Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0in5RNSTkM6cJ-O-0TS4qXuLZkE.roa
File: 0in5RNSTkM6cJ-O-0TS4qXuLZkE.roa (raw, json)
Hash identifier: /gelGebwCtQeNXtglYX3pjuR1Qo+2/i7kydgg+sXdWc=
Subject key identifier: D2:29:F9:44:D4:93:90:CE:9C:27:E3:BE:D1:34:B8:A9:7B:8B:66:41
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018591C5DEE6F836C93C011D41F94AC03040
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0in5RNSTkM6cJ-O-0TS4qXuLZkE.roa
Signing time: Sun 08 Jan 2023 14:25:42 +0000
ROA not before: Sun 08 Jan 2023 14:25:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.236.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:91:c5:de:e6:f8:36:c9:3c:01:1d:41:f9:4a:c0:30:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 8 14:25:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d229f944d49390ce9c27e3bed134b8a97b8b6641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:71:96:c4:32:cf:bd:8b:c0:20:d2:79:2a:af:
f4:12:e2:b7:ae:25:7b:b7:29:e6:7a:a9:e5:e6:28:
09:d1:d7:49:fa:6c:c7:35:d8:dc:ac:d0:1a:7a:a0:
a7:bf:80:96:99:ac:6d:ad:ad:e9:d4:c6:c1:a8:89:
54:20:04:df:7d:a7:6a:df:37:33:8d:69:70:72:a7:
cd:f7:7e:8b:e6:66:32:16:58:55:9b:3c:26:95:7c:
1a:fe:76:d5:08:cc:47:fa:55:38:b9:7d:ed:33:04:
1a:bd:03:bf:90:b4:e4:88:59:bc:d3:5b:00:44:b1:
6c:54:cd:73:fb:c4:7c:a0:5f:75:4a:ea:ac:95:3a:
64:6d:c5:00:8e:b3:c5:1c:c1:bb:66:96:6e:a6:3b:
6b:e5:4c:64:85:42:85:73:3e:76:93:2b:27:5d:51:
52:1a:fd:99:b2:bc:36:ae:d8:6d:f2:07:94:19:92:
11:89:f7:66:9a:1b:5e:02:b2:11:54:67:49:92:ea:
c6:58:7c:5b:50:58:f1:6a:5f:7d:fc:c9:8d:c3:16:
fd:76:1a:2e:15:45:89:3e:4e:1d:4f:00:15:99:39:
4d:f8:f1:f1:f0:70:db:ed:f3:26:8a:de:48:bf:97:
71:3f:7f:bd:22:0d:33:e9:c8:e2:e0:0a:87:c4:06:
a3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:29:F9:44:D4:93:90:CE:9C:27:E3:BE:D1:34:B8:A9:7B:8B:66:41
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0in5RNSTkM6cJ-O-0TS4qXuLZkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0/24
84.32.236.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:ed:a5:e1:19:1d:74:7a:66:57:2d:ff:89:8e:56:12:fe:24:
c1:80:a5:ae:8f:c6:84:74:8f:a6:ad:f8:bc:5f:33:5f:8c:88:
a9:00:e6:8b:43:f2:f5:be:d3:32:43:3c:80:1d:42:c7:a6:cd:
a7:5f:9c:bc:3b:af:56:f0:d8:86:4b:80:a0:96:4e:42:7c:64:
ce:55:e4:59:2d:6d:4a:e3:6e:e4:db:22:e3:c0:71:2b:b5:ae:
30:d7:b9:8b:cf:aa:24:1c:72:83:13:dc:38:bf:a1:8b:2d:9a:
49:e7:22:5f:08:cd:25:3a:fe:30:e7:a2:0f:ff:30:ed:ba:36:
08:38:3d:85:0a:e3:9c:a8:f6:5e:35:fe:d9:8c:af:09:80:a1:
36:09:11:bd:f0:15:45:78:df:93:d4:08:fc:87:f6:e9:bb:b5:
1d:b1:57:36:96:6f:42:ba:87:23:86:d7:f7:f4:b8:11:8c:47:
f4:ad:94:67:39:7e:91:e0:d7:ad:55:4d:55:d6:a9:ad:7e:04:
d4:d4:64:52:7b:30:ca:f3:08:a7:79:14:42:c9:12:c0:08:84:
89:33:0d:dd:f0:38:97:17:a7:b1:23:53:c4:b5:58:f8:b0:e8:
4e:c1:45:30:96:4c:0a:30:02:cf:5b:ea:e3:4c:fc:aa:81:e7:
53:11:46:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWRxd7m+DbJPAEdQflKwDBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTA4MTQyNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjI5Zjk0NGQ0OTM5MGNlOWMyN2UzYmVkMTM0YjhhOTdiOGI2NjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHGWxDLPvYvAINJ5Kq/0EuK3riV7
tynmeqnl5igJ0ddJ+mzHNdjcrNAaeqCnv4CWmaxtra3p1MbBqIlUIATffadq3zcz
jWlwcqfN936L5mYyFlhVmzwmlXwa/nbVCMxH+lU4uX3tMwQavQO/kLTkiFm801sA
RLFsVM1z+8R8oF91SuqslTpkbcUAjrPFHMG7ZpZupjtr5UxkhUKFcz52kysnXVFS
Gv2Zsrw2rtht8geUGZIRifdmmhteArIRVGdJkurGWHxbUFjxal99/MmNwxb9dhou
FUWJPk4dTwAVmTlN+PHx8HDb7fMmit5Iv5dxP3+9Ig0z6cji4AqHxAaj1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNIp+UTUk5DOnCfjvtE0uKl7i2ZBMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMGluNVJOU1RrTTZjSi1PLTBUUzRxWHVMWmtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAHAwQB
VCDsMA0GCSqGSIb3DQEBCwUAA4IBAQAd7aXhGR10emZXLf+JjlYS/iTBgKWuj8aE
dI+mrfi8XzNfjIipAOaLQ/L1vtMyQzyAHULHps2nX5y8O69W8NiGS4Cglk5CfGTO
VeRZLW1K427k2yLjwHErta4w17mLz6okHHKDE9w4v6GLLZpJ5yJfCM0lOv4w56IP
/zDtujYIOD2FCuOcqPZeNf7ZjK8JgKE2CRG98BVFeN+T1Aj8h/bpu7UdsVc2lm9C
uocjhtf39LgRjEf0rZRnOX6R4NetVU1V1qmtfgTU1GRSezDK8wineRRCyRLACISJ
Mw3d8DiXF6exI1PEtVj4sOhOwUUwlkwKMALPW+rjTPyqgedTEUZN
-----END CERTIFICATE-----
Generated at Mon Aug 14 18:51:25 2023 by rpki-client on console-ams.rpki-client.org