Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/l3ggc3o9y_guN7NxRSu5lh_yDpg.roa
File: l3ggc3o9y_guN7NxRSu5lh_yDpg.roa (raw, json)
Hash identifier: e1/oAb7VaC4LzI/UVGZHRaJvvKM4DwGZuBTpLL6eni0=
Subject key identifier: 97:78:20:73:7A:3D:CB:F8:2E:37:B3:71:45:2B:B9:96:1F:F2:0E:98
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186D0389224781B4EA767D5DCC548DA51BC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/l3ggc3o9y_guN7NxRSu5lh_yDpg.roa
Signing time: Sat 11 Mar 2023 10:30:13 +0000
ROA not before: Sat 11 Mar 2023 10:30:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
88.216.214.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.252.0/22 maxlen: 24
84.32.42.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d0:38:92:24:78:1b:4e:a7:67:d5:dc:c5:48:da:51:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 11 10:30:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=977820737a3dcbf82e37b371452bb9961ff20e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9e:91:02:dc:dd:8e:4e:b7:bd:61:c4:90:96:
28:97:0f:50:ae:ed:b5:be:7b:fa:37:d5:d0:a0:50:
81:69:33:b7:38:20:be:7c:5d:20:54:b7:cd:4c:d0:
4e:2c:03:e8:67:b0:4e:32:2a:5a:9e:f2:50:df:c9:
1d:60:ef:cf:a0:67:fc:2a:2d:a4:a7:51:df:bc:a0:
f4:e6:62:c1:90:90:44:19:52:d2:58:c5:00:bd:98:
5f:77:29:fc:80:f1:83:89:67:58:b2:49:e8:af:6e:
fb:3e:1c:49:0b:8e:e2:df:47:fb:52:ea:71:54:51:
75:61:dc:46:11:89:0e:d1:22:e8:53:94:33:77:22:
de:e7:b1:f9:4e:9c:f9:7a:79:2b:e3:a2:c6:81:7d:
50:e4:41:9e:c9:8e:b8:fd:04:a0:e0:66:2f:bd:58:
2b:5d:73:f9:48:20:74:37:24:98:90:ff:3b:43:fb:
ab:0b:3f:12:1d:ee:16:c0:fe:e2:da:50:f3:93:72:
65:cd:23:ca:93:a2:c6:6e:4a:4b:be:d7:93:50:73:
da:ec:0f:94:98:7e:47:cb:97:bc:91:13:cc:49:7c:
66:31:f0:04:43:30:7c:ef:69:9c:f1:81:b0:b9:18:
c8:4c:ac:a9:ec:7e:91:23:0a:17:2e:3f:c5:75:91:
7e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:78:20:73:7A:3D:CB:F8:2E:37:B3:71:45:2B:B9:96:1F:F2:0E:98
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/l3ggc3o9y_guN7NxRSu5lh_yDpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.42.0/24
84.32.52.0/22
88.216.20.0/24
88.216.40.0/24
88.216.43.0/24
88.216.98.0/24
88.216.213.0-88.216.214.255
88.216.240.0/21
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
10:f4:5a:98:73:ca:c8:ba:ee:ad:29:42:44:bf:55:c0:1d:92:
e1:d9:7b:3b:d2:74:94:30:54:4c:63:59:18:38:3b:ea:94:a5:
51:83:d0:bc:42:55:12:99:18:02:6b:c8:57:ab:7f:33:1d:b5:
a9:71:a1:05:8e:a7:1e:42:af:35:9e:e2:b8:fb:c0:49:9a:7d:
4b:f4:9f:9d:04:34:4f:37:df:61:2d:e8:b6:b7:da:1f:c4:a2:
1f:3e:d9:57:36:3e:a4:21:ca:86:39:6f:fa:61:d7:09:4b:c9:
12:a7:a3:19:c8:4f:2f:b3:31:18:a1:92:b4:f4:91:46:56:c6:
54:16:2e:a8:1d:f9:3a:f6:23:93:91:1b:9e:f3:16:2f:e8:48:
a6:92:5c:0e:5e:c6:1e:c0:3d:5c:9c:bb:46:92:cf:0b:72:75:
06:89:6e:49:a5:94:99:48:38:28:8e:ca:7c:f8:85:02:55:43:
d8:09:af:c5:59:27:29:7b:20:f9:20:8e:03:78:d0:79:00:65:
c2:43:ab:60:e1:67:e5:9c:35:0b:74:fb:59:61:9e:2c:74:53:
90:d3:fd:93:42:d0:31:e7:01:5c:a1:63:e9:da:f6:8f:c0:42:
fc:9b:69:6b:29:3e:a0:9b:44:f4:f5:5c:d2:50:61:53:ae:00:
e3:96:56:6c
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYbQOJIkeBtOp2fV3MVI2lG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzExMTAzMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzc4MjA3MzdhM2RjYmY4MmUzN2IzNzE0NTJiYjk5NjFmZjIwZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn56RAtzdjk63vWHEkJYolw9Qru21
vnv6N9XQoFCBaTO3OCC+fF0gVLfNTNBOLAPoZ7BOMipanvJQ38kdYO/PoGf8Ki2k
p1HfvKD05mLBkJBEGVLSWMUAvZhfdyn8gPGDiWdYsknor277PhxJC47i30f7Uupx
VFF1YdxGEYkO0SLoU5QzdyLe57H5Tpz5enkr46LGgX1Q5EGeyY64/QSg4GYvvVgr
XXP5SCB0NySYkP87Q/urCz8SHe4WwP7i2lDzk3JlzSPKk6LGbkpLvteTUHPa7A+U
mH5Hy5e8kRPMSXxmMfAEQzB872mc8YGwuRjITKyp7H6RIwoXLj/FdZF+lQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFJd4IHN6Pcv4LjezcUUruZYf8g6YMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbDNnZ2Mzbzl5X2d1TjdOeFJTdTVsaF95RHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAVCAGAwQA
VCAqAwQCVCA0AwQAWNgUAwQAWNgoAwQAWNgrAwQAWNhiMAwDBABY2NUDBABY2NYD
BANY2PADBAJY2PwwDQYJKoZIhvcNAQELBQADggEBABD0Wphzysi67q0pQkS/VcAd
kuHZezvSdJQwVExjWRg4O+qUpVGD0LxCVRKZGAJryFerfzMdtalxoQWOpx5CrzWe
4rj7wEmafUv0n50ENE8332Et6La32h/Eoh8+2Vc2PqQhyoY5b/ph1wlLyRKnoxnI
Ty+zMRihkrT0kUZWxlQWLqgd+Tr2I5ORG57zFi/oSKaSXA5exh7APVycu0aSzwty
dQaJbkmllJlIOCiOynz4hQJVQ9gJr8VZJyl7IPkgjgN40HkAZcJDq2DhZ+WcNQt0
+1lhnix0U5DT/ZNC0DHnAVyhY+na9o/AQvybaWspPqCbRPT1XNJQYVOuAOOWVmw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-fra.rpki-client.org