Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qK9HyLPXHkaOy0yNWEBXcMSvi7M.roa
File: qK9HyLPXHkaOy0yNWEBXcMSvi7M.roa (raw, json)
Hash identifier: 1xW4vyc4ncfJRRbKhnUfUj609TtiN93KT48fCVYvFf4=
Subject key identifier: A8:AF:47:C8:B3:D7:1E:46:8E:CB:4C:8D:58:40:57:70:C4:AF:8B:B3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01889A3FCBFFDD9D3B98AF3CDDFF6FE1AE45
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qK9HyLPXHkaOy0yNWEBXcMSvi7M.roa
Signing time: Thu 08 Jun 2023 09:04:12 +0000
ROA not before: Thu 08 Jun 2023 09:04:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 84.32.105.0/24 maxlen: 24
84.32.104.0/24 maxlen: 24
84.32.228.0/24 maxlen: 24
84.32.252.0/24 maxlen: 24
84.32.253.0/24 maxlen: 24
84.32.249.0/24 maxlen: 24
84.32.254.0/24 maxlen: 24
88.216.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jul 2023 07:18:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:3f:cb:ff:dd:9d:3b:98:af:3c:dd:ff:6f:e1:ae:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 8 09:04:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8af47c8b3d71e468ecb4c8d58405770c4af8bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b8:e1:15:ba:31:3b:90:d5:d9:eb:10:74:92:
70:cf:80:a4:86:da:30:dc:7e:26:77:f7:ca:f5:00:
0b:ed:d8:be:f7:61:45:3b:68:9a:27:7f:3c:cb:20:
66:53:19:45:8c:b5:88:c6:ae:6c:61:72:46:2f:38:
63:8d:d1:6c:17:70:37:3c:9d:95:de:f8:b5:bf:28:
5a:f9:93:4a:2c:86:ee:aa:42:1c:0b:41:ad:84:19:
9f:4f:e6:05:71:b1:ce:ae:80:79:75:50:2e:ec:5c:
6e:a5:09:85:d8:17:e3:8b:4c:b1:69:5b:2d:dc:ad:
52:93:7b:3a:b1:f9:cd:2b:70:d4:35:57:a8:a6:bb:
03:3b:bb:50:42:19:53:e6:d4:66:16:47:0d:a8:e8:
5a:54:9b:ce:01:d0:88:67:49:4e:74:8c:8e:48:05:
90:9e:4e:ed:f1:4b:3a:b7:4f:fb:fe:20:bf:d0:62:
b0:9d:63:13:ee:d5:16:3d:da:95:cc:10:64:d9:87:
78:8a:7b:1e:c2:e6:7f:86:45:0e:b6:76:ce:2c:f7:
40:fd:40:95:0e:97:85:ae:5d:e5:e2:3f:eb:cd:e5:
e0:24:74:95:5c:af:41:82:cf:5a:a0:b2:ca:98:73:
1c:1f:c4:48:84:51:f0:f5:68:27:0c:9e:23:43:c1:
27:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AF:47:C8:B3:D7:1E:46:8E:CB:4C:8D:58:40:57:70:C4:AF:8B:B3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qK9HyLPXHkaOy0yNWEBXcMSvi7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.104.0/23
84.32.228.0/24
84.32.249.0/24
84.32.252.0-84.32.254.255
88.216.42.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:8b:19:01:b9:2a:e3:4b:5e:24:0a:fd:83:cf:a9:f5:72:6b:
f7:49:24:ba:5a:aa:cd:0b:59:02:bb:83:9d:8a:3b:30:81:94:
87:e5:07:4f:49:50:a3:50:1e:b8:a1:25:f9:6e:6a:67:64:84:
f1:57:08:c0:01:09:45:e7:67:e4:4b:aa:e4:46:bd:92:b1:1f:
ba:5b:3a:39:6c:88:66:53:ea:23:71:13:33:1a:81:5b:e2:42:
5a:57:49:e7:79:74:2e:b7:ff:78:15:a2:ea:f1:5d:dd:b6:13:
b9:c3:b7:f3:4e:7b:bd:1c:88:0f:e7:4c:74:14:c3:be:fa:ac:
a0:2f:52:aa:c5:3c:d8:c8:1f:e3:fe:eb:c6:a7:f3:4b:d1:9d:
d5:45:4f:59:d4:17:99:26:3a:27:d0:af:53:4f:c3:68:a6:aa:
11:4b:c3:ce:6a:66:2d:2c:1e:ff:e6:49:54:37:e5:20:1c:0f:
24:e8:44:6d:9c:24:3c:83:b1:01:4e:f0:df:0b:ac:9f:c2:0c:
c4:fa:c9:f4:5f:65:86:52:20:f1:33:d6:f9:d8:81:76:a3:1c:
68:8e:51:2d:ef:56:d8:b4:df:76:ac:4e:5a:d0:c4:9d:78:00:
71:bf:83:b6:5f:0c:e5:d1:e1:71:13:3e:ac:66:24:61:be:f2:
0e:ff:fa:14
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYiaP8v/3Z07mK883f9v4a5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjA4MDkwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGFmNDdjOGIzZDcxZTQ2OGVjYjRjOGQ1ODQwNTc3MGM0YWY4YmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLjhFboxO5DV2esQdJJwz4Ckhtow
3H4md/fK9QAL7di+92FFO2iaJ388yyBmUxlFjLWIxq5sYXJGLzhjjdFsF3A3PJ2V
3vi1vyha+ZNKLIbuqkIcC0GthBmfT+YFcbHOroB5dVAu7FxupQmF2Bfji0yxaVst
3K1Sk3s6sfnNK3DUNVeoprsDO7tQQhlT5tRmFkcNqOhaVJvOAdCIZ0lOdIyOSAWQ
nk7t8Us6t0/7/iC/0GKwnWMT7tUWPdqVzBBk2Yd4insewuZ/hkUOtnbOLPdA/UCV
DpeFrl3l4j/rzeXgJHSVXK9Bgs9aoLLKmHMcH8RIhFHw9WgnDJ4jQ8EniwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKivR8iz1x5GjstMjVhAV3DEr4uzMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcUs5SHlMUFhIa2FPeTB5TldFQlhjTVN2aTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBVCBoAwQA
VCDkAwQAVCD5MAwDBAJUIPwDBABUIP4DBABY2CowDQYJKoZIhvcNAQELBQADggEB
AI+LGQG5KuNLXiQK/YPPqfVya/dJJLpaqs0LWQK7g52KOzCBlIflB09JUKNQHrih
JfluamdkhPFXCMABCUXnZ+RLquRGvZKxH7pbOjlsiGZT6iNxEzMagVviQlpXSed5
dC63/3gVourxXd22E7nDt/NOe70ciA/nTHQUw776rKAvUqrFPNjIH+P+68an80vR
ndVFT1nUF5kmOifQr1NPw2imqhFLw85qZi0sHv/mSVQ35SAcDyToRG2cJDyDsQFO
8N8LrJ/CDMT6yfRfZYZSIPEz1vnYgXajHGiOUS3vVti033asTlrQxJ14AHG/g7Zf
DOXR4XETPqxmJGG+8g7/+hQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:35 2024 by rpki-client on console-fra.rpki-client.org