Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ktsfblHWN6watEXWS9EZJ-Vly6w.roa
File: ktsfblHWN6watEXWS9EZJ-Vly6w.roa (raw, json)
Hash identifier: fO21r2+DEVusDXvSE5+apEj2SN0XNKAMrIx8v4peH28=
Subject key identifier: 92:DB:1F:6E:51:D6:37:AC:1A:B4:45:D6:4B:D1:19:27:E5:65:CB:AC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01861624B65C67113B134CB918290B2B821F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ktsfblHWN6watEXWS9EZJ-Vly6w.roa
Signing time: Fri 03 Feb 2023 07:19:09 +0000
ROA not before: Fri 03 Feb 2023 07:19:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 84.32.57.0/24 maxlen: 24
84.32.91.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.104.0/24 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.111.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:24:b6:5c:67:11:3b:13:4c:b9:18:29:0b:2b:82:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 3 07:19:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92db1f6e51d637ac1ab445d64bd11927e565cbac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f8:3e:1d:8a:1b:36:2b:5a:f4:5e:b2:ee:a5:
45:11:67:c5:97:da:76:aa:13:7e:e7:86:ad:fa:53:
0c:63:14:71:c9:7b:9b:55:18:cd:ad:bd:57:40:67:
5c:bc:56:94:ad:d0:ef:37:f5:35:c6:62:ff:83:07:
db:7a:a0:e7:32:34:5f:8e:f8:6f:4c:da:da:1e:85:
f6:8c:c1:1b:9c:9e:82:a0:e8:c4:cc:74:ea:9a:1f:
d3:68:85:3f:5f:4a:30:71:d0:0c:1f:4b:b3:aa:83:
80:60:52:a0:54:a0:7c:b7:43:af:bc:df:9f:df:76:
ab:4e:fd:f3:4b:e2:90:72:b6:4b:b8:e3:a6:74:b3:
ac:72:d5:99:16:cd:aa:10:86:68:01:05:d4:69:d2:
db:e3:d9:5b:e5:0e:34:e3:1e:cf:b3:a5:30:38:13:
f1:dd:88:ab:03:6c:e2:75:0f:5e:5b:37:fe:d0:09:
99:e7:62:c7:90:a1:d6:5e:d2:1d:22:db:95:08:dc:
c1:07:6b:85:85:ce:cb:d1:fa:bc:09:03:e4:46:f6:
ad:60:1c:fa:e8:26:61:d7:4d:40:f9:38:45:16:84:
43:01:ee:bb:c7:0c:c5:71:14:f9:67:2d:a5:2d:49:
5f:28:89:57:ab:b8:34:2c:ca:11:33:94:14:d9:d4:
38:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DB:1F:6E:51:D6:37:AC:1A:B4:45:D6:4B:D1:19:27:E5:65:CB:AC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ktsfblHWN6watEXWS9EZJ-Vly6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.57.0/24
84.32.91.0/24
84.32.110.0/23
88.216.93.0/24
88.216.104.0/24
88.216.130.0/24
Signature Algorithm: sha256WithRSAEncryption
40:c6:8d:bf:63:50:a4:45:80:a7:39:2b:5d:28:b3:e4:98:5f:
e1:27:52:89:15:83:cc:a3:ba:e9:90:00:a8:e1:1c:73:3e:a3:
c3:67:01:e4:61:69:cb:87:00:56:34:4e:34:99:b3:cc:a2:af:
9a:1d:92:ac:f3:6b:a4:40:29:db:49:3e:c5:11:f8:7b:81:37:
10:7e:f4:c1:45:8f:9f:45:eb:44:72:cd:1e:98:03:15:88:18:
85:d5:81:31:97:a2:e2:0a:8c:d1:5e:26:c6:b0:4b:21:67:26:
49:fe:99:5d:40:1d:73:62:c4:13:36:15:69:ee:5a:8d:d9:6d:
dd:db:bd:56:5c:70:7a:eb:01:8c:96:a3:2f:e5:8e:78:83:49:
74:df:02:54:72:fc:96:57:0a:3c:0a:9a:bf:4b:d8:5c:39:ea:
a5:36:9a:0c:1c:d7:3b:3f:a1:98:f0:bd:18:a8:65:c1:b1:dc:
a9:59:5f:69:7c:f4:29:ef:b5:15:be:a1:2e:c1:67:12:e2:76:
5c:c7:42:be:80:35:62:b8:50:ef:51:eb:f4:56:ed:26:71:76:
c0:8a:b8:b2:31:1d:86:ee:6a:23:04:2f:e7:31:92:56:ec:05:
70:38:15:a9:d5:dc:b6:c2:af:50:c9:9a:19:f4:f7:43:ef:54:
3b:39:68:3c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYWJLZcZxE7E0y5GCkLK4IfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjAzMDcxOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmRiMWY2ZTUxZDYzN2FjMWFiNDQ1ZDY0YmQxMTkyN2U1NjVjYmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPg+HYobNita9F6y7qVFEWfFl9p2
qhN+54at+lMMYxRxyXubVRjNrb1XQGdcvFaUrdDvN/U1xmL/gwfbeqDnMjRfjvhv
TNraHoX2jMEbnJ6CoOjEzHTqmh/TaIU/X0owcdAMH0uzqoOAYFKgVKB8t0OvvN+f
33arTv3zS+KQcrZLuOOmdLOsctWZFs2qEIZoAQXUadLb49lb5Q404x7Ps6UwOBPx
3YirA2zidQ9eWzf+0AmZ52LHkKHWXtIdItuVCNzBB2uFhc7L0fq8CQPkRvatYBz6
6CZh101A+ThFFoRDAe67xwzFcRT5Zy2lLUlfKIlXq7g0LMoRM5QU2dQ4ywIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJLbH25R1jesGrRF1kvRGSflZcusMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEva3RzZmJsSFdONndhdEVYV1M5RVpKLVZseTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCA5AwQA
VCBbAwQBVCBuAwQAWNhdAwQAWNhoAwQAWNiCMA0GCSqGSIb3DQEBCwUAA4IBAQBA
xo2/Y1CkRYCnOStdKLPkmF/hJ1KJFYPMo7rpkACo4RxzPqPDZwHkYWnLhwBWNE40
mbPMoq+aHZKs82ukQCnbST7FEfh7gTcQfvTBRY+fRetEcs0emAMViBiF1YExl6Li
CozRXibGsEshZyZJ/pldQB1zYsQTNhVp7lqN2W3d271WXHB66wGMlqMv5Y54g0l0
3wJUcvyWVwo8Cpq/S9hcOeqlNpoMHNc7P6GY8L0YqGXBsdypWV9pfPQp77UVvqEu
wWcS4nZcx0K+gDViuFDvUev0Vu0mcXbAiriyMR2G7mojBC/nMZJW7AVwOBWp1dy2
wq9QyZoZ9PdD71Q7OWg8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:32 2023 by rpki-client on console-ams.rpki-client.org