Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/l0-PqY-pGyl8qOWg2791BW5eSgQ.roa
File: l0-PqY-pGyl8qOWg2791BW5eSgQ.roa (raw, json)
Hash identifier: oSMPnRL2f3TGYE5ODUhQKgQ+i3L9YPFBTiQiGr+gFsE=
Subject key identifier: 97:4F:8F:A9:8F:A9:1B:29:7C:A8:E5:A0:DB:BF:75:05:6E:5E:4A:04
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185C0569F5539D271AD293AB88393F51F84
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/l0-PqY-pGyl8qOWg2791BW5eSgQ.roa
Signing time: Tue 17 Jan 2023 15:26:20 +0000
ROA not before: Tue 17 Jan 2023 15:26:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 84.32.57.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.91.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.104.0/24 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.111.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c0:56:9f:55:39:d2:71:ad:29:3a:b8:83:93:f5:1f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 17 15:26:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=974f8fa98fa91b297ca8e5a0dbbf75056e5e4a04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:55:be:6e:6f:17:b8:f2:09:d7:52:9a:ee:68:
e6:e7:26:16:cc:9b:63:2b:91:76:53:7b:04:eb:00:
62:ee:23:de:38:1c:a8:71:bc:8b:4d:06:e3:59:1f:
0f:2f:c1:8e:e1:97:9c:16:ce:7d:09:1d:78:89:e7:
fd:70:b8:24:39:bb:99:3c:41:c5:d5:44:1e:24:a4:
99:f2:68:0f:5d:ce:b2:b9:6d:1c:a2:86:3c:fe:e7:
86:a0:b3:0a:f2:aa:ce:e5:66:20:86:3d:41:41:80:
79:34:72:47:58:73:b9:9d:07:25:45:e7:5c:6d:27:
0e:ee:fb:e5:b5:c7:84:31:f3:79:7d:72:a7:90:af:
50:45:91:ad:24:22:fa:aa:ae:97:47:a5:f3:d5:c3:
51:bb:69:83:55:73:cb:87:7f:34:b6:54:4f:fa:eb:
ad:fd:ce:48:37:17:ee:9d:10:b4:ae:93:85:30:1e:
38:64:fe:ad:04:56:4c:57:4e:ba:68:f0:40:98:28:
69:ee:c7:1e:ed:70:34:9e:55:1e:c2:9a:9c:38:0f:
65:ec:7e:7c:1e:a2:7b:ba:ea:25:a3:bb:c3:f4:0e:
cb:50:a0:30:d8:50:ea:c9:ff:02:0c:87:03:f8:3b:
01:55:92:97:f1:a3:77:af:6a:03:cb:40:51:82:cd:
61:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:4F:8F:A9:8F:A9:1B:29:7C:A8:E5:A0:DB:BF:75:05:6E:5E:4A:04
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/l0-PqY-pGyl8qOWg2791BW5eSgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.57.0/24
84.32.67.0/24
84.32.91.0/24
84.32.110.0/23
88.216.38.0/23
88.216.93.0/24
88.216.101.0/24
88.216.104.0/24
88.216.130.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f9:06:b8:30:1e:eb:56:e2:80:b3:09:e2:88:9c:68:f2:17:
2a:7c:c0:55:d3:03:88:29:77:6a:4f:fc:9e:65:f7:e9:89:3c:
da:6e:b0:11:ae:da:ee:98:43:28:c9:41:65:48:b5:43:0f:d6:
e3:9a:3e:14:a1:05:91:f1:dc:e2:bf:be:94:7a:42:50:e8:09:
b3:89:5c:50:16:74:76:e1:52:ad:e8:a6:73:fb:6f:37:4b:87:
f9:89:68:14:de:4c:dc:21:29:93:9b:52:49:b8:a8:a9:67:06:
6c:b2:8e:81:fc:a2:61:d0:b0:68:d4:4a:b5:2f:1c:01:8c:bd:
bc:2e:ad:30:4a:8c:f4:5a:95:ba:54:74:df:ec:0c:4a:68:a6:
79:13:2d:99:d6:f3:df:aa:a8:50:97:1d:c4:2b:82:b5:96:46:
e8:5c:a8:c0:be:f1:d9:7c:98:cb:a1:7d:7d:3e:90:85:00:f9:
01:80:88:de:f8:09:12:6f:d4:ec:d6:62:ac:62:a7:ef:1c:17:
77:5e:d1:8c:2a:ab:7a:b4:de:2d:e4:4f:2a:94:88:30:fc:5c:
74:f9:5a:2a:fc:13:91:2a:57:c3:a6:96:08:d9:41:f7:88:64:
ab:25:b2:4a:e3:96:c2:c4:2e:91:86:77:92:e4:41:7b:e3:16:
78:a1:3a:a3
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYXAVp9VOdJxrSk6uIOT9R+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTE3MTUyNjIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzRmOGZhOThmYTkxYjI5N2NhOGU1YTBkYmJmNzUwNTZlNWU0YTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolW+bm8XuPIJ11Ka7mjm5yYWzJtj
K5F2U3sE6wBi7iPeOByocbyLTQbjWR8PL8GO4ZecFs59CR14ief9cLgkObuZPEHF
1UQeJKSZ8mgPXc6yuW0cooY8/ueGoLMK8qrO5WYghj1BQYB5NHJHWHO5nQclRedc
bScO7vvltceEMfN5fXKnkK9QRZGtJCL6qq6XR6Xz1cNRu2mDVXPLh380tlRP+uut
/c5INxfunRC0rpOFMB44ZP6tBFZMV066aPBAmChp7sce7XA0nlUewpqcOA9l7H58
HqJ7uuolo7vD9A7LUKAw2FDqyf8CDIcD+DsBVZKX8aN3r2oDy0BRgs1hvwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJdPj6mPqRspfKjloNu/dQVuXkoEMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbDAtUHFZLXBHeWw4cU9XZzI3OTFCVzVlU2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVCA5AwQA
VCBDAwQAVCBbAwQBVCBuAwQBWNgmAwQAWNhdAwQAWNhlAwQAWNhoAwQAWNiCMA0G
CSqGSIb3DQEBCwUAA4IBAQBy+Qa4MB7rVuKAswniiJxo8hcqfMBV0wOIKXdqT/ye
ZffpiTzabrARrtrumEMoyUFlSLVDD9bjmj4UoQWR8dziv76UekJQ6AmziVxQFnR2
4VKt6KZz+283S4f5iWgU3kzcISmTm1JJuKipZwZsso6B/KJh0LBo1Eq1LxwBjL28
Lq0wSoz0WpW6VHTf7AxKaKZ5Ey2Z1vPfqqhQlx3EK4K1lkboXKjAvvHZfJjLoX19
PpCFAPkBgIje+AkSb9Ts1mKsYqfvHBd3XtGMKqt6tN4t5E8qlIgw/Fx0+Voq/BOR
KlfDppYI2UH3iGSrJbJK45bCxC6RhneS5EF74xZ4oTqj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-fra.rpki-client.org