Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aD3jluaTKC_vJf3A8qg7TasEn1Q.roa
File: aD3jluaTKC_vJf3A8qg7TasEn1Q.roa (raw, json)
Hash identifier: YiLnu+Ld/LDOXQwpi6tXUNpGZKbxNraqOip9q+GZRHw=
Subject key identifier: 68:3D:E3:96:E6:93:28:2F:EF:25:FD:C0:F2:A8:3B:4D:AB:04:9F:54
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019651C1FF4F053D1507BCE0E2216B4BF0C2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aD3jluaTKC_vJf3A8qg7TasEn1Q.roa
Signing time: Sun 20 Apr 2025 05:53:10 +0000
ROA not before: Sun 20 Apr 2025 05:53:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.104.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.208.0/23 maxlen: 23
84.32.214.0/23 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.34.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.127.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Apr 2025 06:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:51:c1:ff:4f:05:3d:15:07:bc:e0:e2:21:6b:4b:f0:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 20 05:53:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=683de396e693282fef25fdc0f2a83b4dab049f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b5:d1:80:0b:ed:d4:03:2d:3a:84:15:5a:6f:
f9:f1:2c:22:ff:d4:7b:c7:5a:b9:04:0a:08:61:f7:
f2:42:bc:4e:44:96:11:2a:bf:ff:34:57:5c:54:60:
da:cc:f7:7f:7d:84:ed:09:1d:c1:11:86:5c:11:66:
5b:26:be:a7:da:18:b9:05:a8:97:a0:2f:89:84:9b:
c0:29:86:ad:11:d1:a9:8d:39:5a:95:7f:12:6b:ee:
7c:ce:dd:de:dd:e3:a8:5d:0f:f7:a3:7a:5f:19:0a:
79:0f:89:c8:2c:0e:44:91:6f:42:80:76:b1:aa:0e:
09:9b:79:f2:34:09:87:04:ca:47:0d:13:00:6d:c3:
af:52:3e:ff:46:ec:a3:e4:69:6a:14:23:2e:76:c5:
02:e2:2c:d9:83:c1:49:78:1f:34:6a:ab:fc:3f:b0:
91:09:81:5b:cb:cc:24:db:2d:e5:ce:8d:5a:5f:78:
1d:88:7c:b5:63:50:e9:36:86:18:c0:e1:a3:67:e4:
d1:4b:94:1e:51:10:bc:ae:09:cd:03:ed:30:81:49:
1d:25:95:b6:14:f5:70:54:e5:32:c8:b5:3f:cd:fa:
4b:16:5e:32:ac:cd:48:c5:b1:67:af:ae:ac:d4:12:
9c:cf:c9:c2:8c:be:d3:5b:e6:15:5b:8f:46:93:e1:
c2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:3D:E3:96:E6:93:28:2F:EF:25:FD:C0:F2:A8:3B:4D:AB:04:9F:54
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aD3jluaTKC_vJf3A8qg7TasEn1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.64.0/24
84.32.104.0/24
84.32.148.0/22
84.32.174.0/23
84.32.208.0/23
84.32.214.0/23
84.32.223.0/24
84.32.244.0/22
88.216.22.0/23
88.216.34.0/24
88.216.44.0/23
88.216.66.0/23
88.216.93.0/24
88.216.127.0/24
88.216.130.0/23
88.216.134.0/23
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:66:fa:cd:4c:da:eb:c4:f8:5b:93:08:24:51:bd:95:ac:9e:
d0:34:88:66:1f:d6:58:27:92:6e:a3:ab:13:d8:3b:02:0b:be:
60:aa:c8:93:36:cf:ce:49:d6:cc:27:e6:bf:c7:f1:52:ec:6c:
e4:fe:76:6e:68:6d:d5:30:05:df:ab:7b:e5:b7:3f:ad:e4:47:
a9:57:2c:71:6b:15:51:86:4d:5b:24:a9:49:0d:be:86:91:c5:
45:28:d9:09:a8:f9:14:eb:63:ff:b5:80:eb:d9:1c:e7:30:0d:
fd:db:5e:e9:46:b3:38:42:97:2e:8d:b3:a3:f0:aa:d7:c9:81:
97:81:89:22:f4:5f:0f:bf:e9:1c:75:91:4a:07:a8:17:af:be:
76:ab:cf:1d:fb:67:a0:b3:58:68:d2:19:51:85:27:0d:1a:00:
1b:bf:68:75:7c:02:b0:a8:8f:72:7e:88:20:91:8b:10:7d:e5:
52:0f:4b:24:68:3a:9b:da:f4:0a:ab:e6:0c:5f:2d:64:ef:50:
9f:32:c9:b4:c3:32:41:2f:44:26:2a:80:a3:47:47:36:c5:37:
bb:61:4a:b3:24:17:96:a3:dc:c4:2a:c6:1b:94:a2:da:d3:12:
be:7f:78:14:cb:f9:ae:cf:bf:d8:12:21:cb:30:c1:31:3c:08:
db:41:b4:5e
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZZRwf9PBT0VB7zg4iFrS/DCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwNDIwMDU1MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODNkZTM5NmU2OTMyODJmZWYyNWZkYzBmMmE4M2I0ZGFiMDQ5ZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbXRgAvt1AMtOoQVWm/58Swi/9R7
x1q5BAoIYffyQrxORJYRKr//NFdcVGDazPd/fYTtCR3BEYZcEWZbJr6n2hi5BaiX
oC+JhJvAKYatEdGpjTlalX8Sa+58zt3e3eOoXQ/3o3pfGQp5D4nILA5EkW9CgHax
qg4Jm3nyNAmHBMpHDRMAbcOvUj7/Ruyj5GlqFCMudsUC4izZg8FJeB80aqv8P7CR
CYFby8wk2y3lzo1aX3gdiHy1Y1DpNoYYwOGjZ+TRS5QeURC8rgnNA+0wgUkdJZW2
FPVwVOUyyLU/zfpLFl4yrM1IxbFnr66s1BKcz8nCjL7TW+YVW49Gk+HCJwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFGg945bmkygv7yX9wPKoO02rBJ9UMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYUQzamx1YVRLQ192SmYzQThxZzdUYXNFbjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYAwDAME
AFQgBwMEAFQgCAMEAlQgFAMEAVQgLgMEAFQgQAMEAFQgaAMEAlQglAMEAVQgrgME
AVQg0AMEAVQg1gMEAFQg3wMEAlQg9AMEAVjYFgMEAFjYIgMEAVjYLAMEAVjYQgME
AFjYXQMEAFjYfwMEAVjYggMEAVjYhgMEAFjY3zANBgkqhkiG9w0BAQsFAAOCAQEA
fGb6zUza68T4W5MIJFG9laye0DSIZh/WWCeSbqOrE9g7Agu+YKrIkzbPzknWzCfm
v8fxUuxs5P52bmht1TAF36t75bc/reRHqVcscWsVUYZNWySpSQ2+hpHFRSjZCaj5
FOtj/7WA69kc5zAN/dte6UazOEKXLo2zo/Cq18mBl4GJIvRfD7/pHHWRSgeoF6++
dqvPHftnoLNYaNIZUYUnDRoAG79odXwCsKiPcn6IIJGLEH3lUg9LJGg6m9r0Cqvm
DF8tZO9QnzLJtMMyQS9EJiqAo0dHNsU3u2FKsyQXlqPcxCrGG5Si2tMSvn94FMv5
rs+/2BIhyzDBMTwI20G0Xg==
-----END CERTIFICATE-----
Generated at Wed May 7 20:26:56 2025 by rpki-client