Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/za4dszely7iuLliUz10NCwYtCs8.roa
File: za4dszely7iuLliUz10NCwYtCs8.roa (raw, json)
Hash identifier: WsfQcPhfwHeK8B/BHSx5hH4a0ylPhFhFdm+G/BgHo3o=
Subject key identifier: CD:AE:1D:B3:37:A5:CB:B8:AE:2E:58:94:CF:5D:0D:0B:06:2D:0A:CF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01918DD9BD23F90FD0C7E51F8875361A93C0
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/za4dszely7iuLliUz10NCwYtCs8.roa
Signing time: Mon 26 Aug 2024 08:42:22 +0000
ROA not before: Mon 26 Aug 2024 08:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 07:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8d:d9:bd:23:f9:0f:d0:c7:e5:1f:88:75:36:1a:93:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 26 08:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdae1db337a5cbb8ae2e5894cf5d0d0b062d0acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:04:f2:d9:a7:d4:70:4c:e5:b2:db:6b:73:bd:
b8:33:68:c1:7b:9d:3a:7c:d7:ef:68:ab:8d:e1:c6:
e9:73:dc:ab:f5:88:64:9d:8b:f4:47:16:ce:43:01:
0a:d7:84:6c:f1:c3:a7:c6:03:a5:42:78:e9:1f:b5:
2c:1f:df:2a:44:1b:f6:98:c1:76:8c:6c:1e:7f:f2:
2d:d6:ea:09:fe:c7:78:dc:d0:ac:f7:b6:59:10:8e:
dc:00:8e:52:61:b0:22:29:81:41:5a:b3:1a:04:9a:
07:c3:07:7e:ea:0a:7f:04:dd:bd:d9:03:28:39:b1:
c5:84:0d:7d:df:17:e3:8a:4b:a8:96:3f:64:c2:54:
76:22:58:ca:ee:6c:0f:31:60:d6:6d:2d:30:2b:fb:
4d:33:7f:6d:65:83:a7:0a:db:28:15:8f:95:31:13:
1a:f5:80:fb:61:73:0d:49:11:85:6a:68:c8:00:47:
8b:e4:cd:ca:0b:8d:58:8f:03:40:3b:99:d3:29:3c:
31:8d:dc:9d:0f:b4:49:23:95:6f:bf:21:78:11:a1:
b4:1f:c0:bc:1f:3b:92:0a:8a:16:e6:7b:4d:66:16:
ff:2a:b0:30:98:3b:a4:46:06:e7:06:bd:93:0a:94:
a5:d9:dd:7c:10:05:9e:65:79:06:c4:0e:37:46:da:
4c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:AE:1D:B3:37:A5:CB:B8:AE:2E:58:94:CF:5D:0D:0B:06:2D:0A:CF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/za4dszely7iuLliUz10NCwYtCs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.70.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.197.0/24
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
33:8c:7b:f3:1a:76:84:c4:9b:59:87:d7:de:37:60:75:79:4a:
0a:6e:f2:1b:f9:9d:b3:34:98:8a:30:e3:27:56:c8:2c:61:df:
15:ed:86:bf:82:79:ea:f4:f2:f5:3a:e9:78:09:78:dc:d9:f8:
3c:a7:4a:48:5e:d8:53:5e:4d:5a:da:65:36:76:ad:d7:3e:24:
1f:b5:ed:47:6d:71:2a:3f:ca:0a:eb:d3:1f:9b:3d:f0:08:25:
fc:ec:dd:d3:76:56:2b:6b:15:a8:6b:f3:9c:c1:3d:df:e6:e5:
c5:7e:68:6f:81:fa:bd:a5:97:3a:55:ac:74:95:50:41:df:d3:
e9:a8:9a:b2:ab:a9:b6:58:ba:d0:97:ab:04:43:82:1c:52:0d:
20:0f:ad:d4:2c:af:50:2d:da:44:08:80:c6:b0:be:3b:e5:ab:
cb:3f:f1:4d:89:d0:61:25:cb:e9:ff:a1:a2:c0:a1:5a:4d:54:
cc:66:3b:21:16:47:65:09:68:f3:34:99:5e:43:ec:a7:4c:d1:
43:b4:a5:46:9a:2e:b0:dc:31:82:88:f4:4b:52:31:54:0b:9e:
81:86:1d:67:42:49:c9:cb:bf:21:a8:11:27:81:42:cb:98:49:
77:8a:24:ff:00:f5:47:b5:18:f9:c6:13:f1:31:ee:c8:b3:e6:
bb:30:0f:55
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZGN2b0j+Q/Qx+UfiHU2GpPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwODI2MDg0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGFlMWRiMzM3YTVjYmI4YWUyZTU4OTRjZjVkMGQwYjA2MmQwYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtATy2afUcEzlsttrc724M2jBe506
fNfvaKuN4cbpc9yr9YhknYv0RxbOQwEK14Rs8cOnxgOlQnjpH7UsH98qRBv2mMF2
jGwef/It1uoJ/sd43NCs97ZZEI7cAI5SYbAiKYFBWrMaBJoHwwd+6gp/BN292QMo
ObHFhA193xfjikuolj9kwlR2IljK7mwPMWDWbS0wK/tNM39tZYOnCtsoFY+VMRMa
9YD7YXMNSRGFamjIAEeL5M3KC41YjwNAO5nTKTwxjdydD7RJI5VvvyF4EaG0H8C8
HzuSCooW5ntNZhb/KrAwmDukRgbnBr2TCpSl2d18EAWeZXkGxA43RtpMPQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFM2uHbM3pcu4ri5YlM9dDQsGLQrPMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvemE0ZHN6ZWx5N2l1TGxpVXoxME5Dd1l0Q3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcDAMAwQAVCAH
AwQAVCAIMAwDBAJUIBQDBAJUIBgDBAFUIC4DBABUIEYDBABUIF8DBAJUIJQDBAFU
IK4DBAFUINYDBAJUIPQDBAFY2BYDBAFY2CwDBABY2F0DBAFY2IIDBAFY2IYDBABY
2MUDBAJY2NQwDQYJKoZIhvcNAQELBQADggEBADOMe/MadoTEm1mH1943YHV5Sgpu
8hv5nbM0mIow4ydWyCxh3xXthr+Ceer08vU66XgJeNzZ+DynSkhe2FNeTVraZTZ2
rdc+JB+17UdtcSo/ygrr0x+bPfAIJfzs3dN2VitrFahr85zBPd/m5cV+aG+B+r2l
lzpVrHSVUEHf0+momrKrqbZYutCXqwRDghxSDSAPrdQsr1At2kQIgMawvjvlq8s/
8U2J0GEly+n/oaLAoVpNVMxmOyEWR2UJaPM0mV5D7KdM0UO0pUaaLrDcMYKI9EtS
MVQLnoGGHWdCScnLvyGoESeBQsuYSXeKJP8A9Ue1GPnGE/Ex7siz5rswD1U=
-----END CERTIFICATE-----
Generated at Thu Sep 12 09:26:05 2024 by rpki-client on console-fra.rpki-client.org