Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2fPrgjjrv1PZQdAsXLM87k21r8E.roa
File: 2fPrgjjrv1PZQdAsXLM87k21r8E.roa (raw, json)
Hash identifier: eZCX4AqWhbWR4sC5U5lIwVr0AAqiU2J1DA8uBpWSXPo=
Subject key identifier: D9:F3:EB:82:38:EB:BF:53:D9:41:D0:2C:5C:B3:3C:EE:4D:B5:AF:C1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC5014D11423BF3A5A5BB7A21F3BBCD37
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2fPrgjjrv1PZQdAsXLM87k21r8E.roa
Signing time: Mon 01 Jan 2024 12:30:45 +0000
ROA not before: Mon 01 Jan 2024 12:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210542
IP address blocks: 84.32.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Mar 2024 09:20:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4d:11:42:3b:f3:a5:a5:bb:7a:21:f3:bb:cd:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9f3eb8238ebbf53d941d02c5cb33cee4db5afc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:66:b6:b4:7f:bc:05:a0:47:7f:17:0d:b0:88:
eb:ac:59:66:69:39:5f:cf:7b:b1:e8:e8:fd:e0:b3:
ce:08:a7:77:6d:7a:5f:7e:e8:67:65:bf:8b:8c:1b:
b0:2d:e1:98:c8:c7:8c:7a:70:b0:35:48:58:9d:f7:
6e:f3:aa:a4:93:ab:9c:1c:c4:46:23:7c:2a:65:83:
56:01:cf:8b:02:ba:76:b7:56:12:ec:10:b6:12:e2:
32:01:fb:14:bc:d2:80:93:93:d7:6c:38:7e:72:df:
3f:d4:01:84:0f:40:2f:77:cf:4a:b9:a8:ff:09:86:
01:77:41:54:80:d7:8c:7f:d9:d9:1f:5d:d1:85:1a:
63:fd:95:80:95:07:fe:1d:21:0a:f9:58:cb:23:84:
08:a9:a1:5c:b1:65:27:b0:7b:60:e0:25:ba:2b:4b:
91:9a:f9:8e:1b:35:05:39:a8:e9:59:b8:09:d9:4f:
31:07:3d:da:f8:49:ae:af:b1:a7:c1:57:41:c4:b3:
c6:9b:f9:02:47:a1:f2:9b:d8:81:f8:e8:07:ff:5c:
18:0b:6f:2b:42:c5:85:e6:13:78:27:4d:83:12:62:
c8:97:d1:b5:67:46:e5:ac:7f:1a:82:f4:6e:45:bc:
0d:1b:ca:6a:6f:8e:b0:64:6a:69:9d:e6:b1:66:ec:
8f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F3:EB:82:38:EB:BF:53:D9:41:D0:2C:5C:B3:3C:EE:4D:B5:AF:C1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2fPrgjjrv1PZQdAsXLM87k21r8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.21.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:44:93:f6:77:cd:40:29:fc:99:22:35:d2:c0:b1:b8:57:43:
ed:15:7f:78:84:b9:08:b9:cb:38:0b:42:e9:9b:56:b2:07:20:
3a:3c:2b:4b:7f:22:c8:76:cf:2c:69:32:c5:48:20:50:c2:81:
ba:97:6b:4b:e7:09:75:78:5d:68:76:00:19:2b:e7:fe:ce:6f:
d7:ed:33:9b:5b:c5:df:e5:a2:9b:47:46:de:9b:bf:90:eb:4d:
8c:d4:a1:bc:1a:ca:f1:ef:ed:01:32:d3:a5:20:9c:5c:52:44:
56:72:7d:b5:2e:19:57:6c:5e:26:75:cf:0a:f3:25:75:b8:9e:
cc:71:4b:29:d7:e5:c3:ef:7b:14:ae:9e:3d:58:4b:f3:f3:65:
8c:7b:29:e4:a9:41:fb:89:b2:b2:03:bf:d9:88:b7:5c:df:a7:
b9:58:fe:b4:74:b2:5a:5d:eb:8d:00:e5:2a:06:bd:a6:f0:3f:
4c:ce:eb:e1:af:3e:9a:32:e4:7d:24:e8:05:aa:2d:d3:e3:72:
d5:ba:48:d2:65:79:8f:48:bb:9d:47:05:d6:62:42:36:bb:da:
a5:df:2a:17:1f:f7:3a:24:db:bb:45:74:a1:45:34:12:98:1b:
a4:15:01:b0:ef:2e:89:2f:6f:94:2f:08:85:52:e7:83:76:ae:
56:7a:bf:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAU0RQjvzpaW7eiHzu803MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWYzZWI4MjM4ZWJiZjUzZDk0MWQwMmM1Y2IzM2NlZTRkYjVhZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGa2tH+8BaBHfxcNsIjrrFlmaTlf
z3ux6Oj94LPOCKd3bXpffuhnZb+LjBuwLeGYyMeMenCwNUhYnfdu86qkk6ucHMRG
I3wqZYNWAc+LArp2t1YS7BC2EuIyAfsUvNKAk5PXbDh+ct8/1AGED0Avd89Kuaj/
CYYBd0FUgNeMf9nZH13RhRpj/ZWAlQf+HSEK+VjLI4QIqaFcsWUnsHtg4CW6K0uR
mvmOGzUFOajpWbgJ2U8xBz3a+Emur7GnwVdBxLPGm/kCR6Hym9iB+OgH/1wYC28r
QsWF5hN4J02DEmLIl9G1Z0blrH8agvRuRbwNG8pqb46wZGppneaxZuyPbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNnz64I4679T2UHQLFyzPO5Nta/BMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMmZQcmdqanJ2MVBaUWRBc1hMTTg3azIxcjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCAVMA0G
CSqGSIb3DQEBCwUAA4IBAQBPRJP2d81AKfyZIjXSwLG4V0PtFX94hLkIucs4C0Lp
m1ayByA6PCtLfyLIds8saTLFSCBQwoG6l2tL5wl1eF1odgAZK+f+zm/X7TObW8Xf
5aKbR0bem7+Q602M1KG8Gsrx7+0BMtOlIJxcUkRWcn21LhlXbF4mdc8K8yV1uJ7M
cUsp1+XD73sUrp49WEvz82WMeynkqUH7ibKyA7/ZiLdc36e5WP60dLJaXeuNAOUq
Br2m8D9Mzuvhrz6aMuR9JOgFqi3T43LVukjSZXmPSLudRwXWYkI2u9ql3yoXH/c6
JNu7RXShRTQSmBukFQGw7y6JL2+ULwiFUueDdq5Wer87
-----END CERTIFICATE-----
Generated at Thu Mar 7 13:55:42 2024 by rpki-client on console-fra.rpki-client.org