Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pIREB3Fsc9k59ZAIdAE1-2YgAE8.roa
File: pIREB3Fsc9k59ZAIdAE1-2YgAE8.roa (raw, json)
Hash identifier: 2ycKvfxRy/2pqlZezQVt8XeHEs0oMtUN+WPRpQzHFZM=
Subject key identifier: A4:84:44:07:71:6C:73:D9:39:F5:90:08:74:01:35:FB:66:20:00:4F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018580C888B08BEA171C9AA5CB42EE89FADF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pIREB3Fsc9k59ZAIdAE1-2YgAE8.roa
Signing time: Thu 05 Jan 2023 07:15:03 +0000
ROA not before: Thu 05 Jan 2023 07:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205570
IP address blocks: 84.32.178.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.90.0/23 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
88.216.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jan 2023 06:40:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:80:c8:88:b0:8b:ea:17:1c:9a:a5:cb:42:ee:89:fa:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 5 07:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4844407716c73d939f59008740135fb6620004f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:59:51:47:40:e7:e6:58:ba:55:74:e9:b1:24:
1a:6c:9d:da:c6:a7:2e:ea:18:fb:73:9d:6d:4c:83:
52:7b:b1:04:d8:04:da:6e:08:48:0d:0e:2e:4e:5c:
ea:e8:1b:c5:2f:81:36:9b:49:fb:7e:a7:61:f6:ac:
0d:4b:e1:0c:e8:de:52:86:d6:59:ce:22:88:19:fd:
35:04:8c:c6:bd:52:cf:c2:a9:e7:d8:c7:39:b9:86:
73:c0:cf:ca:b6:ad:44:26:dc:a4:f5:23:71:30:e0:
8a:4f:56:3f:b1:73:dc:43:04:a2:af:e7:c3:04:e9:
ef:87:d6:2c:a4:9e:12:cc:7d:17:a6:e0:36:fe:b4:
21:7f:0f:53:2b:45:7c:fa:9b:76:5b:9e:b4:63:45:
be:2b:49:2d:56:59:b2:55:56:a0:9d:24:75:90:00:
c5:34:fa:c3:6f:2e:52:1e:3d:70:88:cc:ee:14:67:
5c:4d:d0:cc:3c:7e:e6:14:db:de:3b:37:ad:3f:bd:
cc:87:6d:d9:4b:7c:29:7a:34:51:05:3b:65:09:d1:
90:39:47:85:2b:3a:52:3a:63:37:04:49:cf:f8:15:
09:5f:1b:0a:b7:60:13:66:e2:3c:a7:4b:ed:b5:ab:
33:cc:12:98:23:44:c9:fb:cc:58:f2:67:d1:13:97:
b5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:84:44:07:71:6C:73:D9:39:F5:90:08:74:01:35:FB:66:20:00:4F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pIREB3Fsc9k59ZAIdAE1-2YgAE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.90.0/23
84.32.178.0/23
84.32.212.0/24
84.32.220.0/24
84.32.222.0/24
88.216.135.0/24
Signature Algorithm: sha256WithRSAEncryption
70:35:86:3c:b3:3d:14:3d:56:00:ed:51:48:04:4c:ce:d4:c4:
58:f8:54:14:78:25:89:37:f4:53:8f:83:28:dd:b6:62:74:b0:
09:28:33:92:af:09:02:77:1b:d8:d2:35:68:82:08:42:40:3c:
2f:00:71:6d:bd:e7:0d:64:30:18:ea:63:96:29:9d:2d:b6:b0:
f5:b0:86:d5:96:02:bf:e6:74:e4:e8:f3:93:d9:f0:02:79:b7:
6f:7e:f9:6f:1e:03:e3:05:8a:17:5d:88:f4:f7:8c:17:b1:21:
8e:7d:4d:c3:8c:e5:fe:da:ad:60:e9:d7:ab:d8:57:4b:58:34:
ad:d2:b1:6c:e0:af:dc:1e:9d:64:4f:5b:c0:68:db:e2:e2:7c:
8c:2b:a2:ba:f2:a5:81:bd:48:22:f4:d5:32:c2:8d:d5:cc:dd:
d8:70:83:ec:d7:be:13:2c:1e:d5:1f:de:05:89:62:e8:63:25:
54:c0:6a:36:b1:ef:c8:41:07:03:a8:39:78:48:58:0c:e5:cc:
8f:87:2d:f5:70:a2:ec:79:86:c4:5b:61:5f:2e:c0:b8:d9:2a:
f9:b0:d6:5f:f4:fb:5e:7c:ac:0d:43:2d:4f:ef:e7:bc:f6:45:
26:55:78:86:94:28:87:45:f2:89:cb:ca:d6:81:da:a3:ce:77:
8e:d5:77:83
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYWAyIiwi+oXHJqly0LuifrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTA1MDcxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDg0NDQwNzcxNmM3M2Q5MzlmNTkwMDg3NDAxMzVmYjY2MjAwMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFlRR0Dn5li6VXTpsSQabJ3axqcu
6hj7c51tTINSe7EE2ATabghIDQ4uTlzq6BvFL4E2m0n7fqdh9qwNS+EM6N5ShtZZ
ziKIGf01BIzGvVLPwqnn2Mc5uYZzwM/Ktq1EJtyk9SNxMOCKT1Y/sXPcQwSir+fD
BOnvh9YspJ4SzH0XpuA2/rQhfw9TK0V8+pt2W560Y0W+K0ktVlmyVVagnSR1kADF
NPrDby5SHj1wiMzuFGdcTdDMPH7mFNveOzetP73Mh23ZS3wpejRRBTtlCdGQOUeF
KzpSOmM3BEnP+BUJXxsKt2ATZuI8p0vttaszzBKYI0TJ+8xY8mfRE5e1KQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKSERAdxbHPZOfWQCHQBNftmIABPMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcElSRUIzRnNjOWs1OVpBSWRBRTEtMllnQUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVCBaAwQB
VCCyAwQAVCDUAwQAVCDcAwQAVCDeAwQAWNiHMA0GCSqGSIb3DQEBCwUAA4IBAQBw
NYY8sz0UPVYA7VFIBEzO1MRY+FQUeCWJN/RTj4Mo3bZidLAJKDOSrwkCdxvY0jVo
gghCQDwvAHFtvecNZDAY6mOWKZ0ttrD1sIbVlgK/5nTk6POT2fACebdvfvlvHgPj
BYoXXYj094wXsSGOfU3DjOX+2q1g6der2FdLWDSt0rFs4K/cHp1kT1vAaNvi4nyM
K6K68qWBvUgi9NUywo3VzN3YcIPs174TLB7VH94FiWLoYyVUwGo2se/IQQcDqDl4
SFgM5cyPhy31cKLseYbEW2FfLsC42Sr5sNZf9PtefKwNQy1P7+e89kUmVXiGlCiH
RfKJy8rWgdqjzneO1XeD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org