Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pGzQwllYJ9LV1H-tkd1o8DRAZEA.roa
File: pGzQwllYJ9LV1H-tkd1o8DRAZEA.roa (raw, json)
Hash identifier: WznjfSPCoWY1vNVuFFN8ZNvUqNlpEUQK1NC1LESoz3I=
Subject key identifier: A4:6C:D0:C2:59:58:27:D2:D5:D4:7F:AD:91:DD:68:F0:34:40:64:40
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185A57B626FE9EB2A984067C4B8AAB57F6C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pGzQwllYJ9LV1H-tkd1o8DRAZEA.roa
Signing time: Thu 12 Jan 2023 10:16:44 +0000
ROA not before: Thu 12 Jan 2023 10:16:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.79.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.129.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Jan 2023 13:52:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:7b:62:6f:e9:eb:2a:98:40:67:c4:b8:aa:b5:7f:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 12 10:16:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a46cd0c2595827d2d5d47fad91dd68f034406440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9c:32:1c:0a:73:7f:f3:26:9a:4d:7f:76:55:
95:1a:a9:9f:17:b3:6e:a3:38:18:a5:ab:35:b3:4c:
b3:a3:5c:c1:57:4f:55:99:0f:a4:e8:93:8c:aa:02:
38:b4:a5:c6:49:b6:6f:ab:37:dc:7c:e2:0e:d8:5e:
a5:b6:7e:4c:68:39:7b:db:1e:65:74:ea:c8:2e:6f:
86:a7:c3:be:1f:0a:48:a4:28:a9:a6:75:4d:17:c1:
c4:2a:1e:62:72:19:73:e5:aa:b3:7d:3d:ae:33:87:
5b:38:08:cc:3c:df:e0:df:b1:da:9c:16:65:ad:13:
55:5d:d3:9f:04:d6:05:4f:7f:e4:ff:f4:4d:9e:a1:
94:6a:0f:78:dd:16:cf:fe:31:62:fe:b3:f7:7c:a3:
58:97:3e:98:38:d7:01:83:b2:63:a0:ad:17:31:f3:
4c:f9:73:47:d7:ab:6b:90:88:31:1c:76:99:33:e7:
4a:96:fb:32:76:21:76:cf:2d:ff:6c:a9:00:a2:d0:
97:2f:63:f3:1f:a5:64:e6:a0:e8:d9:6d:58:ad:dc:
d8:4a:31:e1:d9:f4:d6:ee:ae:3d:b4:e6:f7:25:e1:
0c:c7:e6:ad:c7:e7:e6:64:e5:37:db:db:64:f0:b0:
fd:0b:ad:77:26:9a:d5:eb:61:63:72:24:cb:12:e2:
42:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6C:D0:C2:59:58:27:D2:D5:D4:7F:AD:91:DD:68:F0:34:40:64:40
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pGzQwllYJ9LV1H-tkd1o8DRAZEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.30.0/24
84.32.79.0/24
84.32.212.0/24
84.32.221.0/24
88.216.129.0/24
88.216.224.0/22
Signature Algorithm: sha256WithRSAEncryption
16:5e:af:46:ad:b5:c3:ab:43:ae:58:f9:5b:cf:50:b7:62:bd:
71:01:51:84:8a:9f:c6:44:8f:12:c7:ae:af:dd:fa:0e:2e:d4:
eb:47:65:9f:cc:20:14:d7:3f:bb:f3:ea:bb:4e:fd:13:ad:10:
a4:29:8f:ac:9a:5b:2b:bd:15:45:ca:ce:c0:e7:b0:c2:8a:6b:
82:15:c9:9d:f6:13:a4:20:b3:e8:26:e1:d1:6a:02:c9:57:eb:
fd:97:5a:f8:e6:37:0f:31:30:64:e6:62:18:2f:cd:81:9e:c8:
03:9b:fc:a8:e4:12:0c:ae:43:d7:66:b2:de:c2:32:4a:f2:10:
3e:55:b4:74:4e:c1:c6:96:10:d0:3f:48:31:4e:c0:86:ab:02:
ed:67:90:fe:55:6f:31:82:68:20:04:82:ca:ab:e5:df:a9:6b:
1f:ff:92:f0:b9:60:03:53:7c:2d:14:54:83:c2:3b:4e:64:a2:
81:37:eb:8e:7f:aa:15:76:81:ad:a8:04:9d:b5:eb:91:d1:d3:
c8:f3:80:3a:66:ff:1b:00:2e:36:bb:74:29:29:da:f5:7e:7e:
f8:12:c5:a4:2e:0f:51:56:06:57:3a:c0:38:6b:ba:6b:50:8b:
ab:ba:c9:e1:77:88:4b:f0:af:4d:9e:14:65:7d:c6:c5:ff:19:
b2:c3:55:0b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYWle2Jv6esqmEBnxLiqtX9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTEyMTAxNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZjZDBjMjU5NTgyN2QyZDVkNDdmYWQ5MWRkNjhmMDM0NDA2NDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZwyHApzf/Mmmk1/dlWVGqmfF7Nu
ozgYpas1s0yzo1zBV09VmQ+k6JOMqgI4tKXGSbZvqzfcfOIO2F6ltn5MaDl72x5l
dOrILm+Gp8O+HwpIpCippnVNF8HEKh5ichlz5aqzfT2uM4dbOAjMPN/g37HanBZl
rRNVXdOfBNYFT3/k//RNnqGUag943RbP/jFi/rP3fKNYlz6YONcBg7JjoK0XMfNM
+XNH16trkIgxHHaZM+dKlvsydiF2zy3/bKkAotCXL2PzH6Vk5qDo2W1YrdzYSjHh
2fTW7q49tOb3JeEMx+atx+fmZOU329tk8LD9C613JprV62FjciTLEuJCcQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKRs0MJZWCfS1dR/rZHdaPA0QGRAMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcEd6UXdsbFlKOUxWMUgtdGtkMW84RFJBWkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCVCAYAwQA
VCAeAwQAVCBPAwQAVCDUAwQAVCDdAwQAWNiBAwQCWNjgMA0GCSqGSIb3DQEBCwUA
A4IBAQAWXq9GrbXDq0OuWPlbz1C3Yr1xAVGEip/GRI8Sx66v3foOLtTrR2WfzCAU
1z+78+q7Tv0TrRCkKY+smlsrvRVFys7A57DCimuCFcmd9hOkILPoJuHRagLJV+v9
l1r45jcPMTBk5mIYL82BnsgDm/yo5BIMrkPXZrLewjJK8hA+VbR0TsHGlhDQP0gx
TsCGqwLtZ5D+VW8xgmggBILKq+XfqWsf/5LwuWADU3wtFFSDwjtOZKKBN+uOf6oV
doGtqASdteuR0dPI84A6Zv8bAC42u3QpKdr1fn74EsWkLg9RVgZXOsA4a7prUIur
usnhd4hL8K9NnhRlfcbF/xmyw1UL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org