Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vmgVgcfq6NmvMg7XeMZBzPw_n2s.roa
File: vmgVgcfq6NmvMg7XeMZBzPw_n2s.roa (raw, json)
Hash identifier: Mu2kWdmmYG03at4iELpj3f6MmZ5DGYdwT75h1E+qV0E=
Subject key identifier: BE:68:15:81:C7:EA:E8:D9:AF:32:0E:D7:78:C6:41:CC:FC:3F:9F:6B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018585EAE63B1B5B5EB746C619E7C0AADF65
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vmgVgcfq6NmvMg7XeMZBzPw_n2s.roa
Signing time: Fri 06 Jan 2023 07:10:42 +0000
ROA not before: Fri 06 Jan 2023 07:10:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 88.216.67.0/24 maxlen: 24
88.216.66.0/24 maxlen: 24
84.32.213.0/24 maxlen: 24
84.32.216.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
84.32.49.0/24 maxlen: 24
84.32.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Jan 2023 15:11:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:85:ea:e6:3b:1b:5b:5e:b7:46:c6:19:e7:c0:aa:df:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 6 07:10:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be681581c7eae8d9af320ed778c641ccfc3f9f6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6f:2f:61:f6:6b:3b:db:0f:f1:8a:58:2b:bb:
44:43:ed:31:aa:a2:36:df:ae:8d:7d:a9:9d:3a:b5:
85:8e:76:f9:74:d9:b7:44:21:79:db:06:db:d1:db:
08:39:21:b9:21:e0:ee:fb:a4:da:aa:ab:8e:2f:33:
64:cf:bd:ca:8b:ba:1b:c2:20:e9:95:70:02:a0:48:
e5:ba:8e:69:41:47:de:1f:a8:4e:68:28:4d:7b:a0:
77:7b:bd:b0:34:39:5d:43:ff:6d:24:77:20:40:75:
27:3d:59:60:42:11:16:2d:db:e9:d7:1b:ae:75:94:
71:a9:39:17:54:39:1d:cb:b3:45:be:14:32:97:9a:
98:b1:96:e6:be:c7:a4:44:23:2e:6a:6d:11:98:27:
16:01:d8:2a:46:ba:a1:c4:5e:23:3f:f7:bc:16:76:
c2:91:f0:65:f4:42:ae:de:c0:65:85:d2:8a:7d:b1:
2f:fc:67:3b:a5:f2:d8:cd:85:8e:90:9f:97:6f:0a:
55:ff:0d:f5:63:6b:d2:60:b7:a0:46:32:66:a6:14:
d4:b8:44:5e:6a:a3:c6:3e:4c:c7:3b:0b:65:02:b0:
ed:ac:26:96:a1:83:b6:d5:89:25:f1:df:2c:d6:2c:
c2:39:08:54:78:68:25:59:de:1b:9d:1c:5d:e0:5a:
05:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:68:15:81:C7:EA:E8:D9:AF:32:0E:D7:78:C6:41:CC:FC:3F:9F:6B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vmgVgcfq6NmvMg7XeMZBzPw_n2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.49.0/24
84.32.51.0/24
84.32.213.0/24
84.32.216.0/24
88.216.66.0/23
88.216.222.0/23
Signature Algorithm: sha256WithRSAEncryption
05:c3:21:d6:c5:a2:ea:23:f3:9b:3e:67:9c:28:9e:62:64:43:
36:83:e9:19:83:8e:ac:9c:2b:02:df:58:8d:3e:d7:27:86:6b:
44:c3:49:ad:a9:6a:b9:38:f9:53:c1:79:50:41:aa:7a:ae:3e:
22:4f:44:e1:55:4b:91:65:76:ef:8e:96:47:2e:77:e1:d6:ca:
83:fb:ae:13:20:22:96:d7:bd:1c:45:dc:76:ee:51:d3:8e:1a:
90:7c:9d:ad:9e:a5:53:9e:0d:83:d9:0b:d2:5b:b4:eb:06:85:
12:c1:32:4e:f9:f2:1e:38:8f:54:16:96:03:00:5d:c1:4b:85:
06:9e:91:63:2c:e1:01:b0:96:e5:9a:f2:c7:61:3f:a1:89:ac:
65:4e:30:68:02:16:4b:cc:47:a2:0f:87:2d:68:ed:59:07:38:
66:15:72:b1:5d:3a:14:29:0b:30:42:36:95:23:8d:b8:8f:15:
ab:8c:b7:65:f0:84:bd:36:22:89:de:c2:d0:40:b0:92:2f:1c:
e6:77:eb:97:eb:ca:27:74:60:01:68:c5:5c:6b:36:69:7c:22:
6b:4c:33:11:83:cb:37:05:bb:3e:78:4b:f3:83:47:7b:77:30:
25:22:3e:2c:19:0f:b2:9a:a6:cf:94:92:59:df:e5:90:1c:14:
33:d5:7d:e1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYWF6uY7G1tet0bGGefAqt9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTA2MDcxMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTY4MTU4MWM3ZWFlOGQ5YWYzMjBlZDc3OGM2NDFjY2ZjM2Y5ZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm8vYfZrO9sP8YpYK7tEQ+0xqqI2
366NfamdOrWFjnb5dNm3RCF52wbb0dsIOSG5IeDu+6TaqquOLzNkz73Ki7obwiDp
lXACoEjluo5pQUfeH6hOaChNe6B3e72wNDldQ/9tJHcgQHUnPVlgQhEWLdvp1xuu
dZRxqTkXVDkdy7NFvhQyl5qYsZbmvsekRCMuam0RmCcWAdgqRrqhxF4jP/e8FnbC
kfBl9EKu3sBlhdKKfbEv/Gc7pfLYzYWOkJ+XbwpV/w31Y2vSYLegRjJmphTUuERe
aqPGPkzHOwtlArDtrCaWoYO21Ykl8d8s1izCOQhUeGglWd4bnRxd4FoFewIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL5oFYHH6ujZrzIO13jGQcz8P59rMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdm1nVmdjZnE2Tm12TWc3WGVNWkJ6UHdfbjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCAxAwQA
VCAzAwQAVCDVAwQAVCDYAwQBWNhCAwQBWNjeMA0GCSqGSIb3DQEBCwUAA4IBAQAF
wyHWxaLqI/ObPmecKJ5iZEM2g+kZg46snCsC31iNPtcnhmtEw0mtqWq5OPlTwXlQ
Qap6rj4iT0ThVUuRZXbvjpZHLnfh1sqD+64TICKW170cRdx27lHTjhqQfJ2tnqVT
ng2D2QvSW7TrBoUSwTJO+fIeOI9UFpYDAF3BS4UGnpFjLOEBsJblmvLHYT+hiaxl
TjBoAhZLzEeiD4ctaO1ZBzhmFXKxXToUKQswQjaVI424jxWrjLdl8IS9NiKJ3sLQ
QLCSLxzmd+uX68ondGABaMVcazZpfCJrTDMRg8s3Bbs+eEvzg0d7dzAlIj4sGQ+y
mqbPlJJZ3+WQHBQz1X3h
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:33 2024 by rpki-client on console-ams.rpki-client.org