Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4jsAYfQQ2Q1iP8JnhzDT0w-nJO8.roa
File: 4jsAYfQQ2Q1iP8JnhzDT0w-nJO8.roa (raw, json)
Hash identifier: 4uDhW38kJIu15x5Kp+7/p4UEqtztXbW2ffclAmaA4bY=
Subject key identifier: E2:3B:00:61:F4:10:D9:0D:62:3F:C2:67:87:30:D3:D3:0F:A7:24:EF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0189FCC1846EB29376574CBC121527DE18FB
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4jsAYfQQ2Q1iP8JnhzDT0w-nJO8.roa
Signing time: Wed 16 Aug 2023 05:11:27 +0000
ROA not before: Wed 16 Aug 2023 05:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 84.32.136.0/22 maxlen: 24
88.216.248.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fc:c1:84:6e:b2:93:76:57:4c:bc:12:15:27:de:18:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 16 05:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e23b0061f410d90d623fc2678730d3d30fa724ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:28:bd:c1:de:a7:f5:f6:78:2d:59:77:c8:08:
77:c2:2e:14:d3:ed:b1:07:c4:a5:db:44:83:2a:d7:
ca:5f:dc:b9:c5:07:ad:5d:71:e7:11:29:38:d4:da:
20:39:98:9e:9b:ef:28:38:a4:7d:c6:aa:5c:5c:d5:
4c:c2:b9:f3:16:3b:9c:22:51:ea:80:f7:74:3e:ca:
fb:88:09:df:5f:c2:1e:9b:c9:67:5b:ca:fc:cf:10:
48:8c:40:c1:05:77:96:a8:aa:41:14:4a:64:a7:be:
c5:49:11:93:59:cc:30:29:6c:16:ee:57:22:78:cf:
cd:9c:1d:12:d8:b4:7d:21:51:9f:16:02:f7:3b:c5:
ee:f3:16:8b:2f:d0:ff:81:45:62:72:ac:ca:4c:92:
e4:dc:61:a7:9c:4d:88:16:f9:07:0f:89:13:0e:60:
da:50:3d:29:bb:3a:74:30:f3:86:48:c2:87:fd:c3:
eb:85:b7:7b:3b:ef:d7:bd:68:a5:a7:e1:9a:24:70:
d9:4a:75:32:6c:e2:5e:d8:2a:78:ce:55:aa:b1:ef:
81:8d:db:65:1a:78:05:ed:c9:9c:5f:45:50:fd:11:
9f:50:da:88:5b:ff:b1:34:56:08:ec:32:84:03:1a:
c3:9e:df:63:33:03:5b:92:00:1d:be:60:ff:ee:b0:
ee:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3B:00:61:F4:10:D9:0D:62:3F:C2:67:87:30:D3:D3:0F:A7:24:EF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4jsAYfQQ2Q1iP8JnhzDT0w-nJO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.136.0/22
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
62:3f:a7:c4:c9:e3:5f:85:96:89:70:bf:8c:3d:c7:41:fc:2a:
7f:4b:1b:2b:38:bf:15:75:f6:70:63:78:c0:04:6b:8b:68:f0:
1b:3c:4f:62:ba:3b:d0:26:6b:4b:10:d0:4c:8f:7c:21:54:26:
21:d5:3b:cc:a7:91:14:d5:fc:e4:0d:2d:39:34:85:5d:fd:c1:
30:84:16:5e:0c:2f:b2:4e:e8:ee:98:d0:93:b2:81:ba:5d:bd:
0d:c1:0d:27:b8:ad:58:2d:cf:fe:a3:8e:fd:02:b9:c6:b8:59:
d6:da:0c:ca:15:de:2f:d4:28:03:11:e7:d2:1c:20:e0:68:4d:
ed:b4:de:ed:e0:51:5d:93:58:62:b4:2f:43:b8:df:9c:27:70:
c9:fe:3b:1e:88:89:a7:7f:19:d0:5e:c7:6f:bf:b5:14:8b:d4:
6a:2f:d5:73:3c:4a:34:c6:b0:b7:9b:9c:55:a2:e8:66:23:d8:
8d:57:a7:17:94:44:07:67:b2:c3:81:70:c3:f9:e5:c7:54:8e:
d8:2f:40:da:f4:8e:0b:a7:ec:80:50:64:9f:9d:54:d1:2f:e7:
d2:fd:83:d9:e7:af:8a:7f:54:eb:f0:7f:a5:2b:05:35:28:a9:
c8:b8:32:af:25:81:a5:c5:c1:e5:18:5a:32:30:7f:7c:2e:78:
98:ca:7f:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn8wYRuspN2V0y8EhUn3hj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwODE2MDUxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjNiMDA2MWY0MTBkOTBkNjIzZmMyNjc4NzMwZDNkMzBmYTcyNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSi9wd6n9fZ4LVl3yAh3wi4U0+2x
B8Sl20SDKtfKX9y5xQetXXHnESk41NogOZiem+8oOKR9xqpcXNVMwrnzFjucIlHq
gPd0Psr7iAnfX8Iem8lnW8r8zxBIjEDBBXeWqKpBFEpkp77FSRGTWcwwKWwW7lci
eM/NnB0S2LR9IVGfFgL3O8Xu8xaLL9D/gUVicqzKTJLk3GGnnE2IFvkHD4kTDmDa
UD0puzp0MPOGSMKH/cPrhbd7O+/XvWilp+GaJHDZSnUybOJe2Cp4zlWqse+Bjdtl
GngF7cmcX0VQ/RGfUNqIW/+xNFYI7DKEAxrDnt9jMwNbkgAdvmD/7rDuJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOI7AGH0ENkNYj/CZ4cw09MPpyTvMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNGpzQVlmUVEyUTFpUDhKbmh6RFQwdy1uSk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVCCIAwQC
WNj4MA0GCSqGSIb3DQEBCwUAA4IBAQBiP6fEyeNfhZaJcL+MPcdB/Cp/SxsrOL8V
dfZwY3jABGuLaPAbPE9iujvQJmtLENBMj3whVCYh1TvMp5EU1fzkDS05NIVd/cEw
hBZeDC+yTujumNCTsoG6Xb0NwQ0nuK1YLc/+o479ArnGuFnW2gzKFd4v1CgDEefS
HCDgaE3ttN7t4FFdk1hitC9DuN+cJ3DJ/jseiImnfxnQXsdvv7UUi9RqL9VzPEo0
xrC3m5xVouhmI9iNV6cXlEQHZ7LDgXDD+eXHVI7YL0Da9I4Lp+yAUGSfnVTRL+fS
/YPZ56+Kf1Tr8H+lKwU1KKnIuDKvJYGlxcHlGFoyMH98LniYyn/t
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:41 2024 by rpki-client on console-ams.rpki-client.org