Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4xtN00Xd5qKldVHrLtNbiCbqwF4.roa
File: 4xtN00Xd5qKldVHrLtNbiCbqwF4.roa (raw, json)
Hash identifier: WBVQH0rHua3fBeOhB1+gbWbRe2ge1TlKNprVpRuw0dg=
Subject key identifier: E3:1B:4D:D3:45:DD:E6:A2:A5:75:51:EB:2E:D3:5B:88:26:EA:C0:5E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019006FB5C12B539BE5431A582DA35A6827B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4xtN00Xd5qKldVHrLtNbiCbqwF4.roa
Signing time: Tue 11 Jun 2024 11:07:34 +0000
ROA not before: Tue 11 Jun 2024 11:07:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 84.32.32.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jul 2024 06:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:fb:5c:12:b5:39:be:54:31:a5:82:da:35:a6:82:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 11 11:07:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e31b4dd345dde6a2a57551eb2ed35b8826eac05e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:65:d7:67:32:1d:7b:04:9b:a7:3a:51:59:
94:69:fd:ca:ec:c5:42:91:e4:42:de:c4:22:82:60:
c5:9e:fb:43:0e:0e:04:5b:cf:a1:01:6c:75:51:2f:
79:86:c6:6a:f2:71:c6:43:9e:c5:84:67:83:b3:5b:
a7:64:63:81:84:e6:90:b3:4b:f5:75:46:6f:cc:5e:
c3:dd:86:d2:13:08:92:fd:dd:7c:55:2c:91:db:57:
9b:42:01:23:80:66:c0:17:9a:7b:c2:4a:71:2b:c7:
74:ab:0f:7e:32:53:56:1e:de:da:e1:ef:ab:32:1e:
fa:c7:f7:c0:83:72:e3:0b:23:65:57:c2:96:b4:ec:
e4:27:7c:0b:e5:84:20:57:73:fb:10:b1:a8:c1:52:
ef:88:4f:55:f3:e5:e5:2f:4c:73:d0:62:9d:68:b3:
7e:75:ce:ce:9a:70:2f:ac:8a:ef:07:d6:22:09:4c:
41:0e:9e:d8:0c:f9:4b:93:78:10:40:a3:ae:f7:d1:
24:96:59:37:ad:6c:34:07:f2:2f:a6:da:81:7e:04:
50:c5:03:fc:14:4e:8d:da:cf:5a:4a:a0:38:14:0d:
56:53:00:51:e8:dd:ab:d5:a8:f6:43:79:c1:a2:4e:
09:8a:b1:c1:3b:2c:8b:2d:f3:68:90:ee:13:17:91:
77:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:1B:4D:D3:45:DD:E6:A2:A5:75:51:EB:2E:D3:5B:88:26:EA:C0:5E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4xtN00Xd5qKldVHrLtNbiCbqwF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.32.0/24
84.32.220.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:32:45:ba:fc:1f:89:30:75:fc:96:9d:f4:a5:d3:ab:13:ea:
7c:4e:28:f5:66:53:fb:f1:97:d1:06:2e:35:da:7c:2c:37:5e:
99:6b:61:1b:92:b0:e3:d8:cb:8f:2f:0f:17:9b:d6:68:01:7e:
c9:37:bc:fd:ed:ce:b5:1a:a0:84:84:31:bd:e4:90:61:76:72:
2a:15:cb:71:c1:8c:8f:26:67:54:4c:2f:57:d7:82:e6:64:d9:
c2:25:03:d0:56:a5:f0:2e:56:87:33:31:ec:c3:48:5e:49:bb:
3f:ca:97:28:70:4d:23:5c:c9:01:cc:a4:3b:b6:5c:06:39:5f:
4f:07:07:8c:b8:d9:51:d3:33:58:f1:70:fe:0c:2d:01:b4:a5:
39:18:cb:0c:bb:29:e1:84:9f:75:28:99:e0:5e:45:cd:a3:41:
b8:47:06:b5:d8:9f:de:e4:6d:b4:48:c7:b1:36:de:42:0b:00:
9e:61:35:f5:bc:eb:04:bf:ba:58:14:e0:ce:b7:f2:9c:cc:1f:
01:2f:e6:68:3f:46:4f:ff:1b:4b:9b:30:e3:39:03:64:9b:f5:
9f:bf:f7:7b:45:03:30:3f:85:41:72:0a:5f:68:7c:e3:0c:a3:
b0:04:97:b1:89:ac:47:0e:16:8c:0c:b7:9c:24:04:90:68:86:
6d:eb:6f:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAG+1wStTm+VDGlgto1poJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNjExMTEwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzFiNGRkMzQ1ZGRlNmEyYTU3NTUxZWIyZWQzNWI4ODI2ZWFjMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurNl12cyHXsEm6c6UVmUaf3K7MVC
keRC3sQigmDFnvtDDg4EW8+hAWx1US95hsZq8nHGQ57FhGeDs1unZGOBhOaQs0v1
dUZvzF7D3YbSEwiS/d18VSyR21ebQgEjgGbAF5p7wkpxK8d0qw9+MlNWHt7a4e+r
Mh76x/fAg3LjCyNlV8KWtOzkJ3wL5YQgV3P7ELGowVLviE9V8+XlL0xz0GKdaLN+
dc7OmnAvrIrvB9YiCUxBDp7YDPlLk3gQQKOu99Ekllk3rWw0B/IvptqBfgRQxQP8
FE6N2s9aSqA4FA1WUwBR6N2r1aj2Q3nBok4JirHBOyyLLfNokO4TF5F3CwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOMbTdNF3eaipXVR6y7TW4gm6sBeMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNHh0TjAwWGQ1cUtsZFZIckx0TmJpQ2Jxd0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAgAwQA
VCDcMA0GCSqGSIb3DQEBCwUAA4IBAQAdMkW6/B+JMHX8lp30pdOrE+p8Tij1ZlP7
8ZfRBi412nwsN16Za2EbkrDj2MuPLw8Xm9ZoAX7JN7z97c61GqCEhDG95JBhdnIq
FctxwYyPJmdUTC9X14LmZNnCJQPQVqXwLlaHMzHsw0heSbs/ypcocE0jXMkBzKQ7
tlwGOV9PBweMuNlR0zNY8XD+DC0BtKU5GMsMuynhhJ91KJngXkXNo0G4Rwa12J/e
5G20SMexNt5CCwCeYTX1vOsEv7pYFODOt/KczB8BL+ZoP0ZP/xtLmzDjOQNkm/Wf
v/d7RQMwP4VBcgpfaHzjDKOwBJexiaxHDhaMDLecJASQaIZt6299
-----END CERTIFICATE-----
Generated at Wed Jul 10 06:41:13 2024 by rpki-client on console-fra.rpki-client.org