Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/yeqg-bcoCxS7H3mfs3FFuPTilOY.roa
File: yeqg-bcoCxS7H3mfs3FFuPTilOY.roa (raw, json)
Hash identifier: MBnMECX2IZhU3aC2YMcXSRnb1jJB61f4xZ9yGAILSyE=
Subject key identifier: C9:EA:A0:F9:B7:28:0B:14:BB:1F:79:9F:B3:71:45:B8:F4:E2:94:E6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0192B88C534F911E4D7D7E8F4311F0C94853
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/yeqg-bcoCxS7H3mfs3FFuPTilOY.roa
Signing time: Wed 23 Oct 2024 08:44:17 +0000
ROA not before: Wed 23 Oct 2024 08:44:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.59.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 10:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:8c:53:4f:91:1e:4d:7d:7e:8f:43:11:f0:c9:48:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 23 08:44:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9eaa0f9b7280b14bb1f799fb37145b8f4e294e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:44:48:f1:b6:9f:8a:48:cd:82:e6:bc:ab:ff:
2b:06:04:48:73:e7:c1:27:3b:d1:69:a1:58:cb:66:
00:d2:ea:26:0e:06:b3:d8:67:3a:64:e0:3e:2b:21:
a0:a1:c2:10:96:20:1a:75:0b:ed:ba:47:56:99:ef:
9e:0f:1c:bf:66:1f:8f:4a:d3:cd:e0:0b:fc:fe:48:
bd:41:50:7f:16:3b:c9:a4:51:3d:63:6c:88:0e:72:
73:f6:84:a9:87:80:53:70:fd:c9:8b:09:bc:22:4d:
4f:ad:51:25:d0:51:e4:db:39:f9:17:d2:b9:38:e3:
f9:86:52:ba:84:da:2a:cb:e2:94:eb:92:05:4b:bd:
e2:4b:db:fc:0c:ae:7c:e5:c7:cd:c9:95:6c:94:d4:
71:fc:52:ea:da:df:85:ed:71:1f:81:db:8a:b5:f4:
0b:50:bf:37:05:91:e9:f1:03:70:4a:5f:ae:36:e7:
56:36:9a:6c:f9:45:68:20:5e:c3:31:5d:9c:8e:3a:
dd:9e:d8:c3:6a:5c:ff:dd:5c:cf:d1:f0:3e:3b:fb:
8b:7f:b8:6a:ca:53:b6:3f:32:b1:3f:b8:c1:f5:72:
e8:7d:91:f3:cc:ac:3a:c3:5b:b1:6f:54:af:b2:eb:
e9:2d:35:bd:ed:bf:d2:db:07:3a:2e:24:21:d0:f6:
5b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:EA:A0:F9:B7:28:0B:14:BB:1F:79:9F:B3:71:45:B8:F4:E2:94:E6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/yeqg-bcoCxS7H3mfs3FFuPTilOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.59.0/24
84.32.70.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.197.0/24
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
61:03:ed:82:1c:9e:30:d0:a1:2d:83:3b:be:30:96:15:fc:2d:
5c:bd:6d:7e:92:05:8f:16:35:e4:60:00:52:06:4c:a4:da:fd:
27:d2:87:7a:1b:02:b9:1c:17:c9:ff:d5:37:78:96:a6:06:0c:
0f:c5:62:4a:48:1b:db:fb:98:f7:0f:5f:f3:c9:a9:87:47:13:
73:63:19:07:bb:c1:52:a3:88:c9:1e:30:76:d6:91:bc:31:4e:
96:cb:ac:a6:53:d9:5f:8c:29:92:f6:b9:40:5f:2d:f8:60:39:
a7:97:75:ec:ad:40:51:40:4a:92:45:e7:71:2e:d1:f8:34:a6:
4c:2a:06:a3:5d:c5:26:fb:59:4c:64:6b:44:c6:72:fc:95:f6:
5c:8c:15:d2:b4:38:f8:69:26:be:28:e9:83:b7:a5:49:bc:6d:
30:49:f0:43:7f:94:f0:07:9f:04:e1:b6:48:36:b2:b8:23:9f:
20:09:41:2a:d7:6e:60:65:9c:e3:ca:13:9e:86:ee:63:4c:6b:
e5:98:68:06:70:11:4e:d5:d5:14:72:78:1d:9a:40:38:e2:7e:
75:3a:6b:bd:cd:b5:39:07:1d:2f:06:fa:15:84:85:81:b5:c5:
fc:b0:3f:17:84:76:ac:ac:4a:4d:f7:f0:d0:47:d0:4f:0a:e1:
72:5f:49:78
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZK4jFNPkR5NfX6PQxHwyUhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQxMDIzMDg0NDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWVhYTBmOWI3MjgwYjE0YmIxZjc5OWZiMzcxNDViOGY0ZTI5NGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3URI8bafikjNgua8q/8rBgRIc+fB
JzvRaaFYy2YA0uomDgaz2Gc6ZOA+KyGgocIQliAadQvtukdWme+eDxy/Zh+PStPN
4Av8/ki9QVB/FjvJpFE9Y2yIDnJz9oSph4BTcP3Jiwm8Ik1PrVEl0FHk2zn5F9K5
OOP5hlK6hNoqy+KU65IFS73iS9v8DK585cfNyZVslNRx/FLq2t+F7XEfgduKtfQL
UL83BZHp8QNwSl+uNudWNpps+UVoIF7DMV2cjjrdntjDalz/3VzP0fA+O/uLf7hq
ylO2PzKxP7jB9XLofZHzzKw6w1uxb1SvsuvpLTW97b/S2wc6LiQh0PZbrQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFMnqoPm3KAsUux95n7NxRbj04pTmMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveWVxZy1iY29DeFM3SDNtZnMzRkZ1UFRpbE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYwDAMEAFQg
BwMEAFQgCDAMAwQCVCAUAwQCVCAYAwQBVCAuAwQAVCA7AwQAVCBGAwQAVCBfAwQC
VCCUAwQBVCCuAwQBVCDWAwQCVCD0AwQBWNgWAwQBWNgsAwQAWNhdAwQBWNiCAwQB
WNiGAwQAWNjFAwQCWNjUMA0GCSqGSIb3DQEBCwUAA4IBAQBhA+2CHJ4w0KEtgzu+
MJYV/C1cvW1+kgWPFjXkYABSBkyk2v0n0od6GwK5HBfJ/9U3eJamBgwPxWJKSBvb
+5j3D1/zyamHRxNzYxkHu8FSo4jJHjB21pG8MU6Wy6ymU9lfjCmS9rlAXy34YDmn
l3XsrUBRQEqSRedxLtH4NKZMKgajXcUm+1lMZGtExnL8lfZcjBXStDj4aSa+KOmD
t6VJvG0wSfBDf5TwB58E4bZINrK4I58gCUEq125gZZzjyhOehu5jTGvlmGgGcBFO
1dUUcngdmkA44n51Omu9zbU5Bx0vBvoVhIWBtcX8sD8XhHasrEpN9/DQR9BPCuFy
X0l4
-----END CERTIFICATE-----
Generated at Thu Oct 24 16:00:44 2024 by rpki-client on console-ams.rpki-client.org