Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5FDY_fSO97xhcVfQYJC5IHlzFIg.roa
File: 5FDY_fSO97xhcVfQYJC5IHlzFIg.roa (raw, json)
Hash identifier: bi7UNnGGcTclD7SYOZC5gEnu33ngeM65fS+umUuDOw8=
Subject key identifier: E4:50:D8:FD:F4:8E:F7:BC:61:71:57:D0:60:90:B9:20:79:73:14:88
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0187760D1676C23780605C064DFC5572A6C8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5FDY_fSO97xhcVfQYJC5IHlzFIg.roa
Signing time: Wed 12 Apr 2023 15:19:41 +0000
ROA not before: Wed 12 Apr 2023 15:19:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62068
IP address blocks: 84.32.70.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:0d:16:76:c2:37:80:60:5c:06:4d:fc:55:72:a6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 12 15:19:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e450d8fdf48ef7bc617157d06090b92079731488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c6:0c:df:4b:a2:f6:75:1f:a7:0a:0e:03:d3:
4b:99:40:1f:be:76:60:bc:b5:c1:bc:fc:b1:fe:af:
f7:7b:a4:5b:80:f1:c1:cd:90:cf:5a:2f:21:63:80:
cf:77:41:52:e9:ae:36:6e:f3:6d:b7:1a:fc:f3:63:
85:f1:b6:19:04:81:ae:36:61:f7:22:75:a5:6d:74:
dc:21:8e:43:c9:46:04:ab:09:a7:3c:f0:c9:ba:d5:
5b:50:af:12:91:2b:54:14:47:b6:8c:ed:24:41:db:
8d:de:1c:93:a5:72:7b:a3:cf:da:b6:b6:69:b9:5d:
c2:76:fc:8b:03:d2:9e:7d:b8:10:61:54:01:b6:9a:
48:9e:64:fd:7e:a8:72:6e:0f:1a:97:fa:cf:35:8e:
d8:58:29:71:b8:4d:b9:37:84:12:92:27:2a:a0:5c:
61:11:9b:55:73:b6:af:bb:0d:fc:cb:b6:aa:74:ab:
73:30:26:ac:12:a1:71:c8:ed:69:28:56:76:e5:8b:
51:9c:91:18:68:2a:35:56:b5:08:05:be:a4:ff:aa:
a0:9a:ae:40:92:3e:69:cb:bf:1c:2f:ec:45:70:c2:
68:5d:6b:10:b3:da:58:f1:98:5c:e0:fc:4a:03:26:
5f:d3:fd:0f:5b:fc:0a:05:b4:58:54:6e:69:2b:38:
4b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:50:D8:FD:F4:8E:F7:BC:61:71:57:D0:60:90:B9:20:79:73:14:88
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5FDY_fSO97xhcVfQYJC5IHlzFIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.48.0/24
84.32.70.0/24
84.32.89.0/24
Signature Algorithm: sha256WithRSAEncryption
05:90:88:cc:e7:fa:f0:f0:4f:26:18:e0:fb:91:b2:00:ca:db:
96:20:96:a5:64:8a:54:28:7f:42:69:15:ce:b2:61:1e:2f:f7:
e6:7c:d2:80:1f:41:12:59:32:c9:ab:dc:4e:20:0d:9f:2b:48:
fa:a5:3e:b2:3b:98:f6:2f:4d:5f:7f:83:2d:3a:4b:54:36:86:
5c:5b:bc:75:96:02:f6:01:2d:53:44:7b:75:25:06:09:ec:51:
ca:dd:20:57:a6:30:52:d1:86:2c:a2:bf:76:5c:b1:0f:07:56:
19:46:4e:6a:df:93:b4:1e:64:d0:12:ae:77:3e:e8:1d:b0:a6:
84:b4:79:75:bb:c8:e0:42:25:0f:d7:1d:ea:b5:77:6a:d8:88:
ae:18:4b:ed:40:5b:49:df:00:3a:53:e8:cd:78:e3:e5:fd:d2:
74:73:3f:42:67:2f:1c:2c:20:ea:d3:fd:76:bc:e9:ca:12:10:
70:38:b5:dc:88:a0:68:a5:f6:4b:93:4e:da:09:45:12:3f:99:
0e:1b:a7:59:04:6c:d8:e8:a1:d4:34:5c:04:e1:61:db:6f:ff:
f3:b0:17:95:a0:78:67:d3:9f:8f:d7:5c:64:27:24:4b:7b:8f:
e6:b3:fb:bf:ba:0b:bc:77:7e:e9:5b:7d:88:2a:2f:8e:0e:a2:
9a:0b:12:b6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYd2DRZ2wjeAYFwGTfxVcqbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDEyMTUxOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDUwZDhmZGY0OGVmN2JjNjE3MTU3ZDA2MDkwYjkyMDc5NzMxNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8YM30ui9nUfpwoOA9NLmUAfvnZg
vLXBvPyx/q/3e6RbgPHBzZDPWi8hY4DPd0FS6a42bvNttxr882OF8bYZBIGuNmH3
InWlbXTcIY5DyUYEqwmnPPDJutVbUK8SkStUFEe2jO0kQduN3hyTpXJ7o8/atrZp
uV3CdvyLA9KefbgQYVQBtppInmT9fqhybg8al/rPNY7YWClxuE25N4QSkicqoFxh
EZtVc7avuw38y7aqdKtzMCasEqFxyO1pKFZ25YtRnJEYaCo1VrUIBb6k/6qgmq5A
kj5py78cL+xFcMJoXWsQs9pY8Zhc4PxKAyZf0/0PW/wKBbRYVG5pKzhLJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFORQ2P30jve8YXFX0GCQuSB5cxSIMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNUZEWV9mU085N3hoY1ZmUVlKQzVJSGx6RklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCAOAwQA
VCAwAwQAVCBGAwQAVCBZMA0GCSqGSIb3DQEBCwUAA4IBAQAFkIjM5/rw8E8mGOD7
kbIAytuWIJalZIpUKH9CaRXOsmEeL/fmfNKAH0ESWTLJq9xOIA2fK0j6pT6yO5j2
L01ff4MtOktUNoZcW7x1lgL2AS1TRHt1JQYJ7FHK3SBXpjBS0YYsor92XLEPB1YZ
Rk5q35O0HmTQEq53PugdsKaEtHl1u8jgQiUP1x3qtXdq2IiuGEvtQFtJ3wA6U+jN
eOPl/dJ0cz9CZy8cLCDq0/12vOnKEhBwOLXciKBopfZLk07aCUUSP5kOG6dZBGzY
6KHUNFwE4WHbb//zsBeVoHhn05+P11xkJyRLe4/ms/u/ugu8d37pW32IKi+ODqKa
CxK2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:44 2023 by rpki-client on console-fra.rpki-client.org