Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xCyJHg_9gJ5DBRu9BXQoB9KuQNQ.roa
File: xCyJHg_9gJ5DBRu9BXQoB9KuQNQ.roa (raw, json)
Hash identifier: 3jVcMQUZ8l8CeIOTsDigcRhuEpdK4rHsArqKifa2hl4=
Subject key identifier: C4:2C:89:1E:0F:FD:80:9E:43:05:1B:BD:05:74:28:07:D2:AE:40:D4
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185F3EE716274066006815EC5E62A2AD935
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xCyJHg_9gJ5DBRu9BXQoB9KuQNQ.roa
Signing time: Fri 27 Jan 2023 15:52:48 +0000
ROA not before: Fri 27 Jan 2023 15:52:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209371
IP address blocks: 84.32.70.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.96.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Mar 2023 20:10:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:ee:71:62:74:06:60:06:81:5e:c5:e6:2a:2a:d9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 27 15:52:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c42c891e0ffd809e43051bbd05742807d2ae40d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:da:c0:b3:8b:5f:38:7e:7e:d8:0f:ce:b5:94:
f6:40:14:fb:20:3f:47:76:a7:dd:df:6c:f4:54:10:
47:c6:32:cf:57:9b:85:92:21:89:6b:69:9f:93:1f:
46:06:96:23:67:16:ef:fb:4a:3f:06:57:61:9f:92:
c3:49:01:30:84:44:7e:31:bf:b3:e4:ed:62:92:0a:
58:bd:ed:a9:df:ce:77:03:69:d0:6d:8b:b8:f9:89:
7c:03:3d:a9:c1:61:e2:ba:0c:6b:88:78:3f:bc:f2:
95:17:7a:01:a5:06:c8:dd:0d:b9:9b:c6:27:0c:87:
1f:0c:7c:d9:8f:cf:a5:8f:a6:ad:3c:00:de:6d:c1:
35:9e:e7:87:cc:58:ea:1a:cd:52:98:03:8c:c3:e2:
23:2b:fa:bc:ad:9b:13:5e:16:a2:d8:04:bc:12:47:
7f:4f:66:42:1d:6f:1e:72:4b:7f:00:f2:c6:93:fc:
42:e6:b0:9b:d3:71:d1:26:54:22:e3:f9:f8:08:da:
aa:63:89:fe:9b:1e:fa:e3:77:17:d0:4f:80:73:14:
5d:8a:ac:bc:04:f6:b1:ac:b2:65:e2:58:69:ac:ca:
87:4f:e7:1f:57:14:82:33:6f:b4:e6:23:40:35:a4:
18:58:ca:e7:7f:23:fa:c0:e0:f8:a9:96:5c:b3:d0:
ce:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2C:89:1E:0F:FD:80:9E:43:05:1B:BD:05:74:28:07:D2:AE:40:D4
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xCyJHg_9gJ5DBRu9BXQoB9KuQNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.70.0/24
88.216.18.0/24
88.216.96.0/24
88.216.185.0/24
Signature Algorithm: sha256WithRSAEncryption
44:d2:37:bf:fe:46:91:5e:ab:1f:bc:c0:85:aa:61:d3:35:a1:
5c:41:32:98:eb:fd:fc:d9:a3:12:f1:92:4d:c5:1d:2f:f1:c8:
a9:f1:ed:cb:3d:32:c8:43:a9:ec:22:03:03:1b:ea:e9:bf:4e:
dd:79:d6:6e:2e:5b:39:b4:c0:9c:2e:58:72:23:d5:1a:7e:18:
41:61:8f:29:e9:80:da:91:da:8e:da:0f:8b:b7:5d:c5:49:cf:
f2:66:91:47:ed:93:f0:bc:72:63:1f:13:56:21:b8:ff:7f:ac:
3e:66:76:61:ad:af:c4:33:1e:e9:9f:50:7c:bf:dd:1e:3f:e6:
cb:d4:6c:cd:50:75:96:65:8d:bc:a2:79:65:b7:28:90:6a:36:
8b:90:7c:c9:a8:ba:1c:32:fc:b6:99:dc:cf:3d:23:35:71:9e:
55:7a:51:76:85:39:ee:e2:44:30:a2:8b:31:d3:1a:ef:7a:8e:
f2:b8:e8:bb:3f:0f:bc:22:dc:d0:a9:15:b9:04:3a:4d:85:35:
79:85:ea:14:3c:96:7a:dd:75:68:77:87:0a:3a:23:3c:fb:3b:
b4:4d:48:07:42:f2:2e:fb:2a:ff:5f:ac:e0:82:73:06:fe:2e:
c7:37:90:b3:cc:a9:a1:57:a7:c4:25:f3:4e:0d:b1:d3:e1:70:
a6:56:bb:ae
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYXz7nFidAZgBoFexeYqKtk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTI3MTU1MjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDJjODkxZTBmZmQ4MDllNDMwNTFiYmQwNTc0MjgwN2QyYWU0MGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtrAs4tfOH5+2A/OtZT2QBT7ID9H
dqfd32z0VBBHxjLPV5uFkiGJa2mfkx9GBpYjZxbv+0o/Bldhn5LDSQEwhER+Mb+z
5O1ikgpYve2p3853A2nQbYu4+Yl8Az2pwWHiugxriHg/vPKVF3oBpQbI3Q25m8Yn
DIcfDHzZj8+lj6atPADebcE1nueHzFjqGs1SmAOMw+IjK/q8rZsTXhai2AS8Ekd/
T2ZCHW8eckt/APLGk/xC5rCb03HRJlQi4/n4CNqqY4n+mx7643cX0E+AcxRdiqy8
BPaxrLJl4lhprMqHT+cfVxSCM2+05iNANaQYWMrnfyP6wOD4qZZcs9DOhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMQsiR4P/YCeQwUbvQV0KAfSrkDUMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveEN5SkhnXzlnSjVEQlJ1OUJYUW9COUt1UU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCBGAwQA
WNgSAwQAWNhgAwQAWNi5MA0GCSqGSIb3DQEBCwUAA4IBAQBE0je//kaRXqsfvMCF
qmHTNaFcQTKY6/382aMS8ZJNxR0v8cip8e3LPTLIQ6nsIgMDG+rpv07dedZuLls5
tMCcLlhyI9UafhhBYY8p6YDakdqO2g+Lt13FSc/yZpFH7ZPwvHJjHxNWIbj/f6w+
ZnZhra/EMx7pn1B8v90eP+bL1GzNUHWWZY28onlltyiQajaLkHzJqLocMvy2mdzP
PSM1cZ5VelF2hTnu4kQwoosx0xrveo7yuOi7Pw+8ItzQqRW5BDpNhTV5heoUPJZ6
3XVod4cKOiM8+zu0TUgHQvIu+yr/X6zggnMG/i7HN5CzzKmhV6fEJfNODbHT4XCm
Vruu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org