Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nITdsYJlFB3HSBTM56ARVzpkG7g.roa
File: nITdsYJlFB3HSBTM56ARVzpkG7g.roa (raw, json)
Hash identifier: mZQyvFq/6ZOPFOUh5N51rkJAIo40zhS8EUqG71MNP/c=
Subject key identifier: 9C:84:DD:B1:82:65:14:1D:C7:48:14:CC:E7:A0:11:57:3A:64:1B:B8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019500A0F2A2A5C1195ECAFAECD4BCD21C1E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nITdsYJlFB3HSBTM56ARVzpkG7g.roa
Signing time: Thu 13 Feb 2025 18:45:02 +0000
ROA not before: Thu 13 Feb 2025 18:45:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.34.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Feb 2025 08:52:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:00:a0:f2:a2:a5:c1:19:5e:ca:fa:ec:d4:bc:d2:1c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 13 18:45:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c84ddb18265141dc74814cce7a011573a641bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2e:c9:98:c3:85:d6:57:cb:46:3c:26:e4:0d:
9f:3d:33:da:06:ee:21:ea:8b:e3:2b:26:8b:8a:e7:
ea:6c:8a:28:a1:3d:96:c7:14:48:e2:94:a0:41:90:
86:a0:50:1c:be:cd:fb:a5:0d:e5:0c:a4:24:e8:f5:
3a:e0:e1:d4:16:f4:c8:73:32:77:7c:e9:0d:82:73:
6f:b5:bc:c0:7f:56:e7:1e:22:f4:6e:63:65:d8:64:
9c:53:4e:8c:c8:a0:22:49:23:31:7e:3e:4e:03:8f:
73:57:0e:52:3b:bb:a9:51:d1:ce:c9:e4:2d:0d:03:
c8:1f:75:29:4c:cb:bd:b7:97:76:15:0c:83:23:34:
40:47:e3:0a:17:87:f5:69:31:e8:63:cb:70:98:2d:
34:56:82:4c:b8:34:91:da:8d:da:ca:ec:2a:03:ba:
06:b4:e5:99:84:d5:93:85:ee:ad:c3:1b:2f:43:59:
3e:a6:ee:c6:46:d6:55:e3:8a:5b:f5:3a:5a:ce:53:
aa:9b:c4:b4:4c:a0:b6:67:ca:67:f6:91:eb:40:1d:
a8:1a:d0:35:43:9f:47:6a:32:93:b8:b5:9a:74:e9:
ee:c9:63:cb:f0:4e:38:3d:70:b9:b7:10:6f:10:2d:
c1:cf:c4:f7:5d:f4:66:fd:ee:bc:06:c0:92:6b:2a:
bb:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:84:DD:B1:82:65:14:1D:C7:48:14:CC:E7:A0:11:57:3A:64:1B:B8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nITdsYJlFB3HSBTM56ARVzpkG7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.64.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.34.0/24
88.216.44.0/23
88.216.66.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.187.0/24
88.216.220.0/24
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:db:fc:03:1e:4d:4c:18:dd:f3:40:36:31:a4:cc:b0:8e:f2:
48:93:68:3c:85:73:be:c5:88:89:64:5e:59:a2:f2:b7:2a:18:
3a:42:ed:d6:93:ac:17:8e:f4:35:c9:b1:80:05:9a:8c:91:f7:
e3:be:44:5a:c0:98:0d:03:94:cd:a1:4c:78:90:69:b4:cf:3e:
dd:e0:f8:42:90:d4:46:f3:90:80:f3:c3:af:ae:6e:64:7c:c0:
4a:86:94:64:9a:47:95:71:17:92:a4:52:af:d4:c3:4a:7b:c0:
31:12:e7:19:cd:8b:b9:c2:9e:0d:01:92:ae:6d:9d:1a:4a:a7:
95:46:b7:43:d0:6f:88:02:99:b8:b6:25:90:78:dd:34:e5:40:
bb:0e:9c:7d:a6:89:4b:69:7d:ee:c7:d4:f7:bf:3c:8c:cb:93:
09:05:bf:6d:9f:43:4a:81:8a:74:08:ba:34:58:66:91:75:cb:
72:f1:f7:35:87:98:18:c7:0e:00:d5:f1:fe:de:2f:9e:25:e6:
52:d7:24:74:2a:0e:f2:ac:da:60:d1:e6:66:e6:43:78:3f:97:
95:dd:db:4e:7f:bd:25:ba:27:25:f7:fd:5b:d4:fb:63:d5:4c:
40:3a:46:31:f9:24:64:21:b6:35:b6:8e:f4:1f:b7:79:ae:10:
e0:bb:25:16
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZUAoPKipcEZXsr67NS80hweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMjEzMTg0NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzg0ZGRiMTgyNjUxNDFkYzc0ODE0Y2NlN2EwMTE1NzNhNjQxYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAky7JmMOF1lfLRjwm5A2fPTPaBu4h
6ovjKyaLiufqbIoooT2WxxRI4pSgQZCGoFAcvs37pQ3lDKQk6PU64OHUFvTIczJ3
fOkNgnNvtbzAf1bnHiL0bmNl2GScU06MyKAiSSMxfj5OA49zVw5SO7upUdHOyeQt
DQPIH3UpTMu9t5d2FQyDIzRAR+MKF4f1aTHoY8twmC00VoJMuDSR2o3ayuwqA7oG
tOWZhNWThe6twxsvQ1k+pu7GRtZV44pb9TpazlOqm8S0TKC2Z8pn9pHrQB2oGtA1
Q59HajKTuLWadOnuyWPL8E44PXC5txBvEC3Bz8T3XfRm/e68BsCSayq7xQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFJyE3bGCZRQdx0gUzOegEVc6ZBu4MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbklUZHNZSmxGQjNIU0JUTTU2QVJWenBrRzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdDAMAwQAVCAH
AwQAVCAIAwQCVCAUAwQBVCAuAwQAVCBAAwQCVCCUAwQBVCCuAwQBVCDWAwQCVCD0
AwQBWNgWAwQAWNgiAwQBWNgsAwQBWNhCAwQAWNhdAwQBWNiCAwQBWNiGAwQAWNi7
AwQAWNjcAwQAWNjfMA0GCSqGSIb3DQEBCwUAA4IBAQAa2/wDHk1MGN3zQDYxpMyw
jvJIk2g8hXO+xYiJZF5ZovK3Khg6Qu3Wk6wXjvQ1ybGABZqMkffjvkRawJgNA5TN
oUx4kGm0zz7d4PhCkNRG85CA88Ovrm5kfMBKhpRkmkeVcReSpFKv1MNKe8AxEucZ
zYu5wp4NAZKubZ0aSqeVRrdD0G+IApm4tiWQeN005UC7Dpx9polLaX3ux9T3vzyM
y5MJBb9tn0NKgYp0CLo0WGaRdcty8fc1h5gYxw4A1fH+3i+eJeZS1yR0Kg7yrNpg
0eZm5kN4P5eV3dtOf70luicl9/1b1Ptj1UxAOkYx+SRkIbY1to70H7d5rhDguyUW
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:52:33 2025 by rpki-client