Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3ZhGB9SKbEhlQJkjMgADdveyj5k.roa
File: 3ZhGB9SKbEhlQJkjMgADdveyj5k.roa (raw, json)
Hash identifier: bsrvZh9LL9gOEJTWxfy43UcOZHcjyKLwuiWWiIn3fjM=
Subject key identifier: DD:98:46:07:D4:8A:6C:48:65:40:99:23:32:00:03:76:F7:B2:8F:99
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01888F5FB195FFED0C6ED81FC54E8B00F330
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3ZhGB9SKbEhlQJkjMgADdveyj5k.roa
Signing time: Tue 06 Jun 2023 06:23:13 +0000
ROA not before: Tue 06 Jun 2023 06:23:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 84.32.174.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jul 2023 06:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8f:5f:b1:95:ff:ed:0c:6e:d8:1f:c5:4e:8b:00:f3:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 6 06:23:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd984607d48a6c486540992332000376f7b28f99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:77:c0:ef:eb:55:61:78:32:c8:57:e9:97:7e:
5c:2a:14:33:a8:ba:ef:0a:1c:bd:5a:83:01:a4:1c:
b1:66:52:06:19:6a:2b:14:4d:d0:a1:ff:26:73:61:
76:37:16:d3:54:ca:d9:e0:45:a8:9d:4c:57:a4:fa:
80:e7:61:69:94:af:09:b9:e3:ea:4c:b2:fd:31:bc:
53:e4:54:9e:3f:c1:6e:0e:de:41:29:97:5d:3e:f3:
16:1f:fb:bd:fa:99:63:f2:58:31:a4:f0:3b:96:46:
d8:4e:9d:40:c7:eb:2f:87:34:5d:e2:ab:06:09:83:
33:ec:61:9a:ca:76:d2:7a:cd:92:5d:bc:41:b2:96:
8b:0e:a3:10:cb:8c:2e:f9:ba:7a:90:20:8b:a7:29:
c4:3e:8a:e3:7f:11:c0:f7:50:69:2f:5b:76:0e:b0:
d9:c9:0f:de:d0:df:6e:6b:09:68:ce:76:19:9d:ee:
13:a6:ff:b2:94:9b:83:df:52:37:c9:16:7d:2a:88:
61:97:1f:25:19:2b:b7:9c:0b:ba:6c:1d:ff:f1:f3:
88:dc:8f:de:61:5f:f4:d6:76:21:68:49:0b:5a:ef:
6c:e8:40:0f:84:26:05:f6:aa:94:1a:bd:df:cf:a3:
7f:66:9f:65:a1:82:8e:ba:0d:56:88:77:ee:8e:5d:
30:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:98:46:07:D4:8A:6C:48:65:40:99:23:32:00:03:76:F7:B2:8F:99
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3ZhGB9SKbEhlQJkjMgADdveyj5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.174.0/23
Signature Algorithm: sha256WithRSAEncryption
83:38:d9:9e:2b:ee:cf:a5:c6:5e:4f:db:02:95:ed:6a:45:c0:
e7:31:d3:0c:5a:35:a7:42:e0:49:94:4a:3c:47:51:f3:5f:98:
d0:2b:4c:f9:1b:53:03:2e:8a:e6:41:37:23:5d:61:18:cb:0d:
ae:79:27:5a:82:61:82:af:28:c2:b9:4f:5b:c9:32:61:ff:43:
d9:d2:f9:9b:db:9c:ca:f2:34:29:b4:0e:44:06:ff:06:f4:11:
a7:25:ab:3f:74:64:6a:5b:57:da:c2:8a:49:05:b8:1f:7a:de:
34:92:63:0f:58:c7:b4:da:cf:1e:fd:67:d7:71:51:31:ab:aa:
42:3c:93:d2:63:65:62:31:3e:d3:e1:2d:4b:31:91:bc:18:45:
b7:af:cd:f4:5e:76:f4:3b:aa:06:5c:67:69:7f:17:5e:60:f9:
69:33:a3:b5:8e:f2:01:90:80:1d:e8:1b:59:f8:8f:ce:60:5f:
86:f5:d6:1b:bc:40:f3:08:3e:12:f3:a3:65:33:9a:dd:ba:a0:
86:56:9f:1c:18:46:3a:88:4b:14:17:ef:c0:a0:ac:28:e1:72:
5a:b3:83:65:28:9b:57:05:e6:98:7b:a7:dd:37:10:7a:d7:7e:
8e:a9:2c:45:65:79:6b:33:21:08:31:8c:6e:0a:8a:80:c9:bc:
fc:9e:e5:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiPX7GV/+0MbtgfxU6LAPMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjA2MDYyMzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDk4NDYwN2Q0OGE2YzQ4NjU0MDk5MjMzMjAwMDM3NmY3YjI4Zjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3fA7+tVYXgyyFfpl35cKhQzqLrv
Chy9WoMBpByxZlIGGWorFE3Qof8mc2F2NxbTVMrZ4EWonUxXpPqA52FplK8JuePq
TLL9MbxT5FSeP8FuDt5BKZddPvMWH/u9+plj8lgxpPA7lkbYTp1Ax+svhzRd4qsG
CYMz7GGaynbSes2SXbxBspaLDqMQy4wu+bp6kCCLpynEPorjfxHA91BpL1t2DrDZ
yQ/e0N9uawloznYZne4Tpv+ylJuD31I3yRZ9Kohhlx8lGSu3nAu6bB3/8fOI3I/e
YV/01nYhaEkLWu9s6EAPhCYF9qqUGr3fz6N/Zp9loYKOug1WiHfujl0wkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2YRgfUimxIZUCZIzIAA3b3so+ZMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvM1poR0I5U0tiRWhsUUprak1nQURkdmV5ajVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVCCuMA0G
CSqGSIb3DQEBCwUAA4IBAQCDONmeK+7PpcZeT9sCle1qRcDnMdMMWjWnQuBJlEo8
R1HzX5jQK0z5G1MDLormQTcjXWEYyw2ueSdagmGCryjCuU9byTJh/0PZ0vmb25zK
8jQptA5EBv8G9BGnJas/dGRqW1fawopJBbgfet40kmMPWMe02s8e/WfXcVExq6pC
PJPSY2ViMT7T4S1LMZG8GEW3r830Xnb0O6oGXGdpfxdeYPlpM6O1jvIBkIAd6BtZ
+I/OYF+G9dYbvEDzCD4S86NlM5rduqCGVp8cGEY6iEsUF+/AoKwo4XJas4NlKJtX
BeaYe6fdNxB6136OqSxFZXlrMyEIMYxuCoqAybz8nuVW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org