Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qGwVvnUhEpY3_5YrzNyYUxxGcG8.roa
File: qGwVvnUhEpY3_5YrzNyYUxxGcG8.roa (raw, json)
Hash identifier: nt4C3agTSJ6+kkuhl68UEQ5VMH4knhAq9i4xNZy+BP0=
Subject key identifier: A8:6C:15:BE:75:21:12:96:37:FF:96:2B:CC:DC:98:53:1C:46:70:6F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018D324976661730E7FC0B89BB8974FF27F3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qGwVvnUhEpY3_5YrzNyYUxxGcG8.roa
Signing time: Mon 22 Jan 2024 17:48:11 +0000
ROA not before: Mon 22 Jan 2024 17:48:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.178.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 19:41:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:32:49:76:66:17:30:e7:fc:0b:89:bb:89:74:ff:27:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 22 17:48:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a86c15be7521129637ff962bccdc98531c46706f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f9:62:db:9d:8b:40:f8:01:ef:00:96:3e:53:
ce:c2:8e:bb:28:db:17:d2:25:17:63:c9:85:30:99:
2b:3c:0d:dc:55:34:97:40:1d:8f:6e:8c:77:0f:60:
78:25:76:2c:a2:7c:b3:4a:18:5c:1f:19:c2:f4:86:
c7:6e:8c:05:65:2b:f8:d2:45:a8:4d:cd:70:78:01:
46:5f:a7:a1:16:e1:80:b9:65:4c:f5:f2:7d:4b:cf:
29:d7:72:1f:1d:8b:aa:70:9f:13:87:17:83:27:62:
92:b2:6d:9e:27:43:e2:7d:2e:d8:2d:bc:25:e8:59:
9d:e0:0a:27:35:82:39:84:36:bb:43:a6:dc:ae:15:
3c:9b:bf:2d:69:25:49:f3:39:22:9b:84:2a:21:bc:
48:54:62:da:d5:70:a8:38:59:b5:60:0e:55:76:70:
35:28:92:22:da:c1:b1:d9:4c:76:53:7a:80:db:7d:
85:b2:6d:a0:a3:e5:a8:fb:2a:a1:00:cc:07:91:75:
de:3d:8f:88:e1:2d:c3:09:10:6c:d4:1f:ff:24:16:
93:88:a4:db:de:5d:26:86:49:fa:5a:dd:89:ac:e6:
e3:ff:04:cc:10:75:a3:5f:cc:33:41:98:e2:e8:fb:
fb:d9:99:20:9a:0b:f8:f2:82:2f:7b:31:5a:c1:72:
a9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6C:15:BE:75:21:12:96:37:FF:96:2B:CC:DC:98:53:1C:46:70:6F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qGwVvnUhEpY3_5YrzNyYUxxGcG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.188.0/22
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
62:0e:e8:61:83:15:87:e5:ba:5e:91:73:bb:73:e2:8c:e1:ea:
ce:87:40:f7:b4:f3:5a:8a:a6:81:88:15:75:7d:15:19:a3:84:
d9:92:c6:1e:30:ee:8c:72:e0:37:78:aa:d4:32:35:47:67:11:
5e:35:43:4e:07:71:ed:fc:af:a1:cc:d1:24:ec:ac:da:ba:0c:
06:59:88:79:13:a4:5f:06:7d:48:14:0c:6b:e2:3b:f9:bf:ef:
e5:7a:5e:76:02:28:0c:3e:92:83:81:12:01:5a:f0:e6:3d:6e:
b1:99:57:5e:9b:64:67:7d:e7:b0:42:a0:c0:c7:8f:62:c3:db:
ff:c3:f8:5d:68:ed:fb:6c:3a:be:6b:c3:7a:5d:db:45:af:14:
6d:02:69:b6:c2:79:c0:e2:5c:0c:d7:e6:12:09:04:0b:ed:75:
8b:36:51:16:01:06:91:70:0f:43:3a:00:09:a9:f6:25:a6:56:
b5:1f:08:4c:d5:c9:4d:47:fa:09:af:99:c3:09:15:4e:c1:1c:
6c:90:72:30:0b:29:36:cf:66:71:01:33:f8:87:79:86:c3:54:
7c:71:6c:81:14:0b:3f:87:01:f7:69:bd:89:07:ce:a5:5f:d1:
83:be:f8:74:a9:e1:98:93:92:91:95:13:d9:f9:79:cf:5f:78:
38:89:ca:27
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAY0ySXZmFzDn/AuJu4l0/yfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTIyMTc0ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODZjMTViZTc1MjExMjk2MzdmZjk2MmJjY2RjOTg1MzFjNDY3MDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifli252LQPgB7wCWPlPOwo67KNsX
0iUXY8mFMJkrPA3cVTSXQB2Pbox3D2B4JXYsonyzShhcHxnC9IbHbowFZSv40kWo
Tc1weAFGX6ehFuGAuWVM9fJ9S88p13IfHYuqcJ8ThxeDJ2KSsm2eJ0PifS7YLbwl
6Fmd4AonNYI5hDa7Q6bcrhU8m78taSVJ8zkim4QqIbxIVGLa1XCoOFm1YA5VdnA1
KJIi2sGx2Ux2U3qA232Fsm2go+Wo+yqhAMwHkXXePY+I4S3DCRBs1B//JBaTiKTb
3l0mhkn6Wt2JrObj/wTMEHWjX8wzQZji6Pv72Zkgmgv48oIvezFawXKpNwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFKhsFb51IRKWN/+WK8zcmFMcRnBvMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcUd3VnZuVWhFcFkzXzVZcnpOeVlVeHhHY0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4MAwDBABU
IAcDBABUIAgwDAMEAlQgFAMEAlQgGAMEAVQgLgMEAFQgXwMEAlQglAMEAVQgrgME
AVQgsgMEAVQg1gMEAlQg9AMEAVjYFgMEAVjYLAMEAFjYXTAMAwQBWNiCAwQAWNiE
AwQBWNiGAwQCWNi8AwQCWNjUMA0GCSqGSIb3DQEBCwUAA4IBAQBiDuhhgxWH5bpe
kXO7c+KM4erOh0D3tPNaiqaBiBV1fRUZo4TZksYeMO6McuA3eKrUMjVHZxFeNUNO
B3Ht/K+hzNEk7KzaugwGWYh5E6RfBn1IFAxr4jv5v+/lel52AigMPpKDgRIBWvDm
PW6xmVdem2RnfeewQqDAx49iw9v/w/hdaO37bDq+a8N6XdtFrxRtAmm2wnnA4lwM
1+YSCQQL7XWLNlEWAQaRcA9DOgAJqfYlpla1HwhM1clNR/oJr5nDCRVOwRxskHIw
Cyk2z2ZxATP4h3mGw1R8cWyBFAs/hwH3ab2JB86lX9GDvvh0qeGYk5KRlRPZ+XnP
X3g4icon
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:35 2024 by rpki-client on console-fra.rpki-client.org