Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/q0GtkWhq6m83QHPkoZzd8KzcLFE.roa
File: q0GtkWhq6m83QHPkoZzd8KzcLFE.roa (raw, json)
Hash identifier: aRPI9uqUmjs5CnOtF5pP+1ahfTGCsOy91mG1zqn88Ig=
Subject key identifier: AB:41:AD:91:68:6A:EA:6F:37:40:73:E4:A1:9C:DD:F0:AC:DC:2C:51
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188328CE4FDFE32C5F2FBF5E1C98BC5C54A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/q0GtkWhq6m83QHPkoZzd8KzcLFE.roa
Signing time: Fri 19 May 2023 05:47:54 +0000
ROA not before: Fri 19 May 2023 05:47:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.63.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.32.0/24 maxlen: 24
84.32.178.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
88.216.2.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:32:8c:e4:fd:fe:32:c5:f2:fb:f5:e1:c9:8b:c5:c5:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 19 05:47:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab41ad91686aea6f374073e4a19cddf0acdc2c51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:56:e3:a3:87:64:52:3b:1e:ce:8a:c8:07:85:
12:ab:7e:87:d8:a1:bd:7a:67:07:d4:67:0a:1b:86:
eb:47:67:9f:94:75:25:ab:14:bb:67:44:21:5b:0e:
a2:e4:2c:19:c9:f2:2d:b4:ec:03:2b:d8:8d:52:50:
61:a9:86:18:50:b8:8d:8b:6b:81:2d:4f:a0:db:41:
b9:cb:41:d0:d0:5c:19:5c:a0:74:dd:e7:51:dc:5d:
44:35:3b:03:94:17:2e:24:9f:a8:a6:34:cb:37:9f:
3e:3b:88:ec:2c:48:d7:b4:43:4a:af:10:6e:72:33:
06:7e:4b:b4:7b:8a:dd:53:a9:d5:fa:ac:5d:13:5c:
cb:1c:37:f5:96:3e:19:2f:1a:47:09:67:42:ab:84:
71:1c:65:c6:54:28:ac:7c:8b:43:ce:eb:a5:c5:de:
7a:23:ef:6b:1f:93:79:85:8e:24:b2:c4:66:8b:14:
59:fb:2a:37:bc:13:d3:3a:96:2a:26:bf:76:a4:36:
b6:fe:cf:15:c2:d6:c0:e0:7e:e6:ab:75:94:1d:2d:
5c:b1:78:18:61:23:2b:b9:6a:e5:40:69:3c:83:40:
29:0c:3f:ed:df:6d:4f:7d:e2:b6:0a:2c:f1:89:74:
d9:4e:7d:9b:96:da:ca:48:ef:60:b2:10:20:66:6b:
8d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:41:AD:91:68:6A:EA:6F:37:40:73:E4:A1:9C:DD:F0:AC:DC:2C:51
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/q0GtkWhq6m83QHPkoZzd8KzcLFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.15.0/24
84.32.24.0/24
84.32.32.0/24
84.32.63.0/24
84.32.95.0/24
84.32.149.0/24
84.32.151.0-84.32.152.255
84.32.154.0/24
84.32.174.0/23
84.32.178.0/23
88.216.2.0/24
88.216.34.0/24
88.216.41.0/24
88.216.186.0/24
Signature Algorithm: sha256WithRSAEncryption
66:c3:69:e0:7d:0e:95:09:30:0f:b8:31:14:bb:5c:ec:c6:61:
23:ea:2f:35:48:f6:ca:d5:cc:31:0a:11:f7:9a:b4:a0:11:fa:
73:35:10:aa:38:67:f7:ec:4c:57:82:ab:25:45:f7:44:49:6d:
cf:ac:41:09:ee:f1:4a:8a:ec:10:1f:c4:26:ef:3a:3a:94:28:
04:87:13:b8:fd:93:59:0b:ac:ab:f1:d2:90:22:ac:14:61:28:
d4:5d:c9:5f:1b:fb:d8:81:9c:29:f4:69:24:b5:14:6c:95:f4:
bb:9d:32:2e:34:69:9b:8e:7e:f3:77:5c:b6:76:ea:95:31:2f:
45:3e:f6:f0:bd:71:d5:ce:89:80:2d:7f:65:95:80:a8:3d:3a:
d5:fc:e4:d2:f5:f9:a5:90:60:0c:58:5b:95:ed:2c:55:4e:a2:
55:c4:c8:1c:36:fb:01:bd:49:f8:04:87:6d:9a:c0:7c:21:cb:
3b:bc:36:ac:3a:85:a1:b8:65:ee:a8:1d:74:6e:23:7d:69:e8:
a3:c5:9a:75:77:c3:48:b7:4b:7a:a1:13:32:0a:a8:ea:1b:25:
13:87:75:56:7d:c6:42:de:da:62:06:a5:89:5b:2f:da:17:12:
63:3c:b1:7b:3d:48:08:64:a6:6f:71:a5:bb:6c:43:a3:72:78:
81:70:9d:1b
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYgyjOT9/jLF8vv14cmLxcVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTE5MDU0NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjQxYWQ5MTY4NmFlYTZmMzc0MDczZTRhMTljZGRmMGFjZGMyYzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVbjo4dkUjsezorIB4USq36H2KG9
emcH1GcKG4brR2eflHUlqxS7Z0QhWw6i5CwZyfIttOwDK9iNUlBhqYYYULiNi2uB
LU+g20G5y0HQ0FwZXKB03edR3F1ENTsDlBcuJJ+opjTLN58+O4jsLEjXtENKrxBu
cjMGfku0e4rdU6nV+qxdE1zLHDf1lj4ZLxpHCWdCq4RxHGXGVCisfItDzuulxd56
I+9rH5N5hY4kssRmixRZ+yo3vBPTOpYqJr92pDa2/s8VwtbA4H7mq3WUHS1csXgY
YSMruWrlQGk8g0ApDD/t321PfeK2CizxiXTZTn2bltrKSO9gshAgZmuNHQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFKtBrZFoaupvN0Bz5KGc3fCs3CxRMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcTBHdGtXaHE2bTgzUUhQa29aemQ4S3pjTEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAVCAPAwQA
VCAYAwQAVCAgAwQAVCA/AwQAVCBfAwQAVCCVMAwDBABUIJcDBABUIJgDBABUIJoD
BAFUIK4DBAFUILIDBABY2AIDBABY2CIDBABY2CkDBABY2LowDQYJKoZIhvcNAQEL
BQADggEBAGbDaeB9DpUJMA+4MRS7XOzGYSPqLzVI9srVzDEKEfeatKAR+nM1EKo4
Z/fsTFeCqyVF90RJbc+sQQnu8UqK7BAfxCbvOjqUKASHE7j9k1kLrKvx0pAirBRh
KNRdyV8b+9iBnCn0aSS1FGyV9LudMi40aZuOfvN3XLZ26pUxL0U+9vC9cdXOiYAt
f2WVgKg9OtX85NL1+aWQYAxYW5XtLFVOolXEyBw2+wG9SfgEh22awHwhyzu8Nqw6
haG4Ze6oHXRuI31p6KPFmnV3w0i3S3qhEzIKqOobJROHdVZ9xkLe2mIGpYlbL9oX
EmM8sXs9SAhkpm9xpbtsQ6NyeIFwnRs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-fra.rpki-client.org