Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nmKntz6ozv3o1mdnhEQRT94L1iU.roa
File: nmKntz6ozv3o1mdnhEQRT94L1iU.roa (raw, json)
Hash identifier: SFoPDOO/qKxUgi14LnTJVPbGazw5GJIrL+IJUmGwXSY=
Subject key identifier: 9E:62:A7:B7:3E:A8:CE:FD:E8:D6:67:67:84:44:11:4F:DE:0B:D6:25
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0194D5E735A4E7ACC44F8774BE2FEF05B4E3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nmKntz6ozv3o1mdnhEQRT94L1iU.roa
Signing time: Wed 05 Feb 2025 11:38:07 +0000
ROA not before: Wed 05 Feb 2025 11:38:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.34.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 13:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:e7:35:a4:e7:ac:c4:4f:87:74:be:2f:ef:05:b4:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 5 11:38:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e62a7b73ea8cefde8d667678444114fde0bd625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:81:dc:bc:38:dc:92:9f:49:13:90:20:bf:0a:
ba:74:13:52:e1:36:56:d6:38:22:0a:5f:5b:79:1f:
f6:1b:62:00:07:d9:8b:66:08:5a:e8:e7:de:93:a2:
f1:10:62:a5:e8:41:6d:eb:cb:ee:7f:8a:41:9a:a0:
d7:83:5a:9a:dc:84:34:29:a2:74:99:f5:69:b0:b2:
4c:34:b5:5e:77:de:72:03:07:c4:d9:ec:3d:4c:4c:
2c:a8:e5:08:d4:5e:dc:09:dd:61:6d:87:92:ca:a4:
28:0a:ff:fb:62:9a:6c:a0:08:0b:f1:17:36:41:c7:
c2:2b:51:10:41:27:49:68:76:33:60:3a:24:60:21:
a5:57:b4:a7:66:19:e2:d0:3b:82:4e:94:70:e6:bd:
fb:e4:ff:88:fe:a7:af:64:f0:95:36:ac:d0:fc:17:
60:14:cf:19:bc:5f:c0:50:11:8f:ac:48:7a:08:2e:
f7:f7:a5:49:8e:17:b3:f2:fa:3b:4c:2a:38:80:dc:
bc:4e:f0:1e:e2:45:30:07:42:50:99:d8:8a:7b:89:
2c:31:dd:23:ff:8f:d0:cd:ef:3b:ce:16:fb:29:92:
5c:13:f4:c8:03:0d:48:62:35:74:17:1c:39:80:dd:
8a:96:7f:15:64:da:53:54:a7:5b:7f:a6:6a:b2:29:
fa:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:62:A7:B7:3E:A8:CE:FD:E8:D6:67:67:84:44:11:4F:DE:0B:D6:25
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nmKntz6ozv3o1mdnhEQRT94L1iU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.64.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.34.0/24
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:50:74:7b:2d:23:72:b9:9c:88:88:45:8f:3f:2b:91:5b:1c:
fc:56:cb:09:14:57:4d:a1:dd:02:b7:53:8d:bc:d6:18:71:d7:
6b:21:4d:66:d8:9d:05:96:17:ff:a9:46:66:e8:9b:40:9d:f1:
f4:07:06:74:19:47:9d:00:77:b5:c5:e1:54:2c:b0:d1:7c:8b:
13:5c:7e:8d:a0:d3:c9:99:06:52:e7:82:9c:f5:5c:12:60:f6:
bc:f2:42:4e:1d:b4:59:66:cd:72:cb:2f:df:20:f0:99:e7:b2:
7b:b4:95:74:a1:03:66:90:93:e2:ec:b8:ce:a3:cd:a1:4e:d7:
3a:cb:1d:47:99:e1:6d:da:14:68:b9:a9:3d:45:a0:81:79:10:
4a:72:86:07:84:2c:07:b1:22:8a:54:ba:f5:81:74:a9:23:c2:
e5:4b:ef:7b:8c:ec:34:17:6b:62:a5:e4:b8:0b:f7:84:58:36:
5c:f1:0b:8d:47:15:6b:0d:5f:3e:d3:3a:50:d6:3c:58:d6:c7:
1b:8a:5c:7c:fd:d0:5a:0c:e2:c7:d6:c3:34:bb:08:45:25:72:
8b:4f:b0:50:f5:36:a5:56:aa:ea:de:44:56:f7:59:8d:b7:50:
1c:00:ea:7f:90:4f:0b:a9:02:3a:97:e7:a3:4d:96:db:c4:70:
f3:af:07:a3
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZTV5zWk56zET4d0vi/vBbTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMjA1MTEzODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTYyYTdiNzNlYThjZWZkZThkNjY3Njc4NDQ0MTE0ZmRlMGJkNjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YHcvDjckp9JE5Agvwq6dBNS4TZW
1jgiCl9beR/2G2IAB9mLZgha6Ofek6LxEGKl6EFt68vuf4pBmqDXg1qa3IQ0KaJ0
mfVpsLJMNLVed95yAwfE2ew9TEwsqOUI1F7cCd1hbYeSyqQoCv/7YppsoAgL8Rc2
QcfCK1EQQSdJaHYzYDokYCGlV7SnZhni0DuCTpRw5r375P+I/qevZPCVNqzQ/Bdg
FM8ZvF/AUBGPrEh6CC7396VJjhez8vo7TCo4gNy8TvAe4kUwB0JQmdiKe4ksMd0j
/4/Qze87zhb7KZJcE/TIAw1IYjV0Fxw5gN2Kln8VZNpTVKdbf6Zqsin6gQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFJ5ip7c+qM796NZnZ4REEU/eC9YlMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbm1LbnR6Nm96djNvMW1kbmhFUVJUOTRMMWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiMAwDBABUIAcD
BABUIAgDBAJUIBQDBAFUIC4DBABUIEADBAJUIJQDBAFUIK4DBAFUINYDBAJUIPQD
BAFY2BYDBABY2CIDBAFY2CwDBABY2F0DBAFY2IIDBAFY2IYDBABY2NwwDQYJKoZI
hvcNAQELBQADggEBAF5QdHstI3K5nIiIRY8/K5FbHPxWywkUV02h3QK3U4281hhx
12shTWbYnQWWF/+pRmbom0Cd8fQHBnQZR50Ad7XF4VQssNF8ixNcfo2g08mZBlLn
gpz1XBJg9rzyQk4dtFlmzXLLL98g8Jnnsnu0lXShA2aQk+LsuM6jzaFO1zrLHUeZ
4W3aFGi5qT1FoIF5EEpyhgeELAexIopUuvWBdKkjwuVL73uM7DQXa2Kl5LgL94RY
NlzxC41HFWsNXz7TOlDWPFjWxxuKXHz90FoM4sfWwzS7CEUlcotPsFD1NqVWqure
RFb3WY23UBwA6n+QTwupAjqX56NNltvEcPOvB6M=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:10:40 2025 by rpki-client