Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wYnWktS_5tHVnurkzwrSG0RN9Zo.roa
File: wYnWktS_5tHVnurkzwrSG0RN9Zo.roa (raw, json)
Hash identifier: FQ0uVnYV1B1Cgqn97PlFXMxrOhflIjwhQuwe19105Cg=
Subject key identifier: C1:89:D6:92:D4:BF:E6:D1:D5:9E:EA:E4:CF:0A:D2:1B:44:4D:F5:9A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018580C8881B8756D51B4D275EE52078058E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wYnWktS_5tHVnurkzwrSG0RN9Zo.roa
Signing time: Thu 05 Jan 2023 07:15:03 +0000
ROA not before: Thu 05 Jan 2023 07:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.63.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.105.0/24 maxlen: 24
84.32.104.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
84.32.107.0/24 maxlen: 24
84.32.230.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Jan 2023 14:24:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:80:c8:88:1b:87:56:d5:1b:4d:27:5e:e5:20:78:05:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 5 07:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c189d692d4bfe6d1d59eeae4cf0ad21b444df59a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:38:ae:a7:2e:4d:e4:9b:93:e9:94:33:0b:c5:
2e:5f:74:dc:68:21:ed:37:62:14:42:d5:ce:02:51:
a2:6c:63:a5:fd:47:f8:c2:8c:23:25:ac:d4:bd:75:
81:cb:d1:1c:0a:47:51:a3:a0:fb:7c:0e:32:f6:4f:
fb:09:02:10:83:08:df:51:39:36:9e:a5:da:a1:db:
24:00:75:d5:8a:9f:ec:fd:db:22:9d:f3:bb:4c:bf:
b4:c9:3b:75:37:dc:60:70:b0:e0:08:3b:95:0a:de:
c5:83:74:fa:fe:31:b1:08:85:c8:d2:4a:01:44:f5:
fa:0b:8f:ce:51:fa:67:d2:2a:3d:34:d5:ba:a4:03:
92:24:17:39:83:99:e3:eb:8d:a9:9a:1d:10:97:78:
7f:2b:cd:3d:aa:8e:b0:2b:26:ae:93:65:a6:37:f8:
e4:ec:26:69:04:4d:a5:b2:d7:7f:4e:7b:59:25:7a:
18:0f:a6:7a:b5:86:95:bb:f7:99:b5:0a:44:2f:a6:
3c:d8:89:5e:eb:ac:02:da:95:48:51:ee:3c:07:92:
2b:45:13:c0:29:35:ec:3f:e6:b7:bb:34:f4:c9:37:
a0:c9:23:cc:f7:65:8e:f2:4d:35:d1:e4:e8:32:16:
5c:31:08:3a:66:cb:7a:b8:dd:f2:81:b1:83:c4:31:
0e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:89:D6:92:D4:BF:E6:D1:D5:9E:EA:E4:CF:0A:D2:1B:44:4D:F5:9A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wYnWktS_5tHVnurkzwrSG0RN9Zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.63.0/24
84.32.95.0/24
84.32.104.0/23
84.32.107.0/24
84.32.230.0/24
88.216.1.0-88.216.2.255
88.216.34.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
55:36:41:a1:4a:6e:fe:07:49:35:4c:b4:ae:e4:a5:6b:e0:3e:
31:3e:6b:86:50:69:ee:6a:6c:00:18:42:df:72:12:14:a3:5a:
9a:07:3f:c9:a3:b8:bc:c0:b7:70:a2:63:1d:79:d3:ed:93:ec:
43:1d:15:73:33:50:4a:2b:63:cf:ce:9a:5e:84:1b:8a:e8:aa:
84:e1:d9:da:5f:86:7a:04:ae:3f:9c:b7:b7:13:17:4b:c9:21:
28:ff:32:98:33:73:4f:3f:ce:74:00:aa:5d:ae:f5:d3:0a:8b:
01:bd:37:6f:c8:92:9d:8c:c7:53:89:70:36:89:22:69:10:f5:
02:2f:c9:07:07:e1:ba:59:49:65:16:98:26:82:12:c5:d6:1b:
4b:3d:c5:0d:d9:d6:6d:31:4d:cb:ee:0e:f6:c1:98:e6:9b:80:
b5:b8:20:bc:b8:58:78:a2:0f:e3:d7:59:dd:93:cf:f0:44:72:
00:f3:28:d1:d4:23:01:24:56:37:1a:d1:83:ff:20:0b:fc:0e:
ac:d9:6d:9c:6e:81:25:16:3f:e6:51:20:cd:1c:fa:c6:71:43:
81:1c:89:25:81:c7:01:00:f2:7d:f7:34:4e:43:50:47:3f:6c:
20:00:b7:51:c8:2f:cb:0d:d1:16:7e:2d:23:66:05:c7:01:13:
d1:8f:ab:5f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYWAyIgbh1bVG00nXuUgeAWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTA1MDcxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTg5ZDY5MmQ0YmZlNmQxZDU5ZWVhZTRjZjBhZDIxYjQ0NGRmNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDiupy5N5JuT6ZQzC8UuX3TcaCHt
N2IUQtXOAlGibGOl/Uf4wowjJazUvXWBy9EcCkdRo6D7fA4y9k/7CQIQgwjfUTk2
nqXaodskAHXVip/s/dsinfO7TL+0yTt1N9xgcLDgCDuVCt7Fg3T6/jGxCIXI0koB
RPX6C4/OUfpn0io9NNW6pAOSJBc5g5nj642pmh0Ql3h/K809qo6wKyauk2WmN/jk
7CZpBE2lstd/TntZJXoYD6Z6tYaVu/eZtQpEL6Y82Ile66wC2pVIUe48B5IrRRPA
KTXsP+a3uzT0yTegySPM92WO8k010eToMhZcMQg6Zst6uN3ygbGDxDEO6wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMGJ1pLUv+bR1Z7q5M8K0htETfWaMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvd1luV2t0U181dEhWbnVya3p3clNHMFJOOVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAVCA/AwQA
VCBfAwQBVCBoAwQAVCBrAwQAVCDmMAwDBABY2AEDBABY2AIDBABY2CIDBABY2MUw
DQYJKoZIhvcNAQELBQADggEBAFU2QaFKbv4HSTVMtK7kpWvgPjE+a4ZQae5qbAAY
Qt9yEhSjWpoHP8mjuLzAt3CiYx150+2T7EMdFXMzUEorY8/Oml6EG4roqoTh2dpf
hnoErj+ct7cTF0vJISj/Mpgzc08/znQAql2u9dMKiwG9N2/Ikp2Mx1OJcDaJImkQ
9QIvyQcH4bpZSWUWmCaCEsXWG0s9xQ3Z1m0xTcvuDvbBmOabgLW4ILy4WHiiD+PX
Wd2Tz/BEcgDzKNHUIwEkVjca0YP/IAv8DqzZbZxugSUWP+ZRIM0c+sZxQ4EciSWB
xwEA8n33NE5DUEc/bCAAt1HIL8sN0RZ+LSNmBccBE9GPq18=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:33 2024 by rpki-client on console-ams.rpki-client.org