10:28:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d2d92f6e47dc5cd26f5e164a875e67268fe6dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:24:5a:aa:0e:c4:e3:71:d4:53:30:2d:1c:42:
d9:e0:7c:d2:bc:4d:78:a9:19:bc:e5:bc:c7:c1:2f:
de:6c:bb:a9:db:c0:88:71:b9:ab:5d:75:c2:be:f4:
9a:d3:19:8c:65:36:75:78:f4:84:b6:d0:ed:82:5c:
0b:de:85:77:c5:16:32:c0:43:69:9e:21:19:3d:fd:
6d:87:fc:04:1c:6d:f4:9e:17:08:65:ec:0d:ba:9b:
52:9e:b4:88:ba:75:b6:30:2d:f1:d7:65:31:9e:ee:
ee:cc:44:39:e5:27:d0:65:4e:75:e3:63:aa:09:4a:
e1:cc:71:45:cf:9f:3f:c1:fa:6c:e4:af:75:13:e3:
fb:1d:a5:63:ef:48:b7:2a:bf:08:6c:24:9f:c1:c6:
f2:04:50:c0:57:b2:e1:40:41:c3:42:29:b7:46:af:
c4:1e:61:91:a4:6f:26:8c:df:d9:db:7b:2d:71:1c:
a7:8e:43:54:12:62:72:c2:c1:dd:15:7e:87:67:05:
d5:e3:4a:cf:1c:ed:65:cc:fd:18:3b:88:9d:cd:ff:
0e:18:65:7d:8e:36:56:5e:f8:21:0f:3b:7b:8f:ef:
7d:33:e0:d0:cf:68:dc:8e:22:d6:60:4e:c7:b9:24:
63:34:ae:87:13:67:3d:0a:1e:99:e0:f9:c5:5b:f8:
cd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:2D:92:F6:E4:7D:C5:CD:26:F5:E1:64:A8:75:E6:72:68:FE:6D:FF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/jS2S9uR9xc0m9eFkqHXmcmj-bf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.44.0/24
84.32.47.0/24
84.32.59.0-84.32.60.255
84.32.66.0/24
84.32.68.0/24
84.32.90.0/24
84.32.178.0/24
84.32.225.0/24
88.216.95.0/24
88.216.103.0/24
88.216.209.0/24
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:33:3b:49:25:ac:9a:f4:4f:fb:23:f1:da:80:25:00:19:26:
08:1b:f7:e5:5d:b7:04:ee:d0:aa:bf:e5:c7:02:c1:ea:73:b9:
23:36:a0:01:47:4c:9b:f5:cf:24:f4:97:47:69:a1:aa:47:95:
53:4b:5c:90:66:77:82:78:9f:2a:f8:94:76:bf:00:a5:ba:4e:
c7:69:93:ca:c0:cc:b7:a8:28:5b:c9:62:3b:68:5e:b6:80:f0:
5c:b7:ed:72:73:08:74:6e:02:7c:3d:84:08:03:61:66:ee:ef:
3c:7a:69:df:13:b0:8e:32:7e:5e:7d:49:5b:44:c5:6f:ae:66:
a7:12:07:47:14:56:ef:83:85:41:5e:60:aa:d9:40:b2:0c:09:
35:02:ec:61:62:d7:99:5d:d2:c1:26:95:91:2d:b4:ce:e2:ca:
f2:8d:74:95:f7:cb:04:eb:fc:ad:af:80:c8:98:cf:4c:af:b7:
f3:80:8d:87:de:cc:89:6d:30:3c:fe:25:9f:92:82:ad:b7:e0:
94:61:cc:32:fc:16:28:a6:08:5a:0f:3f:78:20:2e:f8:f8:8d:
f7:85:70:3f:fd:e1:7b:de:86:4f:74:bd:20:bf:9b:a3:b3:40:
7f:5d:d7:64:fb:d4:ed:c0:53:e7:a6:b8:44:63:65:c7:4e:d0:
16:4a:21:95
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYbQNryuPmHNlNcydy5DboCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzExMTAyODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDJkOTJmNmU0N2RjNWNkMjZmNWUxNjRhODc1ZTY3MjY4ZmU2ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiRaqg7E43HUUzAtHELZ4HzSvE14
qRm85bzHwS/ebLup28CIcbmrXXXCvvSa0xmMZTZ1ePSEttDtglwL3oV3xRYywENp
niEZPf1th/wEHG30nhcIZewNuptSnrSIunW2MC3x12Uxnu7uzEQ55SfQZU5142Oq
CUrhzHFFz58/wfps5K91E+P7HaVj70i3Kr8IbCSfwcbyBFDAV7LhQEHDQim3Rq/E
HmGRpG8mjN/Z23stcRynjkNUEmJywsHdFX6HZwXV40rPHO1lzP0YO4idzf8OGGV9
jjZWXvghDzt7j+99M+DQz2jcjiLWYE7HuSRjNK6HE2c9Ch6Z4PnFW/jNFwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFI0tkvbkfcXNJvXhZKh15nJo/m3/MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvalMyUzl1Ujl4YzBtOWVGa3FIWG1jbWotYmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAVCAsAwQA
VCAvMAwDBABUIDsDBABUIDwDBABUIEIDBABUIEQDBABUIFoDBABUILIDBABUIOED
BABY2F8DBABY2GcDBABY2NEDBABY2NwwDQYJKoZIhvcNAQELBQADggEBAEwzO0kl
rJr0T/sj8dqAJQAZJggb9+VdtwTu0Kq/5ccCwepzuSM2oAFHTJv1zyT0l0dpoapH
lVNLXJBmd4J4nyr4lHa/AKW6Tsdpk8rAzLeoKFvJYjtoXraA8Fy37XJzCHRuAnw9
hAgDYWbu7zx6ad8TsI4yfl59SVtExW+uZqcSB0cUVu+DhUFeYKrZQLIMCTUC7GFi
15ld0sEmlZEttM7iyvKNdJX3ywTr/K2vgMiYz0yvt/OAjYfezIltMDz+JZ+Sgq23
4JRhzDL8FiimCFoPP3ggLvj4jfeFcD/94Xvehk90vSC/m6OzQH9d12T71O3AU+em
uERjZcdO0BZKIZU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:30 2024 by rpki-client on console-ams.rpki-client.org