Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tLotWILCDrBFStcs9EeAgUXPD3Y.roa
File: tLotWILCDrBFStcs9EeAgUXPD3Y.roa (raw, json)
Hash identifier: FnD6G8fOVimqui/b1d7HZNiBN02GlnJNHYz6V5coMOk=
Subject key identifier: B4:BA:2D:58:82:C2:0E:B0:45:4A:D7:2C:F4:47:80:81:45:CF:0F:76
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01859A777A29CFE5288BA24469C85ED8A66D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tLotWILCDrBFStcs9EeAgUXPD3Y.roa
Signing time: Tue 10 Jan 2023 06:56:39 +0000
ROA not before: Tue 10 Jan 2023 06:56:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 84.32.89.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
88.216.221.0/24 maxlen: 24
84.32.29.0/24 maxlen: 24
84.32.241.0/24 maxlen: 24
84.32.155.0/24 maxlen: 24
84.32.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Jan 2023 15:08:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9a:77:7a:29:cf:e5:28:8b:a2:44:69:c8:5e:d8:a6:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 10 06:56:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4ba2d5882c20eb0454ad72cf447808145cf0f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:66:80:ec:a5:2d:19:87:71:e2:7e:11:5d:5f:
bf:06:96:74:92:b5:84:e0:a8:67:6c:85:c4:f0:c9:
a8:23:2a:3a:64:41:76:d0:33:b6:2a:fd:05:22:53:
90:47:a8:83:1d:ca:ed:71:fc:0a:1f:15:41:c2:15:
ab:dd:04:ef:0d:a8:b2:13:d8:11:3b:02:42:13:d5:
9f:8d:61:93:55:6b:98:93:05:82:fd:68:cd:e8:ba:
12:ad:86:5c:c5:bf:39:cf:48:9a:3a:be:41:fa:3b:
98:2f:64:e7:73:0b:9f:ff:cb:aa:44:d7:60:27:cb:
32:df:e4:0c:38:2d:29:9d:0d:fb:08:04:fd:6f:a3:
7c:1b:83:e4:2d:4d:55:08:76:58:2a:9c:89:5e:24:
7b:7f:b9:4a:0a:b6:db:34:f8:ec:f7:39:6f:2d:10:
f4:39:00:e9:25:d2:f8:1e:79:c1:e4:82:d3:54:cc:
4f:e2:24:70:e2:64:8c:14:59:8d:0e:6e:9b:0a:cb:
c7:3b:54:d2:d1:9c:cb:80:80:5a:01:db:5d:4d:0c:
c1:e9:0a:d4:b5:34:24:8a:ea:d6:f2:03:e3:b6:61:
87:ac:1d:91:ba:64:26:80:db:d3:e9:fa:b0:68:08:
39:b1:0f:6b:f5:d3:f6:a2:0d:3b:d3:76:9a:4a:14:
2d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:BA:2D:58:82:C2:0E:B0:45:4A:D7:2C:F4:47:80:81:45:CF:0F:76
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tLotWILCDrBFStcs9EeAgUXPD3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.29.0/24
84.32.45.0/24
84.32.89.0/24
84.32.94.0/24
84.32.155.0/24
84.32.241.0/24
88.216.221.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:5a:07:8d:2a:3f:e9:94:bb:24:fc:cb:9c:b8:69:5a:b8:21:
23:f0:63:e7:7e:ac:ef:3a:1e:37:98:b4:25:6f:ab:e9:54:c0:
3b:7c:77:9a:72:de:c7:bf:bb:3c:ce:66:ef:b9:b8:50:48:ea:
fc:dd:6b:10:f0:3f:66:21:ff:e9:a1:d9:65:dc:f3:76:a5:26:
49:4f:c2:ec:9e:c5:13:04:0e:a6:32:8a:b1:7a:6a:1b:20:a6:
b5:bb:d4:c4:fc:80:3f:48:51:0c:cd:be:db:e7:3a:8c:94:2d:
cf:e2:55:d9:09:54:ae:12:af:c5:1c:05:28:db:ec:d4:86:23:
98:41:35:f4:35:00:03:ee:c9:6c:d4:53:49:6a:ee:c9:e4:2c:
11:61:85:d2:d3:70:99:56:7b:9f:d4:7b:b5:7d:cb:3c:95:c9:
31:48:7e:36:9d:8c:e8:d0:46:0c:16:2c:de:22:20:c5:a0:51:
e1:42:e7:59:fe:4b:77:d5:fe:db:49:29:d7:19:8a:13:50:cc:
cf:d3:07:31:8b:8e:ba:2b:29:17:b1:6d:77:08:b3:fe:4d:bc:
a9:d7:b4:85:5d:94:b5:e1:35:45:e1:db:70:3f:57:8a:54:9f:
ea:a4:08:c8:8b:d0:b1:26:44:0f:bd:08:04:61:67:e7:41:cd:
a3:84:b8:91
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYWad3opz+Uoi6JEache2KZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTEwMDY1NjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJhMmQ1ODgyYzIwZWIwNDU0YWQ3MmNmNDQ3ODA4MTQ1Y2YwZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomaA7KUtGYdx4n4RXV+/BpZ0krWE
4KhnbIXE8MmoIyo6ZEF20DO2Kv0FIlOQR6iDHcrtcfwKHxVBwhWr3QTvDaiyE9gR
OwJCE9WfjWGTVWuYkwWC/WjN6LoSrYZcxb85z0iaOr5B+juYL2Tncwuf/8uqRNdg
J8sy3+QMOC0pnQ37CAT9b6N8G4PkLU1VCHZYKpyJXiR7f7lKCrbbNPjs9zlvLRD0
OQDpJdL4HnnB5ILTVMxP4iRw4mSMFFmNDm6bCsvHO1TS0ZzLgIBaAdtdTQzB6QrU
tTQkiurW8gPjtmGHrB2RumQmgNvT6fqwaAg5sQ9r9dP2og0703aaShQtcQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLS6LViCwg6wRUrXLPRHgIFFzw92MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdExvdFdJTENEckJGU3RjczlFZUFnVVhQRDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVCAdAwQA
VCAtAwQAVCBZAwQAVCBeAwQAVCCbAwQAVCDxAwQAWNjdMA0GCSqGSIb3DQEBCwUA
A4IBAQCPWgeNKj/plLsk/MucuGlauCEj8GPnfqzvOh43mLQlb6vpVMA7fHeact7H
v7s8zmbvubhQSOr83WsQ8D9mIf/podll3PN2pSZJT8LsnsUTBA6mMoqxemobIKa1
u9TE/IA/SFEMzb7b5zqMlC3P4lXZCVSuEq/FHAUo2+zUhiOYQTX0NQAD7sls1FNJ
au7J5CwRYYXS03CZVnuf1Hu1fcs8lckxSH42nYzo0EYMFizeIiDFoFHhQudZ/kt3
1f7bSSnXGYoTUMzP0wcxi466KykXsW13CLP+Tbyp17SFXZS14TVF4dtwP1eKVJ/q
pAjIi9CxJkQPvQgEYWfnQc2jhLiR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org