Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xTIDYfTk9bHoqGNH8UfGRjc7Q70.roa
File: xTIDYfTk9bHoqGNH8UfGRjc7Q70.roa (raw, json)
Hash identifier: e6C1toqQu3BXxZo/mZvEeb9iWJpDAAZ3zeSUCC06lRY=
Subject key identifier: C5:32:03:61:F4:E4:F5:B1:E8:A8:63:47:F1:47:C6:46:37:3B:43:BD
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFC166579C8838B4A21A3AEB9B9522
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xTIDYfTk9bHoqGNH8UfGRjc7Q70.roa
Signing time: Sun 01 Jan 2023 18:54:50 +0000
ROA not before: Sun 01 Jan 2023 18:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 84.32.57.0/24 maxlen: 24
84.32.85.0/24 maxlen: 24
84.32.91.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:c1:66:57:9c:88:38:b4:a2:1a:3a:eb:9b:95:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5320361f4e4f5b1e8a86347f147c646373b43bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a0:78:f2:f2:df:0f:db:65:4a:ff:92:d4:55:
89:f4:ff:e8:00:c4:d8:e5:6c:11:8f:26:83:8c:4f:
70:e3:0a:0b:ae:e0:ef:51:92:2b:d2:03:b9:83:70:
ce:8f:88:25:ac:b7:fc:1c:b9:20:9c:e4:cb:f1:8e:
74:3c:63:64:02:01:c1:2e:68:31:df:63:9d:37:bb:
67:a0:a4:e9:15:bb:c0:b5:3a:9e:dd:eb:52:c0:67:
1c:8c:87:bc:0d:9d:ec:29:d0:cd:fb:e5:66:b1:20:
b3:38:40:ce:5c:70:fb:31:21:a2:4e:82:e0:3f:bc:
3a:07:d7:64:2e:5a:57:5d:6f:7b:53:5d:0a:95:11:
53:d6:df:07:35:2b:1f:2b:25:88:71:c1:9d:1b:30:
fa:e8:9e:32:65:02:e1:0d:c7:7f:0d:86:71:2c:be:
5e:aa:96:d1:8a:d7:7c:38:29:40:5e:8a:05:f9:eb:
40:22:30:92:6b:44:90:95:6e:56:31:4f:ca:18:d6:
e2:e6:86:fc:44:95:08:3e:b3:11:88:8a:65:9c:f5:
d5:f2:1b:2b:a2:85:ba:67:87:fc:72:28:8f:ff:ec:
58:3e:41:af:b2:9c:2a:37:58:02:ad:a7:10:a3:bf:
27:50:ea:66:a8:8e:fd:be:05:4e:24:22:9e:6c:9c:
e7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:32:03:61:F4:E4:F5:B1:E8:A8:63:47:F1:47:C6:46:37:3B:43:BD
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xTIDYfTk9bHoqGNH8UfGRjc7Q70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.57.0/24
84.32.85.0/24
84.32.91.0/24
88.216.38.0/23
88.216.93.0/24
88.216.101.0/24
88.216.130.0/24
Signature Algorithm: sha256WithRSAEncryption
09:f6:95:e1:f4:eb:3b:ec:da:7e:2c:d3:6e:ec:9b:d8:01:59:
ec:c8:a4:b9:76:b3:69:62:b0:d8:c2:43:f0:2d:f0:05:79:21:
ce:5a:70:6a:c3:5d:ca:2e:5f:47:2f:70:29:04:3e:8a:34:de:
92:1c:6c:fc:a8:31:dd:85:f1:e1:27:4f:31:f0:37:1c:a6:88:
6a:d9:db:e6:71:d9:3f:2b:98:39:e6:21:6a:b2:d7:f3:02:1f:
eb:d6:73:c9:dd:15:a9:1a:84:17:31:04:1e:ea:64:a1:b2:ab:
1f:cc:1f:89:7f:c5:9e:e3:b6:ea:b6:7a:a1:d3:56:36:27:bb:
07:c9:a4:79:f3:6b:5f:d2:7c:a3:21:a9:20:91:ec:05:8e:f5:
17:01:22:ee:a5:1c:98:e7:5f:a6:f9:81:52:55:5a:c6:4e:f8:
15:c4:e9:1c:72:22:4f:cc:93:13:8a:50:7e:ef:6a:eb:50:33:
a0:87:c6:ba:7a:9d:fe:05:36:bf:35:da:8d:28:5f:d4:9f:9f:
b5:83:40:4c:5c:7d:56:bf:43:87:b0:51:31:11:46:2c:4d:56:
2f:1d:03:0a:a6:d2:34:6b:57:21:b6:71:5f:7c:51:ee:8e:4f:
66:bf:2e:49:33:3e:15:5b:77:66:f3:ba:1c:2e:21:38:6c:c1:
3d:13:b8:bd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVur8FmV5yIOLSiGjrrm5UiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTMyMDM2MWY0ZTRmNWIxZThhODYzNDdmMTQ3YzY0NjM3M2I0M2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaB48vLfD9tlSv+S1FWJ9P/oAMTY
5WwRjyaDjE9w4woLruDvUZIr0gO5g3DOj4glrLf8HLkgnOTL8Y50PGNkAgHBLmgx
32OdN7tnoKTpFbvAtTqe3etSwGccjIe8DZ3sKdDN++VmsSCzOEDOXHD7MSGiToLg
P7w6B9dkLlpXXW97U10KlRFT1t8HNSsfKyWIccGdGzD66J4yZQLhDcd/DYZxLL5e
qpbRitd8OClAXooF+etAIjCSa0SQlW5WMU/KGNbi5ob8RJUIPrMRiIplnPXV8hsr
ooW6Z4f8ciiP/+xYPkGvspwqN1gCracQo78nUOpmqI79vgVOJCKebJznTQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMUyA2H05PWx6KhjR/FHxkY3O0O9MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveFRJRFlmVGs5YkhvcUdOSDhVZkdSamM3UTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVCA5AwQA
VCBVAwQAVCBbAwQBWNgmAwQAWNhdAwQAWNhlAwQAWNiCMA0GCSqGSIb3DQEBCwUA
A4IBAQAJ9pXh9Os77Np+LNNu7JvYAVnsyKS5drNpYrDYwkPwLfAFeSHOWnBqw13K
Ll9HL3ApBD6KNN6SHGz8qDHdhfHhJ08x8Dccpohq2dvmcdk/K5g55iFqstfzAh/r
1nPJ3RWpGoQXMQQe6mShsqsfzB+Jf8We47bqtnqh01Y2J7sHyaR582tf0nyjIakg
kewFjvUXASLupRyY51+m+YFSVVrGTvgVxOkcciJPzJMTilB+72rrUDOgh8a6ep3+
BTa/NdqNKF/Un5+1g0BMXH1Wv0OHsFExEUYsTVYvHQMKptI0a1chtnFffFHujk9m
vy5JMz4VW3dm87ocLiE4bME9E7i9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:51 2023 by rpki-client on console-fra.rpki-client.org