Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qnkC7M9o4XPRmDALJh8lVn1fM5U.roa
File: qnkC7M9o4XPRmDALJh8lVn1fM5U.roa (raw, json)
Hash identifier: 6fSd1budINGcX6/Gi0FCsfkhL/675+BoWPAHWIFLorw=
Subject key identifier: AA:79:02:EC:CF:68:E1:73:D1:98:30:0B:26:1F:25:56:7D:5F:33:95
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186162774D022DF62C125A51D5C31535404
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qnkC7M9o4XPRmDALJh8lVn1fM5U.roa
Signing time: Fri 03 Feb 2023 07:22:09 +0000
ROA not before: Fri 03 Feb 2023 07:22:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 84.32.58.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
84.32.216.0/24 maxlen: 24
84.32.219.0/24 maxlen: 24
88.216.109.0/24 maxlen: 24
88.216.110.0/24 maxlen: 24
88.216.106.0/24 maxlen: 24
88.216.107.0/24 maxlen: 24
84.32.9.0/24 maxlen: 24
84.32.226.0/24 maxlen: 24
84.32.234.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
84.32.25.0/24 maxlen: 24
84.32.49.0/24 maxlen: 24
84.32.51.0/24 maxlen: 24
88.216.67.0/24 maxlen: 24
88.216.66.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
84.32.213.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Feb 2023 06:36:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:27:74:d0:22:df:62:c1:25:a5:1d:5c:31:53:54:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 3 07:22:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa7902eccf68e173d198300b261f25567d5f3395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:27:80:91:06:0f:f2:f2:6a:af:4b:bb:f7:71:
19:89:04:3f:37:24:77:2c:f4:e5:fe:9c:20:90:36:
83:30:87:3e:12:78:75:1e:c5:39:6c:8b:c7:60:e8:
6a:8d:6f:02:d7:f8:cc:3b:7d:fa:68:ba:5e:d8:af:
de:64:18:b7:ef:0f:b9:80:79:e3:d0:df:85:78:aa:
70:ae:b9:fd:fc:f8:a4:6f:59:fa:5c:4b:15:65:51:
2c:df:96:a9:3b:ea:cc:9f:51:f7:46:65:b9:85:dd:
3f:ce:aa:3b:9e:11:89:6a:35:db:e5:40:26:5f:62:
3a:05:bc:4e:cd:79:e2:75:36:5a:64:78:a1:06:ce:
37:fe:cd:55:3f:a0:d2:a7:2a:dd:29:e3:a7:e1:22:
5f:29:cd:56:ce:d3:f2:cd:e9:28:8e:87:09:c4:ad:
28:d6:80:48:a4:17:a2:1f:86:7d:7c:f3:4b:df:ee:
f0:b2:fc:f6:bc:14:82:c5:d4:a7:fb:a5:33:03:9f:
95:f4:c8:3e:e3:04:a2:24:ce:4d:bf:cb:31:6d:ad:
87:05:74:5d:db:c8:f0:ae:8b:fc:9a:c4:e3:ca:fb:
cd:64:4c:16:b1:4a:cf:b0:41:58:74:01:95:5d:d2:
c3:a6:28:bd:90:d6:98:9a:e9:f6:8c:3e:8b:fa:df:
46:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:79:02:EC:CF:68:E1:73:D1:98:30:0B:26:1F:25:56:7D:5F:33:95
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qnkC7M9o4XPRmDALJh8lVn1fM5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.9.0/24
84.32.25.0/24
84.32.49.0/24
84.32.51.0/24
