Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rUrWIwMKXNFS051NwIKKX0X560s.roa
File: rUrWIwMKXNFS051NwIKKX0X560s.roa (raw, json)
Hash identifier: SV7OQB8oE43MAOEETe2kUCgF8s2MBg1ejm1sYgBVM4g=
Subject key identifier: AD:4A:D6:23:03:0A:5C:D1:52:D3:9D:4D:C0:82:8A:5F:45:F9:EB:4B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186C71824EE64EF68A58A051AE3433B99CA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rUrWIwMKXNFS051NwIKKX0X560s.roa
Signing time: Thu 09 Mar 2023 15:58:13 +0000
ROA not before: Thu 09 Mar 2023 15:58:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213305
IP address blocks: 84.32.76.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
84.32.211.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c7:18:24:ee:64:ef:68:a5:8a:05:1a:e3:43:3b:99:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 9 15:58:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad4ad623030a5cd152d39d4dc0828a5f45f9eb4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:03:6f:ee:dc:04:53:1e:f5:18:0e:4b:77:d5:
db:15:9f:81:17:01:07:fd:94:6c:7a:1d:1f:1e:0c:
a8:49:71:98:28:1a:79:5c:54:b4:59:12:bc:36:78:
ec:dc:5b:41:c6:9e:5e:8b:10:18:ff:3f:0b:81:6f:
36:98:75:b7:13:75:0d:c6:a8:bf:2a:5e:b8:dd:3f:
6d:df:a7:97:cb:b4:1f:11:5b:1b:7f:41:a9:8c:63:
dd:34:4c:68:74:70:12:9f:54:d2:f0:fd:de:31:d0:
89:2d:7c:ae:ff:c5:12:f6:e7:f7:cb:08:7e:a6:99:
3a:13:67:1d:e8:4c:e3:f8:b0:c0:b9:59:c7:d4:2d:
cb:ca:fa:65:48:bd:ae:1c:9d:1e:d3:31:04:6b:a1:
fb:e1:41:86:f9:92:9c:93:48:f7:07:bd:1c:7a:61:
94:f7:a9:83:ca:31:34:69:e4:bf:d7:73:ff:dd:0f:
4f:81:bd:0b:68:3b:b5:a2:4a:cb:83:1f:8e:55:95:
c7:4b:a7:66:5d:30:8b:81:81:a3:91:7e:99:7f:c7:
bf:db:f2:e7:70:98:8a:d7:ba:9f:b0:ad:f8:44:76:
83:da:be:ce:1f:5f:83:60:07:b8:dc:7c:27:c9:78:
25:01:ff:dd:30:cf:5b:c2:09:90:e3:78:f4:15:7c:
30:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4A:D6:23:03:0A:5C:D1:52:D3:9D:4D:C0:82:8A:5F:45:F9:EB:4B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rUrWIwMKXNFS051NwIKKX0X560s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.76.0/24
84.32.211.0/24
84.32.255.0/24
88.216.190.0/24
Signature Algorithm: sha256WithRSAEncryption
55:e0:d9:7b:ae:a8:f9:42:0b:3b:30:50:1a:84:93:30:5a:ef:
64:ad:2d:bf:03:2a:01:86:7e:a4:cb:35:3f:e1:d5:56:3d:fa:
fb:2b:2d:f6:3a:a3:8a:54:e8:71:95:da:9b:fd:f3:00:8a:54:
cc:b5:41:4f:57:40:9e:af:09:d4:65:a6:ae:4c:b9:46:df:10:
44:03:91:c0:a6:00:40:2c:6d:13:3b:26:7b:25:de:b2:af:3f:
ca:2c:fc:7e:32:97:03:17:09:64:ef:72:cf:87:8b:2b:80:7c:
ce:96:3b:6b:17:31:b1:7d:f1:d3:f9:ba:2a:98:8e:10:f4:1a:
54:ea:04:60:0c:13:e7:d2:ff:2d:9e:94:47:f6:e8:86:ba:fd:
6a:4d:19:05:31:80:21:db:52:a5:35:19:38:36:90:6f:8f:4a:
cf:1d:c6:fe:7a:7b:60:fb:4a:b6:ee:9d:95:ce:6f:3e:20:9f:
e1:02:82:49:9e:4e:d4:33:39:88:5c:10:64:a2:3a:8f:13:aa:
da:06:e9:f0:c9:80:98:0b:15:e3:68:06:a5:4e:b7:2c:95:91:
3b:8c:d8:06:76:f7:c3:9e:8c:03:ed:08:e6:62:7a:3c:5e:1b:
a9:e8:61:3c:0b:a1:f0:cd:b0:7c:9d:1c:87:a3:7b:ef:d9:ba:
d9:5d:ba:40
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYbHGCTuZO9opYoFGuNDO5nKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzA5MTU1ODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDRhZDYyMzAzMGE1Y2QxNTJkMzlkNGRjMDgyOGE1ZjQ1ZjllYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQNv7twEUx71GA5Ld9XbFZ+BFwEH
/ZRseh0fHgyoSXGYKBp5XFS0WRK8Nnjs3FtBxp5eixAY/z8LgW82mHW3E3UNxqi/
Kl643T9t36eXy7QfEVsbf0GpjGPdNExodHASn1TS8P3eMdCJLXyu/8US9uf3ywh+
ppk6E2cd6Ezj+LDAuVnH1C3LyvplSL2uHJ0e0zEEa6H74UGG+ZKck0j3B70cemGU
96mDyjE0aeS/13P/3Q9Pgb0LaDu1okrLgx+OVZXHS6dmXTCLgYGjkX6Zf8e/2/Ln
cJiK17qfsK34RHaD2r7OH1+DYAe43HwnyXglAf/dMM9bwgmQ43j0FXwwIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK1K1iMDClzRUtOdTcCCil9F+etLMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvclVyV0l3TUtYTkZTMDUxTndJS0tYMFg1NjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCBMAwQA
VCDTAwQAVCD/AwQAWNi+MA0GCSqGSIb3DQEBCwUAA4IBAQBV4Nl7rqj5Qgs7MFAa
hJMwWu9krS2/AyoBhn6kyzU/4dVWPfr7Ky32OqOKVOhxldqb/fMAilTMtUFPV0Ce
rwnUZaauTLlG3xBEA5HApgBALG0TOyZ7Jd6yrz/KLPx+MpcDFwlk73LPh4srgHzO
ljtrFzGxffHT+boqmI4Q9BpU6gRgDBPn0v8tnpRH9uiGuv1qTRkFMYAh21KlNRk4
NpBvj0rPHcb+entg+0q27p2Vzm8+IJ/hAoJJnk7UMzmIXBBkojqPE6raBunwyYCY
CxXjaAalTrcslZE7jNgGdvfDnowD7QjmYno8Xhup6GE8C6HwzbB8nRyHo3vv2brZ
XbpA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:51 2023 by rpki-client on console-fra.rpki-client.org