Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0nlZqo1G5iHKMV6WNwRw-pJFhfk.roa
File: 0nlZqo1G5iHKMV6WNwRw-pJFhfk.roa (raw, json)
Hash identifier: img0NPpqIKsBocdXpUIQJAozrWVeWuIyFueQ89vOVuU=
Subject key identifier: D2:79:59:AA:8D:46:E6:21:CA:31:5E:96:37:04:70:FA:92:45:85:F9
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018B094D9F3581D34A5F9389B9F1F0E11B49
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0nlZqo1G5iHKMV6WNwRw-pJFhfk.roa
Signing time: Sat 07 Oct 2023 08:42:43 +0000
ROA not before: Sat 07 Oct 2023 08:42:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201364
IP address blocks: 84.32.220.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Oct 2023 19:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:09:4d:9f:35:81:d3:4a:5f:93:89:b9:f1:f0:e1:1b:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 7 08:42:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d27959aa8d46e621ca315e96370470fa924585f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c4:e1:c3:53:52:6f:0b:67:e3:0d:bf:b7:2e:
38:7a:df:f0:72:1f:59:e1:79:c2:3d:38:9a:75:2e:
29:f0:b2:e8:2a:31:e8:ad:95:34:a5:48:3f:6c:5b:
35:2b:69:09:11:02:da:7f:a6:41:20:a9:48:ff:30:
f4:e4:ab:9e:7b:c2:c9:a3:f1:76:03:f9:db:8d:ea:
d1:b2:4e:7f:7d:0d:82:1c:75:52:f1:04:8d:98:e5:
41:fd:13:f2:5d:f1:a0:61:ba:d6:21:0a:02:d6:11:
91:9e:de:69:81:2d:e1:0f:4d:08:45:45:da:b2:6e:
a5:24:9c:e1:90:2a:91:a8:12:b6:e8:1c:c3:9e:1d:
31:18:d1:73:40:af:7b:87:d4:e1:af:c7:70:e4:8d:
ee:40:e1:6c:52:c5:0e:5a:c9:be:40:f3:a4:21:fa:
07:c5:35:89:72:5c:31:9c:62:a9:11:61:37:58:4a:
68:3f:0c:af:aa:57:bb:b7:6e:83:cf:57:fb:c5:56:
5b:06:51:68:8f:c1:9e:a6:91:fd:09:b9:fb:6a:7d:
f9:09:56:4f:6b:72:75:21:58:4d:a0:a0:31:4a:50:
f7:5a:d7:4c:2e:60:9d:e9:ce:70:32:a8:9f:03:10:
62:3f:79:78:4e:de:8c:4f:9a:16:ab:c9:01:44:54:
e7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:79:59:AA:8D:46:E6:21:CA:31:5E:96:37:04:70:FA:92:45:85:F9
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0nlZqo1G5iHKMV6WNwRw-pJFhfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.220.0/24
84.32.231.0/24
84.32.253.0/24
Signature Algorithm: sha256WithRSAEncryption
08:4e:48:18:31:81:00:52:c4:e8:87:97:d9:f2:2f:c3:2f:73:
ca:df:5b:8f:d3:99:27:f5:ee:a9:c9:d8:a2:66:90:77:41:52:
61:04:cc:df:10:3f:59:4c:d0:7e:91:f2:f1:17:30:7b:54:7f:
eb:71:09:70:dd:5e:85:04:5a:af:a0:d0:4e:85:12:2b:4e:1b:
9b:ab:80:e1:1a:e3:07:48:29:4e:28:f4:52:18:42:95:a1:90:
9d:82:a1:c1:ba:ed:45:a9:c6:ec:85:6e:3f:64:d7:86:18:ac:
a4:f0:13:21:9a:36:2d:f2:0d:b2:5a:85:96:9f:18:5f:54:c2:
6e:d6:c5:56:7a:81:96:96:b5:37:18:69:d6:7a:07:12:a4:5c:
d4:b5:3d:0b:31:57:3b:e9:40:11:b3:21:56:9a:ee:5d:df:a8:
49:3e:d9:07:9e:23:70:47:16:81:0e:22:4c:62:89:f9:be:5f:
5a:77:42:40:a0:3d:63:94:f2:ea:53:e0:ca:36:a2:14:02:7d:
20:77:7e:c2:6b:21:45:db:6e:cd:1b:b8:c4:ed:8f:95:5a:9f:
aa:0d:30:11:89:9b:83:3e:52:cc:60:aa:ae:4c:bc:e2:ac:87:
4e:a0:8f:5d:b9:86:d4:e3:ae:f8:83:52:e4:f5:83:5f:88:fb:
28:54:37:42
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsJTZ81gdNKX5OJufHw4RtJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDA3MDg0MjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjc5NTlhYThkNDZlNjIxY2EzMTVlOTYzNzA0NzBmYTkyNDU4NWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcThw1NSbwtn4w2/ty44et/wch9Z
4XnCPTiadS4p8LLoKjHorZU0pUg/bFs1K2kJEQLaf6ZBIKlI/zD05Kuee8LJo/F2
A/nbjerRsk5/fQ2CHHVS8QSNmOVB/RPyXfGgYbrWIQoC1hGRnt5pgS3hD00IRUXa
sm6lJJzhkCqRqBK26BzDnh0xGNFzQK97h9Thr8dw5I3uQOFsUsUOWsm+QPOkIfoH
xTWJclwxnGKpEWE3WEpoPwyvqle7t26Dz1f7xVZbBlFoj8GeppH9Cbn7an35CVZP
a3J1IVhNoKAxSlD3WtdMLmCd6c5wMqifAxBiP3l4Tt6MT5oWq8kBRFTnqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNJ5WaqNRuYhyjFeljcEcPqSRYX5MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMG5sWnFvMUc1aUhLTVY2V053UnctcEpGaGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCDcAwQA
VCDnAwQAVCD9MA0GCSqGSIb3DQEBCwUAA4IBAQAITkgYMYEAUsToh5fZ8i/DL3PK
31uP05kn9e6pydiiZpB3QVJhBMzfED9ZTNB+kfLxFzB7VH/rcQlw3V6FBFqvoNBO
hRIrThubq4DhGuMHSClOKPRSGEKVoZCdgqHBuu1FqcbshW4/ZNeGGKyk8BMhmjYt
8g2yWoWWnxhfVMJu1sVWeoGWlrU3GGnWegcSpFzUtT0LMVc76UARsyFWmu5d36hJ
PtkHniNwRxaBDiJMYon5vl9ad0JAoD1jlPLqU+DKNqIUAn0gd37CayFF227NG7jE
7Y+VWp+qDTARiZuDPlLMYKquTLzirIdOoI9duYbU4674g1Lk9YNfiPsoVDdC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:23 2024 by rpki-client on console-ams.rpki-client.org