84.32.58.0/24
84.32.70.0/24
84.32.213.0/24
84.32.216.0/24
84.32.219.0/24
84.32.226.0/24
84.32.234.0/24
88.216.66.0/23
88.216.100.0/24
88.216.106.0/23
88.216.109.0-88.216.110.255
88.216.128.0/24
88.216.188.0/24
88.216.222.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:e7:b6:fd:f0:ba:96:8f:d1:3e:03:b0:b4:0c:26:09:b2:ac:
5e:0a:18:29:42:6c:8e:ed:88:f1:b2:0c:10:c8:b2:2c:fd:ab:
1e:5e:b3:d8:7e:69:82:a2:0e:c0:7b:c5:a0:df:e8:29:5e:78:
6e:d0:8e:ce:4b:1b:90:0f:f0:c6:83:4c:3c:41:1d:95:a9:b9:
c1:eb:8c:ec:6b:a6:a9:c7:0e:f0:f3:3a:e3:17:72:05:3e:4d:
85:fb:85:93:c6:fc:a3:43:0c:28:a5:62:b8:97:5d:aa:4f:fc:
86:8d:b8:36:8e:f5:b9:b9:e2:6e:d3:d6:78:8d:ac:61:2e:3d:
f5:6b:a5:a0:54:ac:7f:67:17:e2:1f:56:23:8e:4c:7c:ca:78:
92:3c:1f:4e:23:5f:d2:6d:c7:20:19:ec:dc:02:c2:97:bd:4e:
df:37:29:09:72:fb:bf:89:06:f7:0e:da:7b:85:da:43:0a:54:
bd:70:b5:f3:75:59:75:5c:92:d5:90:66:43:f4:93:c6:50:b5:
7d:ea:d2:72:3e:c1:f0:5e:83:7c:57:32:24:35:7b:9c:8a:e8:
39:b3:b2:ab:69:ac:0e:fa:50:3e:db:8f:8c:d3:c9:d1:1e:70:
e8:8d:37:4a:68:32:8b:79:0d:a6:8e:f9:d1:fe:db:62:b2:f9:
01:51:4e:26
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYYWJ3TQIt9iwSWlHVwxU1QEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjAzMDcyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc5MDJlY2NmNjhlMTczZDE5ODMwMGIyNjFmMjU1NjdkNWYzMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ieAkQYP8vJqr0u793EZiQQ/NyR3
LPTl/pwgkDaDMIc+Enh1HsU5bIvHYOhqjW8C1/jMO336aLpe2K/eZBi37w+5gHnj
0N+FeKpwrrn9/Pikb1n6XEsVZVEs35apO+rMn1H3RmW5hd0/zqo7nhGJajXb5UAm
X2I6BbxOzXnidTZaZHihBs43/s1VP6DSpyrdKeOn4SJfKc1WztPyzekojocJxK0o
1oBIpBeiH4Z9fPNL3+7wsvz2vBSCxdSn+6UzA5+V9Mg+4wSiJM5Nv8sxba2HBXRd
28jwrov8msTjyvvNZEwWsUrPsEFYdAGVXdLDpii9kNaYmun2jD6L+t9GwQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFKp5AuzPaOFz0ZgwCyYfJVZ9XzOVMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcW5rQzdNOW80WFBSbURBTEpoOGxWbjFmTTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAFQgCQME
AFQgGQMEAFQgMQMEAFQgMwMEAFQgOgMEAFQgRgMEAFQg1QMEAFQg2AMEAFQg2wME
AFQg4gMEAFQg6gMEAVjYQgMEAFjYZAMEAVjYajAMAwQAWNhtAwQAWNhuAwQAWNiA
AwQAWNi8AwQBWNjeMA0GCSqGSIb3DQEBCwUAA4IBAQAL57b98LqWj9E+A7C0DCYJ
sqxeChgpQmyO7YjxsgwQyLIs/aseXrPYfmmCog7Ae8Wg3+gpXnhu0I7OSxuQD/DG
g0w8QR2VqbnB64zsa6apxw7w8zrjF3IFPk2F+4WTxvyjQwwopWK4l12qT/yGjbg2
jvW5ueJu09Z4jaxhLj31a6WgVKx/ZxfiH1Yjjkx8yniSPB9OI1/SbccgGezcAsKX
vU7fNykJcvu/iQb3Dtp7hdpDClS9cLXzdVl1XJLVkGZD9JPGULV96tJyPsHwXoN8
VzIkNXuciug5s7KraawO+lA+24+M08nRHnDojTdKaDKLeQ2mjvnR/ttisvkBUU4m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:32 2024 by rpki-client on console-ams.rpki-client.org