Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-7jJRavZamMUK3MFcHtptXN1K-0.roa
File: 1-7jJRavZamMUK3MFcHtptXN1K-0.roa (raw, json)
Hash identifier: H8NmKEzSXAHBmk4ZKyrXIFCN3GWwewma0IwI5A1oGoc=
Subject key identifier: FB:B8:C9:45:AB:D9:6A:63:14:2B:73:05:70:7B:69:B5:73:75:2B:ED
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188F673B19AEF830AE631E5C1F2B3DBF002
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-7jJRavZamMUK3MFcHtptXN1K-0.roa
Signing time: Mon 26 Jun 2023 06:45:57 +0000
ROA not before: Mon 26 Jun 2023 06:45:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 84.32.77.0/24 maxlen: 24
84.32.136.0/22 maxlen: 24
88.216.248.0/22 maxlen: 24
84.32.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jul 2023 05:59:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f6:73:b1:9a:ef:83:0a:e6:31:e5:c1:f2:b3:db:f0:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 26 06:45:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbb8c945abd96a63142b7305707b69b573752bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cf:8e:a8:86:ea:56:58:d7:f4:7b:ab:d7:bd:
19:9b:e6:bc:19:48:0d:79:de:47:78:37:fd:57:5b:
3a:82:5b:df:34:52:13:df:70:1b:1a:a2:f3:89:94:
fa:7e:5d:c8:1d:c2:4b:47:42:4c:41:cb:74:bf:2f:
65:27:59:82:68:8d:9a:d1:5a:5e:4d:58:d1:98:40:
68:67:17:6d:85:5a:91:dc:63:f3:bd:ea:c4:cc:85:
9c:8f:0a:a3:e6:9e:79:b1:dd:fd:63:92:4d:ec:0f:
6f:49:11:47:44:3f:66:be:ee:78:54:bb:f4:4f:87:
c3:87:25:e1:9b:c1:67:98:89:46:cd:85:b4:59:c9:
c4:f9:d3:a5:3a:34:11:32:2c:c1:76:3f:4d:6b:cf:
f3:01:1e:de:f9:f3:ba:e7:9c:94:5f:07:e1:7a:00:
85:ef:a9:f9:c3:c2:bb:1e:e8:f8:4c:23:87:e3:10:
bf:04:c4:e3:73:35:d0:d5:42:d2:da:3a:bb:d6:87:
6f:b8:0f:41:e5:df:15:29:17:22:17:d0:19:77:c7:
a1:d3:6f:fc:72:58:16:9d:02:71:e0:ad:45:e1:98:
42:1b:48:55:b1:6e:42:69:56:f3:70:94:79:7d:2a:
f2:35:08:e4:b5:d1:5d:b7:66:21:fb:ab:2f:7a:46:
05:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B8:C9:45:AB:D9:6A:63:14:2B:73:05:70:7B:69:B5:73:75:2B:ED
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-7jJRavZamMUK3MFcHtptXN1K-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.77.0/24
84.32.136.0/22
84.32.157.0/24
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
47:17:20:38:2d:9f:e4:cb:42:5e:58:6b:57:be:d1:0f:12:8e:
37:8d:5a:99:8d:25:7c:80:d8:ec:11:f2:c9:41:59:b8:92:ca:
b6:38:38:98:32:fc:40:d2:5d:7b:c4:e2:7d:67:28:85:fc:5c:
cc:6d:bf:21:f1:b8:2e:51:e4:d4:84:e7:2e:be:38:36:94:43:
31:4c:89:d6:69:8e:86:0c:81:54:43:08:23:03:e4:f0:1e:1f:
27:70:e6:22:2a:4f:42:ab:d6:df:a5:f3:15:77:80:b2:3e:0f:
2e:ba:f3:55:d3:19:cc:6b:bb:c2:a1:30:7b:64:8f:e3:6d:50:
cf:59:e1:89:c1:39:34:6c:ea:1f:d2:b0:0a:1e:a2:08:a9:05:
3a:34:cb:29:89:6d:7d:c8:74:3b:8b:5f:b0:34:2d:e6:71:3b:
63:8a:b4:3e:31:cc:82:11:a9:9a:49:58:59:15:17:e8:74:02:
93:2a:1e:7f:17:28:c8:02:71:39:f4:9c:0d:e9:e7:b2:a5:87:
44:fc:58:05:7e:ad:40:46:37:3e:79:0c:4c:01:f7:43:02:42:
ca:59:cf:15:0a:10:21:2a:51:58:96:22:1a:d8:f6:98:4c:8b:
59:2c:8c:3c:86:47:0f:aa:d8:79:ba:15:41:4e:38:06:ff:0d:
4c:11:e4:19
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYj2c7Ga74MK5jHlwfKz2/ACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjI2MDY0NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmI4Yzk0NWFiZDk2YTYzMTQyYjczMDU3MDdiNjliNTczNzUyYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs+OqIbqVljX9Hur170Zm+a8GUgN
ed5HeDf9V1s6glvfNFIT33AbGqLziZT6fl3IHcJLR0JMQct0vy9lJ1mCaI2a0Vpe
TVjRmEBoZxdthVqR3GPzverEzIWcjwqj5p55sd39Y5JN7A9vSRFHRD9mvu54VLv0
T4fDhyXhm8FnmIlGzYW0WcnE+dOlOjQRMizBdj9Na8/zAR7e+fO655yUXwfhegCF
76n5w8K7Huj4TCOH4xC/BMTjczXQ1ULS2jq71odvuA9B5d8VKRciF9AZd8eh02/8
clgWnQJx4K1F4ZhCG0hVsW5CaVbzcJR5fSryNQjktdFdt2Yh+6svekYFIwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPu4yUWr2WpjFCtzBXB7abVzdSvtMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS03akpSYXZaYW1NVUszTUZjSHRwdFhOMUstMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFQgTQME
AlQgiAMEAFQgnQMEAljY+DANBgkqhkiG9w0BAQsFAAOCAQEARxcgOC2f5MtCXlhr
V77RDxKON41amY0lfIDY7BHyyUFZuJLKtjg4mDL8QNJde8TifWcohfxczG2/IfG4
LlHk1ITnLr44NpRDMUyJ1mmOhgyBVEMIIwPk8B4fJ3DmIipPQqvW36XzFXeAsj4P
LrrzVdMZzGu7wqEwe2SP421Qz1nhicE5NGzqH9KwCh6iCKkFOjTLKYltfch0O4tf
sDQt5nE7Y4q0PjHMghGpmklYWRUX6HQCkyoefxcoyAJxOfScDennsqWHRPxYBX6t
QEY3PnkMTAH3QwJCylnPFQoQISpRWJYiGtj2mEyLWSyMPIZHD6rYeboVQU44Bv8N
TBHkGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org