Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2yZCClcpwpJSOyaQuo8JyH7VmgA.roa
File: 2yZCClcpwpJSOyaQuo8JyH7VmgA.roa (raw, json)
Hash identifier: AsluI0V+I2Am6sspKJsD8+nyuOMF+jiyFBMz24UecUs=
Subject key identifier: DB:26:42:0A:57:29:C2:92:52:3B:26:90:BA:8F:09:C8:7E:D5:9A:00
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018857009D62E82B835EC1E4CD40B5B4933B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2yZCClcpwpJSOyaQuo8JyH7VmgA.roa
Signing time: Fri 26 May 2023 07:40:38 +0000
ROA not before: Fri 26 May 2023 07:40:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212669
IP address blocks: 84.32.69.0/24 maxlen: 24
84.32.86.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:57:00:9d:62:e8:2b:83:5e:c1:e4:cd:40:b5:b4:93:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 26 07:40:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db26420a5729c292523b2690ba8f09c87ed59a00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8a:de:52:ab:3c:9e:fb:2d:b8:12:82:45:a6:
e7:20:5c:ee:b1:28:f3:df:6c:26:7a:a3:aa:11:3d:
99:8f:40:ee:04:ec:fa:f7:21:8d:1f:25:d9:c8:f8:
ae:3c:fd:64:ef:c9:19:a8:5a:07:22:08:08:42:ca:
05:57:73:a6:f5:a1:ad:2d:a9:49:86:17:bc:c0:ae:
8f:c6:42:07:3a:ff:35:08:4b:8e:7f:4e:91:45:f8:
be:41:bc:e6:9d:cb:f7:0f:a5:2e:d7:31:2d:4a:5e:
42:a4:6c:f4:59:6b:6f:93:90:a5:cf:11:b1:81:cc:
6b:9e:e8:a9:80:08:08:0d:a0:73:9b:4b:15:35:8a:
d5:22:d9:92:7c:a4:5e:07:11:ac:17:05:2c:b0:df:
85:f5:1b:fc:f9:a6:bb:c7:70:4b:04:54:9b:1c:bd:
5e:f0:da:21:e9:aa:c9:39:93:48:24:e3:06:54:53:
9d:83:c9:cf:ec:d1:6d:d7:5e:7e:29:a3:56:af:d1:
35:cc:40:38:7b:1f:13:d6:94:ca:d9:ce:0f:29:47:
b3:c5:73:e7:e9:ba:1d:94:98:34:78:4e:8b:76:fe:
b4:b4:d1:5a:93:39:78:6c:08:cb:84:38:e2:60:bc:
68:97:d6:00:9d:d3:25:08:82:24:8a:dd:d0:aa:2b:
8a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:26:42:0A:57:29:C2:92:52:3B:26:90:BA:8F:09:C8:7E:D5:9A:00
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2yZCClcpwpJSOyaQuo8JyH7VmgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.69.0/24
84.32.86.0/24
84.32.227.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:e3:93:a6:d9:b1:de:90:03:81:a3:db:90:ee:9c:d7:21:80:
85:aa:28:42:01:e8:e4:13:70:d9:b3:95:3b:4a:b4:2a:66:0c:
5a:f1:e1:ef:16:fe:32:1f:7f:a3:40:54:ed:2e:88:b2:f5:9a:
8e:70:1f:76:35:88:43:40:f5:47:77:cf:fb:dc:03:a2:73:c1:
1a:30:63:b8:50:fd:f6:8e:f3:84:eb:08:aa:0e:df:94:95:25:
0c:f5:1a:4d:9a:58:32:2d:e8:61:d9:90:0e:17:f7:a4:8e:f5:
70:31:a6:4b:1a:c0:4c:d7:87:28:2c:49:14:bc:c3:92:ee:0d:
74:cb:b6:2b:86:e0:0b:92:3f:ae:c7:5a:ae:ab:bc:a5:50:14:
48:5a:5b:43:b1:e6:c0:61:14:45:d3:30:0a:9c:ee:a8:51:f6:
5d:f3:f3:d2:c0:61:0c:60:3e:f5:3a:5b:38:10:07:64:01:96:
61:88:e2:e4:41:3e:15:3a:ce:48:34:af:87:81:86:0d:b9:b6:
91:d3:a2:10:6e:e0:13:2a:04:ab:42:5d:a7:a4:e5:76:11:a3:
9d:a7:78:9c:ea:01:ab:03:71:43:f3:3e:81:cb:b2:c8:0f:29:
4b:66:88:d8:93:dd:4a:03:fe:20:2c:3d:9d:36:4b:bd:27:83:
40:89:30:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhXAJ1i6CuDXsHkzUC1tJM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTI2MDc0MDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjI2NDIwYTU3MjljMjkyNTIzYjI2OTBiYThmMDljODdlZDU5YTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoreUqs8nvstuBKCRabnIFzusSjz
32wmeqOqET2Zj0DuBOz69yGNHyXZyPiuPP1k78kZqFoHIggIQsoFV3Om9aGtLalJ
hhe8wK6PxkIHOv81CEuOf06RRfi+Qbzmncv3D6Uu1zEtSl5CpGz0WWtvk5ClzxGx
gcxrnuipgAgIDaBzm0sVNYrVItmSfKReBxGsFwUssN+F9Rv8+aa7x3BLBFSbHL1e
8Noh6arJOZNIJOMGVFOdg8nP7NFt115+KaNWr9E1zEA4ex8T1pTK2c4PKUezxXPn
6bodlJg0eE6Ldv60tNFakzl4bAjLhDjiYLxol9YAndMlCIIkit3QqiuKQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNsmQgpXKcKSUjsmkLqPCch+1ZoAMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMnlaQ0NsY3B3cEpTT3lhUXVvOEp5SDdWbWdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCBFAwQA
VCBWAwQAVCDjMA0GCSqGSIb3DQEBCwUAA4IBAQCM45Om2bHekAOBo9uQ7pzXIYCF
qihCAejkE3DZs5U7SrQqZgxa8eHvFv4yH3+jQFTtLoiy9ZqOcB92NYhDQPVHd8/7
3AOic8EaMGO4UP32jvOE6wiqDt+UlSUM9RpNmlgyLehh2ZAOF/ekjvVwMaZLGsBM
14coLEkUvMOS7g10y7YrhuALkj+ux1quq7ylUBRIWltDsebAYRRF0zAKnO6oUfZd
8/PSwGEMYD71Ols4EAdkAZZhiOLkQT4VOs5INK+HgYYNubaR06IQbuATKgSrQl2n
pOV2EaOdp3ic6gGrA3FD8z6By7LIDylLZojYk91KA/4gLD2dNku9J4NAiTAj
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:49 2024 by rpki-client on console-fra.rpki-client.org