Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/o0mos3busSeRx4e4lRQyQhQ1jLI.roa
File: o0mos3busSeRx4e4lRQyQhQ1jLI.roa (raw, json)
Hash identifier: KLnhRKrend5roVGMqZgwcceRQFETp93+PpUyu4ea5E8=
Subject key identifier: A3:49:A8:B3:76:EE:B1:27:91:C7:87:B8:95:14:32:42:14:35:8C:B2
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019301321CACF55FA0A2DAD5CFFF01371B2D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/o0mos3busSeRx4e4lRQyQhQ1jLI.roa
Signing time: Wed 06 Nov 2024 11:18:01 +0000
ROA not before: Wed 06 Nov 2024 11:18:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Nov 2024 12:42:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:32:1c:ac:f5:5f:a0:a2:da:d5:cf:ff:01:37:1b:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 6 11:18:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a349a8b376eeb12791c787b89514324214358cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ee:9d:c4:f6:6a:a1:3b:23:97:42:8f:10:91:
4b:9b:e6:c6:de:2d:87:6d:cb:9a:7d:40:74:d8:8d:
b9:f6:22:b8:1e:43:6d:38:4c:fa:be:c8:c1:1f:4d:
8b:ed:ea:43:bf:42:af:7e:18:2a:12:50:41:49:df:
8e:92:e9:bc:33:f2:cc:78:44:a5:ff:7f:28:e5:bb:
70:75:87:b2:f9:c0:43:c0:aa:61:3c:9c:d0:48:26:
35:f4:95:0b:ad:13:46:5d:26:9f:cf:db:43:75:58:
d7:3c:76:85:0f:7f:31:27:8c:b7:a0:67:9a:d7:6f:
c6:36:60:4a:a4:9a:7b:85:76:e8:c3:3d:ae:6c:e0:
e1:3c:f2:47:3d:e6:a5:07:eb:ee:55:a1:a6:9a:a4:
c4:80:fb:08:50:0d:ed:87:79:ce:95:74:e9:96:db:
14:5b:dc:db:75:fe:12:6f:c1:30:8f:dc:25:e7:fe:
50:4a:04:d6:99:fc:92:94:29:60:29:21:c4:b6:7b:
b8:6a:5b:53:88:0b:bf:0b:42:e0:e7:52:16:ab:ff:
ec:a8:c8:02:29:ef:83:e0:c6:f9:18:af:fd:38:6f:
51:a1:14:96:cb:ac:e7:d1:88:66:08:a6:87:6a:b1:
2c:5a:f6:28:08:9f:c1:6a:52:c9:4c:8b:ac:f2:1c:
b4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:49:A8:B3:76:EE:B1:27:91:C7:87:B8:95:14:32:42:14:35:8C:B2
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/o0mos3busSeRx4e4lRQyQhQ1jLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.70.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.181.0/24
88.216.197.0/24
88.216.220.0/24
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
75:78:2b:c9:63:71:9e:39:21:d1:73:8a:d0:85:ee:66:91:59:
53:33:6c:13:8c:30:81:48:ef:79:78:85:d0:0e:48:cc:d6:f4:
f4:56:da:76:0c:52:fb:ab:ce:11:f5:e6:e3:82:86:55:0f:97:
53:b7:99:c1:b2:4c:5c:7a:37:ca:72:bd:69:d9:9a:53:24:b5:
70:2a:61:99:b0:c7:1a:bb:09:b1:97:1d:9b:02:47:89:72:c2:
9a:77:f7:66:4e:09:27:a3:5f:8f:99:d9:d3:d2:34:84:3e:11:
4d:0b:36:f7:6d:3d:6f:95:da:45:a7:ed:a1:4f:a4:19:2c:c2:
5b:2d:17:3f:e8:2a:4e:3c:c1:44:24:be:8d:86:ef:67:a6:6b:
36:0b:31:d8:cc:23:8c:44:d7:57:19:df:c1:e3:59:fe:07:94:
97:96:69:35:5d:88:aa:48:f5:b4:e2:ce:61:fe:62:ed:45:d7:
d7:9e:67:2d:0f:98:e9:4f:a0:d2:5c:da:ab:1e:96:71:0f:d6:
68:a8:91:47:8e:eb:02:66:12:33:71:e1:cb:45:5e:ea:35:e6:
c7:6d:84:1b:c0:46:21:a8:df:b4:b2:31:05:82:15:41:fc:35:
83:21:74:5c:56:71:94:a1:f0:5e:32:5b:0e:4e:78:bb:ef:51:
09:47:78:fd
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZMBMhys9V+gotrVz/8BNxstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQxMTA2MTExODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ5YThiMzc2ZWViMTI3OTFjNzg3Yjg5NTE0MzI0MjE0MzU4Y2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO6dxPZqoTsjl0KPEJFLm+bG3i2H
bcuafUB02I259iK4HkNtOEz6vsjBH02L7epDv0KvfhgqElBBSd+Okum8M/LMeESl
/38o5btwdYey+cBDwKphPJzQSCY19JULrRNGXSafz9tDdVjXPHaFD38xJ4y3oGea
12/GNmBKpJp7hXbowz2ubODhPPJHPealB+vuVaGmmqTEgPsIUA3th3nOlXTpltsU
W9zbdf4Sb8Ewj9wl5/5QSgTWmfySlClgKSHEtnu4altTiAu/C0Lg51IWq//sqMgC
Ke+D4Mb5GK/9OG9RoRSWy6zn0YhmCKaHarEsWvYoCJ/BalLJTIus8hy0gwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFKNJqLN27rEnkceHuJUUMkIUNYyyMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbzBtb3MzYnVzU2VSeDRlNGxSUXlRaFExakxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfDAMAwQA
VCAHAwQAVCAIMAwDBAJUIBQDBAJUIBgDBAFUIC4DBABUIEYDBABUIF8DBAJUIJQD
BAFUIK4DBAFUINYDBAJUIPQDBAFY2BYDBAFY2CwDBABY2F0DBAFY2IIDBAFY2IYD
BABY2LUDBABY2MUDBABY2NwDBABY2N8wDQYJKoZIhvcNAQELBQADggEBAHV4K8lj
cZ45IdFzitCF7maRWVMzbBOMMIFI73l4hdAOSMzW9PRW2nYMUvurzhH15uOChlUP
l1O3mcGyTFx6N8pyvWnZmlMktXAqYZmwxxq7CbGXHZsCR4lywpp392ZOCSejX4+Z
2dPSNIQ+EU0LNvdtPW+V2kWn7aFPpBkswlstFz/oKk48wUQkvo2G72emazYLMdjM
I4xE11cZ38HjWf4HlJeWaTVdiKpI9bTizmH+Yu1F19eeZy0PmOlPoNJc2qselnEP
1miokUeO6wJmEjNx4ctFXuo15sdthBvARiGo37SyMQWCFUH8NYMhdFxWcZSh8F4y
Ww5OeLvvUQlHeP0=
-----END CERTIFICATE-----
Generated at Sat Nov 9 17:00:40 2024 by rpki-client on console-fra.rpki-client.org