Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/phWYphxspz9RHup_nuxxeiQtvP8.roa
File: phWYphxspz9RHup_nuxxeiQtvP8.roa (raw, json)
Hash identifier: cbNIJPi8Vb8yChCC+LQd8hr6ujRFnlFtZ4QYWrLjjmw=
Subject key identifier: A6:15:98:A6:1C:6C:A7:3F:51:1E:EA:7F:9E:EC:71:7A:24:2D:BC:FF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018D3249772EE1E8C6850926EC88AF996E1E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/phWYphxspz9RHup_nuxxeiQtvP8.roa
Signing time: Mon 22 Jan 2024 17:48:11 +0000
ROA not before: Mon 22 Jan 2024 17:48:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 84.32.25.0/24 maxlen: 24
84.32.26.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 13:10:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:32:49:77:2e:e1:e8:c6:85:09:26:ec:88:af:99:6e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 22 17:48:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a61598a61c6ca73f511eea7f9eec717a242dbcff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2a:0b:cb:0f:66:46:c9:1c:56:f5:8d:e0:41:
d9:ba:c8:fb:30:d9:de:46:dd:ef:d8:0d:93:77:8e:
e8:56:0c:81:f8:da:8e:c9:ea:de:78:18:4a:93:c9:
bc:89:1c:3a:1f:98:83:97:60:68:30:54:8b:2c:8a:
bd:59:2c:7d:f7:6c:fc:3c:c2:66:7e:95:f7:e4:e1:
c1:f2:b2:e0:66:f4:63:88:5f:4c:a6:88:6f:e4:20:
d0:18:d3:b9:db:48:ff:32:dc:6a:71:9a:09:b6:6d:
ea:09:a3:12:54:e8:c2:cf:eb:36:82:02:2f:c9:6e:
1c:9d:de:16:eb:0b:35:3e:41:05:32:b1:cf:01:d4:
ed:a5:8b:02:e5:68:26:17:de:e0:8c:cd:e6:e2:39:
ee:df:ad:06:26:52:e1:1c:4f:ea:69:d4:b5:5f:00:
45:1a:73:24:38:60:bc:ef:5b:fc:8d:62:27:36:13:
d5:3b:ed:25:b2:f1:fa:7f:91:81:39:e0:d8:d2:fc:
a5:28:00:4d:bf:05:c5:57:33:1c:47:3f:57:9a:6e:
dd:c0:60:1a:26:8b:b3:87:b4:a2:6d:5e:62:35:6c:
fe:0c:ef:67:ab:96:95:a0:ff:63:fc:9b:ae:f7:15:
6b:ad:12:ca:6d:cf:37:0d:88:e9:0e:8d:97:0f:2f:
e6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:15:98:A6:1C:6C:A7:3F:51:1E:EA:7F:9E:EC:71:7A:24:2D:BC:FF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/phWYphxspz9RHup_nuxxeiQtvP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.25.0-84.32.26.255
84.32.39.0/24
88.216.187.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:f9:36:50:fc:ad:e5:8e:b3:4b:46:75:ff:65:ec:53:b6:77:
8e:0d:26:90:fc:20:77:aa:09:4b:e9:84:a1:aa:ba:54:2a:86:
e7:80:ef:be:16:0e:b5:80:6a:f6:65:67:80:7f:f1:1a:97:4f:
e3:d9:bd:9e:84:ce:63:ed:87:17:af:e4:99:f1:e9:49:1e:b0:
e1:3b:7b:0d:2c:30:bb:48:3e:62:9f:cf:ec:26:b1:50:53:34:
d2:13:a8:2f:82:70:b7:ab:ba:7e:89:1a:8a:80:a3:82:30:84:
63:a2:4d:b6:fd:83:f2:68:8a:cf:16:e2:39:c7:a8:b6:59:21:
45:06:2d:c4:f9:65:1e:f2:c7:3f:77:df:9d:b2:32:07:2c:02:
ea:50:52:99:73:d4:ec:f4:18:23:57:1c:11:26:2e:5a:21:3a:
46:8b:28:0b:4a:52:2a:62:44:b5:e8:d9:7f:18:d3:ea:bd:00:
88:1b:f8:ac:fa:66:35:36:f3:f0:61:1b:57:34:cc:90:c0:e4:
7d:15:9f:c5:f1:68:e8:14:e4:6f:f0:c9:95:1d:41:bd:2b:eb:
40:80:2a:e6:b2:30:39:ae:c2:21:31:61:a8:1a:8b:7c:09:76:
f1:63:94:7b:53:9a:d3:be:21:91:e9:53:17:76:c6:d9:8d:ce:
67:6a:7f:e0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY0ySXcu4ejGhQkm7IivmW4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTIyMTc0ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjE1OThhNjFjNmNhNzNmNTExZWVhN2Y5ZWVjNzE3YTI0MmRiY2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyoLyw9mRskcVvWN4EHZusj7MNne
Rt3v2A2Td47oVgyB+NqOyereeBhKk8m8iRw6H5iDl2BoMFSLLIq9WSx992z8PMJm
fpX35OHB8rLgZvRjiF9Mpohv5CDQGNO520j/MtxqcZoJtm3qCaMSVOjCz+s2ggIv
yW4cnd4W6ws1PkEFMrHPAdTtpYsC5WgmF97gjM3m4jnu360GJlLhHE/qadS1XwBF
GnMkOGC871v8jWInNhPVO+0lsvH6f5GBOeDY0vylKABNvwXFVzMcRz9Xmm7dwGAa
Jouzh7SibV5iNWz+DO9nq5aVoP9j/Juu9xVrrRLKbc83DYjpDo2XDy/mZwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKYVmKYcbKc/UR7qf57scXokLbz/MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcGhXWXBoeHNwejlSSHVwX251eHhlaVF0dlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABUIBkD
BABUIBoDBABUICcDBABY2LsDBABY2MUwDQYJKoZIhvcNAQELBQADggEBAF/5NlD8
reWOs0tGdf9l7FO2d44NJpD8IHeqCUvphKGqulQqhueA774WDrWAavZlZ4B/8RqX
T+PZvZ6EzmPthxev5Jnx6UkesOE7ew0sMLtIPmKfz+wmsVBTNNITqC+CcLerun6J
GoqAo4IwhGOiTbb9g/Jois8W4jnHqLZZIUUGLcT5ZR7yxz93352yMgcsAupQUplz
1Oz0GCNXHBEmLlohOkaLKAtKUipiRLXo2X8Y0+q9AIgb+Kz6ZjU28/BhG1c0zJDA
5H0Vn8XxaOgU5G/wyZUdQb0r60CAKuayMDmuwiExYagai3wJdvFjlHtTmtO+IZHp
Uxd2xtmNzmdqf+A=
-----END CERTIFICATE-----
Generated at Fri Jan 26 18:26:14 2024 by rpki-client on console-fra.rpki-client.org