Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/prGn59soaiZ-8IfYqJOmMRNu96w.roa
File: prGn59soaiZ-8IfYqJOmMRNu96w.roa (raw, json)
Hash identifier: Im9mX5Iog/BWKM9xdraoMZS7B+0iTpq0pahcxp9UmOw=
Subject key identifier: A6:B1:A7:E7:DB:28:6A:26:7E:F0:87:D8:A8:93:A6:31:13:6E:F7:AC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018751BA4514886E3E2FECE331915E66BF52
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/prGn59soaiZ-8IfYqJOmMRNu96w.roa
Signing time: Wed 05 Apr 2023 14:02:54 +0000
ROA not before: Wed 05 Apr 2023 14:02:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.63.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
84.32.32.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Apr 2023 17:50:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:ba:45:14:88:6e:3e:2f:ec:e3:31:91:5e:66:bf:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 5 14:02:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6b1a7e7db286a267ef087d8a893a631136ef7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cc:49:3b:e0:21:64:ff:88:80:8a:a8:d2:ed:
ca:51:da:0f:57:39:89:55:b8:45:41:8a:0d:8c:9f:
1e:2a:02:93:13:06:90:2b:5e:6e:6d:18:5f:0c:83:
dd:fd:26:f6:69:4b:bb:17:e2:21:d4:37:3f:c8:81:
a5:c9:0a:25:2f:cb:0d:07:c7:42:71:18:04:fd:14:
0b:59:ce:80:3f:25:59:a5:e3:06:44:6b:17:e9:c3:
2e:d4:e3:29:90:fa:3e:58:7c:6c:6b:f5:17:fc:a9:
33:85:da:fd:f3:2b:4b:91:01:a7:58:b4:92:9e:90:
d4:97:c0:4b:96:f6:a6:00:33:4d:4c:59:f6:96:f3:
37:88:15:4e:33:30:21:97:32:91:99:e5:5d:be:85:
f3:69:2c:00:f7:e4:3e:c0:17:35:44:89:a2:78:f7:
2b:05:28:53:b5:7c:d9:67:d0:4f:b6:1b:65:ba:c2:
7e:1f:81:94:22:7e:77:a3:63:86:b4:7e:86:4d:e3:
b1:8c:3b:90:59:b9:8d:c5:0e:7d:2a:8f:5a:9d:c5:
e4:1e:1b:1d:79:10:11:18:50:c6:ff:ce:d2:70:9d:
21:50:ce:65:86:39:54:9e:1a:20:a9:56:b6:d5:c1:
07:9d:ce:4c:1c:61:86:09:3a:13:97:25:5c:bd:4f:
ac:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B1:A7:E7:DB:28:6A:26:7E:F0:87:D8:A8:93:A6:31:13:6E:F7:AC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/prGn59soaiZ-8IfYqJOmMRNu96w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.32.0/24
84.32.63.0/24
84.32.95.0/24
88.216.2.0/24
88.216.34.0/24
88.216.181.0/24
88.216.186.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
35:ab:d6:d4:78:85:07:b1:34:37:9a:86:49:16:71:a2:d2:0b:
54:2e:33:68:00:86:a1:0f:81:72:95:bb:96:fd:0b:c2:d1:22:
a8:01:4c:08:bd:b5:5f:74:0d:d6:4e:17:87:d8:67:43:45:c8:
a6:42:75:4e:4e:9e:3f:6f:bb:86:40:ef:e2:64:0e:20:24:0a:
18:d3:66:bf:d3:09:11:f4:41:2e:02:d5:cd:b8:3a:79:31:e2:
69:ce:17:9a:bb:2f:d1:95:41:bd:fa:ab:04:65:61:8a:47:e6:
4f:82:8e:c5:93:f3:83:04:ad:e9:bd:97:a8:2f:19:62:26:6c:
7a:1b:9a:e8:f6:45:94:47:1d:79:9a:c4:b8:37:67:e4:a1:56:
9a:5d:f9:52:50:96:ff:ec:83:d8:de:8d:c9:d4:f6:7b:5e:61:
21:e6:77:c5:cb:4e:39:1c:4b:cc:10:af:d2:e3:42:0f:75:25:
9d:33:bc:ab:3e:64:98:09:fe:cc:36:b3:c7:14:98:ed:c8:0c:
6e:b7:16:00:75:f9:df:53:cd:44:72:c2:4e:4a:f1:0e:1e:39:
f5:2b:58:ea:c8:17:c8:a7:03:4e:0c:46:a9:7e:d0:ad:43:05:
b3:6b:08:a1:2d:4d:7c:28:8a:ce:f7:a6:d1:4f:56:57:65:b5:
4a:bf:aa:3f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYdRukUUiG4+L+zjMZFeZr9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDA1MTQwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmIxYTdlN2RiMjg2YTI2N2VmMDg3ZDhhODkzYTYzMTEzNmVmN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8xJO+AhZP+IgIqo0u3KUdoPVzmJ
VbhFQYoNjJ8eKgKTEwaQK15ubRhfDIPd/Sb2aUu7F+Ih1Dc/yIGlyQolL8sNB8dC
cRgE/RQLWc6APyVZpeMGRGsX6cMu1OMpkPo+WHxsa/UX/Kkzhdr98ytLkQGnWLSS
npDUl8BLlvamADNNTFn2lvM3iBVOMzAhlzKRmeVdvoXzaSwA9+Q+wBc1RImiePcr
BShTtXzZZ9BPthtlusJ+H4GUIn53o2OGtH6GTeOxjDuQWbmNxQ59Ko9ancXkHhsd
eRARGFDG/87ScJ0hUM5lhjlUnhogqVa21cEHnc5MHGGGCToTlyVcvU+s5QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKaxp+fbKGomfvCH2KiTpjETbvesMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcHJHbjU5c29haVotOElmWXFKT21NUk51OTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVCAgAwQA
VCA/AwQAVCBfAwQAWNgCAwQAWNgiAwQAWNi1AwQAWNi6AwQAWNjFMA0GCSqGSIb3
DQEBCwUAA4IBAQA1q9bUeIUHsTQ3moZJFnGi0gtULjNoAIahD4FylbuW/QvC0SKo
AUwIvbVfdA3WTheH2GdDRcimQnVOTp4/b7uGQO/iZA4gJAoY02a/0wkR9EEuAtXN
uDp5MeJpzheauy/RlUG9+qsEZWGKR+ZPgo7Fk/ODBK3pvZeoLxliJmx6G5ro9kWU
Rx15msS4N2fkoVaaXflSUJb/7IPY3o3J1PZ7XmEh5nfFy045HEvMEK/S40IPdSWd
M7yrPmSYCf7MNrPHFJjtyAxutxYAdfnfU81EcsJOSvEOHjn1K1jqyBfIpwNODEap
ftCtQwWzawihLU18KIrO96bRT1ZXZbVKv6o/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org