Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/t0xwgfzdySwZFMGqRQV9jDtZ1y8.roa
File: t0xwgfzdySwZFMGqRQV9jDtZ1y8.roa (raw, json)
Hash identifier: gQjsH03ymQPPaZM0tKlTn01JhDXpRBL2dqb2VY+C5Y0=
Subject key identifier: B7:4C:70:81:FC:DD:C9:2C:19:14:C1:AA:45:05:7D:8C:3B:59:D7:2F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185A1171CDEBA684F32475C06BA0D77CD39
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/t0xwgfzdySwZFMGqRQV9jDtZ1y8.roa
Signing time: Wed 11 Jan 2023 13:48:44 +0000
ROA not before: Wed 11 Jan 2023 13:48:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.79.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.129.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jan 2023 10:16:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:17:1c:de:ba:68:4f:32:47:5c:06:ba:0d:77:cd:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 11 13:48:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b74c7081fcddc92c1914c1aa45057d8c3b59d72f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5a:9a:fe:42:95:18:20:c9:9c:c9:33:7f:54:
db:e7:15:73:e6:75:a2:3a:d7:34:6f:37:9b:16:df:
2f:bb:00:f4:94:31:0d:58:5a:44:46:73:8c:88:82:
dd:c8:a4:87:58:e2:7d:d4:84:ab:d2:ca:58:d0:74:
8b:b9:92:3f:85:22:fe:e9:42:86:0c:86:b4:c5:54:
b8:d7:04:8e:ce:d1:a0:8b:57:d0:dc:fb:80:d5:e7:
5f:a8:5f:83:d1:c9:fe:0e:0c:36:1d:78:a6:84:8b:
fe:a7:66:9e:2e:0a:30:a0:21:1e:d7:9e:9d:cd:74:
c7:c0:20:3b:88:a2:2d:0e:86:33:36:02:5d:2f:73:
a0:8b:9a:a0:c7:b1:b6:10:65:63:1a:3a:74:ed:f5:
64:ec:47:dc:f6:25:57:de:73:a1:44:c8:aa:41:9b:
1b:ae:19:6e:31:29:9c:52:75:50:e9:b3:76:36:78:
db:1f:c8:f5:07:eb:69:67:2b:4f:66:00:ff:71:68:
1e:24:6c:e6:a1:e4:5f:01:a3:17:72:70:8f:79:78:
25:5c:80:cb:0d:08:a8:3d:11:9b:72:5d:fe:74:b4:
aa:ac:00:86:3d:64:3c:72:c1:9f:8d:da:db:c8:f5:
19:53:f7:cb:c9:31:d4:ff:dc:d8:59:1f:e3:27:8d:
17:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:4C:70:81:FC:DD:C9:2C:19:14:C1:AA:45:05:7D:8C:3B:59:D7:2F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/t0xwgfzdySwZFMGqRQV9jDtZ1y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.79.0/24
84.32.212.0/24
84.32.221.0/24
88.216.129.0/24
88.216.224.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:d4:58:68:73:f5:d8:27:e9:f1:90:04:40:1d:79:73:5e:05:
eb:54:72:fa:13:af:08:05:87:7c:a5:59:0a:65:fd:a1:84:dd:
72:f6:80:b8:54:55:36:34:73:4c:f0:01:cf:e7:ff:42:3b:f0:
61:40:05:fb:15:f2:53:4b:3b:66:4d:aa:68:3a:dd:24:0a:cb:
fa:fe:85:3a:8b:ed:d0:2a:56:d7:56:48:62:91:e2:ad:5a:14:
b1:75:0f:45:10:99:fc:13:84:bb:84:c3:34:d5:1a:c1:89:80:
16:dd:c8:99:5a:62:54:31:f5:39:8b:0e:c7:8d:9d:56:d1:9d:
c9:c8:c2:2d:78:d5:25:49:16:3d:5f:23:2b:e0:cb:5e:ae:2b:
df:df:c3:9b:96:61:a6:cd:93:00:96:06:5e:17:75:c1:fe:1e:
9a:ff:d2:43:42:be:9f:57:49:0e:b4:06:0a:27:eb:fd:68:31:
7e:08:13:cc:1d:a1:83:40:42:1b:9e:d1:c4:d1:28:09:59:45:
ae:1f:f9:33:69:9e:d8:14:cb:33:e4:e7:68:63:76:81:f3:96:
2d:42:9e:4f:fb:b3:63:0f:57:51:82:1b:86:71:9e:57:79:b5:
e6:fb:ab:c9:a6:b4:4f:fe:7b:84:e5:d0:3d:27:e7:3a:7b:59:
5f:90:89:de
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYWhFxzeumhPMkdcBroNd805MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTExMTM0ODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzRjNzA4MWZjZGRjOTJjMTkxNGMxYWE0NTA1N2Q4YzNiNTlkNzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFqa/kKVGCDJnMkzf1Tb5xVz5nWi
Otc0bzebFt8vuwD0lDENWFpERnOMiILdyKSHWOJ91ISr0spY0HSLuZI/hSL+6UKG
DIa0xVS41wSOztGgi1fQ3PuA1edfqF+D0cn+Dgw2HXimhIv+p2aeLgowoCEe156d
zXTHwCA7iKItDoYzNgJdL3Ogi5qgx7G2EGVjGjp07fVk7Efc9iVX3nOhRMiqQZsb
rhluMSmcUnVQ6bN2NnjbH8j1B+tpZytPZgD/cWgeJGzmoeRfAaMXcnCPeXglXIDL
DQioPRGbcl3+dLSqrACGPWQ8csGfjdrbyPUZU/fLyTHU/9zYWR/jJ40XRwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLdMcIH83cksGRTBqkUFfYw7WdcvMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdDB4d2dmemR5U3daRk1HcVJRVjlqRHRaMXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCVCAYAwQA
VCBPAwQAVCDUAwQAVCDdAwQAWNiBAwQCWNjgMA0GCSqGSIb3DQEBCwUAA4IBAQA7
1Fhoc/XYJ+nxkARAHXlzXgXrVHL6E68IBYd8pVkKZf2hhN1y9oC4VFU2NHNM8AHP
5/9CO/BhQAX7FfJTSztmTapoOt0kCsv6/oU6i+3QKlbXVkhikeKtWhSxdQ9FEJn8
E4S7hMM01RrBiYAW3ciZWmJUMfU5iw7HjZ1W0Z3JyMIteNUlSRY9XyMr4Mterivf
38OblmGmzZMAlgZeF3XB/h6a/9JDQr6fV0kOtAYKJ+v9aDF+CBPMHaGDQEIbntHE
0SgJWUWuH/kzaZ7YFMsz5OdoY3aB85YtQp5P+7NjD1dRghuGcZ5XebXm+6vJprRP
/nuE5dA9J+c6e1lfkIne
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org