Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wy36PlPOLxIOzFMpWsikLkAzUlU.roa
File: wy36PlPOLxIOzFMpWsikLkAzUlU.roa (raw, json)
Hash identifier: iFz0oVZqUTn3lKtwrERtyJ8e3tuJHGULtJ1dSjTMZh4=
Subject key identifier: C3:2D:FA:3E:53:CE:2F:12:0E:CC:53:29:5A:C8:A4:2E:40:33:52:55
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0195A0633168AA8C9B7204A15C467F4A82F3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wy36PlPOLxIOzFMpWsikLkAzUlU.roa
Signing time: Sun 16 Mar 2025 19:16:49 +0000
ROA not before: Sun 16 Mar 2025 19:16:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.59.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 11:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a0:63:31:68:aa:8c:9b:72:04:a1:5c:46:7f:4a:82:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 16 19:16:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c32dfa3e53ce2f120ecc53295ac8a42e40335255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:91:22:11:c8:c7:0b:17:c8:73:d4:a0:34:8b:
17:2d:95:21:4b:5c:99:98:90:35:75:2d:d2:96:4d:
65:a7:c0:09:f1:c4:bf:11:22:65:68:8f:4f:01:a9:
5f:e8:78:80:69:cf:38:82:4f:d0:d4:8f:0c:78:6c:
25:86:87:b7:cf:ec:11:5d:8f:7a:32:f4:95:a9:8e:
37:36:e2:ba:85:6c:4f:46:42:b6:f2:37:a2:e3:2f:
73:4d:8e:bd:7e:4f:cf:a3:ce:d2:0a:1a:25:5a:24:
3a:8a:14:37:b2:da:9a:6d:c3:78:f2:a5:29:6c:3d:
c1:22:c8:bd:aa:4b:08:34:0b:0b:a5:37:b5:02:78:
a5:03:5f:69:88:f2:9a:bd:94:1d:75:5e:d2:24:3b:
d3:37:31:2f:95:cb:b4:97:ce:5c:55:d7:c0:25:e6:
5f:b4:6e:90:54:87:2a:d5:1c:ee:83:2c:0b:f6:bb:
a1:f9:23:b1:38:aa:45:2d:97:5a:8c:36:19:7a:63:
a2:87:c0:36:3c:d8:f9:93:f1:1f:bb:a3:c3:f0:fc:
61:22:70:7f:33:00:a4:b5:ff:97:28:44:b9:66:5c:
83:11:85:7f:67:3d:7e:c7:e0:1c:f0:00:37:e8:a0:
00:b8:3c:a2:9a:ec:76:5e:5d:c0:cc:ca:f0:3d:b6:
b4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:2D:FA:3E:53:CE:2F:12:0E:CC:53:29:5A:C8:A4:2E:40:33:52:55
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wy36PlPOLxIOzFMpWsikLkAzUlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.59.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.66.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:6d:58:41:bb:5b:55:6c:62:d5:99:22:b6:fd:7c:64:ef:58:
ce:b9:66:79:26:52:c5:05:16:d6:dd:5c:7f:47:cb:fe:a9:c4:
25:ce:9c:bb:11:51:a2:73:6d:1b:8a:2c:c3:4f:48:1a:8b:6b:
eb:77:fd:24:c7:a1:b5:0f:c9:29:85:db:77:86:d5:76:ba:70:
ea:c0:a6:fe:22:ec:79:64:19:6b:1c:85:4e:a2:ba:74:66:0c:
95:b5:19:57:68:e2:2d:e4:62:69:28:e0:c4:5b:b7:4f:fa:24:
f3:15:23:cb:6a:8d:a0:7e:e0:ce:d2:07:83:13:a2:21:14:01:
69:cf:3c:52:1c:04:2c:e6:c0:a5:a3:10:9a:c7:0a:7b:21:9e:
54:1f:c1:1b:b6:88:b5:89:bf:83:b8:2d:a3:c2:9b:72:15:31:
f5:ec:7c:be:02:20:d0:50:8b:31:57:24:1e:f7:18:91:36:ae:
0f:c3:da:f3:61:ac:81:00:5c:95:55:2c:24:e8:a7:e8:0e:ef:
b5:5b:c8:1c:ef:9c:35:e0:25:35:48:e5:e7:ba:85:8e:4d:96:
01:f4:50:22:84:72:f3:3b:38:e7:14:1b:e6:9b:3f:58:b9:bd:
44:31:9c:41:f8:b0:a5:05:a9:1a:8b:7a:af:08:e4:be:52:18:
b5:ad:35:8f
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZWgYzFoqoybcgShXEZ/SoLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMzE2MTkxNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzJkZmEzZTUzY2UyZjEyMGVjYzUzMjk1YWM4YTQyZTQwMzM1MjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5EiEcjHCxfIc9SgNIsXLZUhS1yZ
mJA1dS3Slk1lp8AJ8cS/ESJlaI9PAalf6HiAac84gk/Q1I8MeGwlhoe3z+wRXY96
MvSVqY43NuK6hWxPRkK28jei4y9zTY69fk/Po87SCholWiQ6ihQ3stqabcN48qUp
bD3BIsi9qksINAsLpTe1AnilA19piPKavZQddV7SJDvTNzEvlcu0l85cVdfAJeZf
tG6QVIcq1RzugywL9ruh+SOxOKpFLZdajDYZemOih8A2PNj5k/Efu6PD8PxhInB/
MwCktf+XKES5ZlyDEYV/Zz1+x+Ac8AA36KAAuDyimux2Xl3AzMrwPba0YQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFMMt+j5Tzi8SDsxTKVrIpC5AM1JVMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvd3kzNlBsUE9MeElPekZNcFdzaWtMa0F6VWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiMAwDBABUIAcD
BABUIAgDBAJUIBQDBAFUIC4DBABUIDsDBAJUIJQDBAFUIK4DBAFUINYDBAJUIPQD
BAFY2BYDBAFY2CwDBAFY2EIDBABY2F0DBAFY2IIDBAFY2IYDBABY2NwwDQYJKoZI
hvcNAQELBQADggEBAD1tWEG7W1VsYtWZIrb9fGTvWM65ZnkmUsUFFtbdXH9Hy/6p
xCXOnLsRUaJzbRuKLMNPSBqLa+t3/STHobUPySmF23eG1Xa6cOrApv4i7HlkGWsc
hU6iunRmDJW1GVdo4i3kYmko4MRbt0/6JPMVI8tqjaB+4M7SB4MToiEUAWnPPFIc
BCzmwKWjEJrHCnshnlQfwRu2iLWJv4O4LaPCm3IVMfXsfL4CINBQizFXJB73GJE2
rg/D2vNhrIEAXJVVLCTop+gO77VbyBzvnDXgJTVI5ee6hY5NlgH0UCKEcvM7OOcU
G+abP1i5vUQxnEH4sKUFqRqLeq8I5L5SGLWtNY8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:41:22 2025 by rpki-client