Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8rZOd1g4cK0EKgKTE4EEpM6c17s.roa
File: 8rZOd1g4cK0EKgKTE4EEpM6c17s.roa (raw, json)
Hash identifier: QhPnVP2ZPN3Oj3jKqra1m9A+x6eT1UfJgwPmk58xrWo=
Subject key identifier: F2:B6:4E:77:58:38:70:AD:04:2A:02:93:13:81:04:A4:CE:9C:D7:BB
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0189AAD5849351933557B0615A1798E3BC35
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8rZOd1g4cK0EKgKTE4EEpM6c17s.roa
Signing time: Mon 31 Jul 2023 07:24:27 +0000
ROA not before: Mon 31 Jul 2023 07:24:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 84.32.56.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Aug 2023 05:15:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:aa:d5:84:93:51:93:35:57:b0:61:5a:17:98:e3:bc:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 31 07:24:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2b64e77583870ad042a0293138104a4ce9cd7bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3b:43:ac:f1:ec:7a:a7:fe:3c:ba:28:ac:27:
71:11:f7:3d:c9:cd:ec:29:42:09:3d:cb:dc:eb:d3:
23:a7:94:90:0b:75:60:b0:3b:3e:86:8e:11:a2:b4:
01:aa:34:69:d5:bd:a8:e2:c5:55:6c:6f:95:e4:53:
9e:fd:b0:5f:c1:09:ba:f7:51:72:ea:88:e2:c5:fa:
df:ab:aa:a2:5d:62:bb:b0:7d:cf:de:07:ad:81:71:
cc:cd:18:7b:7c:bc:05:13:7d:f0:84:b1:7a:c8:67:
4d:94:23:3d:2a:72:97:8e:b9:ad:28:d0:06:3d:e9:
e2:56:a7:8c:eb:e2:a0:18:5c:71:42:07:cc:af:3b:
85:97:70:21:12:43:b1:76:76:0e:ab:b4:9a:dd:c0:
7b:c5:f8:a5:b9:1b:ac:e3:58:9c:5a:e9:35:db:1f:
b6:9d:d8:f7:1e:fa:5c:3c:2f:0a:71:5c:a6:68:c4:
31:7b:3f:44:fd:b4:6b:9c:f3:4a:bc:54:45:cc:c7:
bb:6d:9b:dc:9e:f5:8f:ee:17:76:76:51:f9:c7:ae:
9d:bc:2d:dd:ae:14:49:29:0e:cc:9f:4e:4a:73:b7:
06:41:1a:1b:47:04:a6:0a:bd:3f:7e:1b:2c:a5:9b:
9e:c6:b0:83:6e:ba:39:05:a1:a6:76:b3:75:5a:18:
ec:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B6:4E:77:58:38:70:AD:04:2A:02:93:13:81:04:A4:CE:9C:D7:BB
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8rZOd1g4cK0EKgKTE4EEpM6c17s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.42.0/24
84.32.56.0/24
84.32.68.0/24
84.32.92.0/24
Signature Algorithm: sha256WithRSAEncryption
82:39:2c:fe:bc:b2:1d:80:a8:77:f4:b5:57:50:e2:15:2e:cc:
33:c3:4b:23:b8:94:ad:b3:66:eb:7a:44:e6:b2:8a:07:c4:db:
b2:fa:1c:e8:15:c9:08:ce:52:43:e0:62:8c:39:a5:ee:07:e6:
b6:02:fd:2a:b8:c4:f8:2b:e8:71:6e:9f:f0:72:41:80:2d:50:
60:03:f8:66:02:81:8a:6f:a8:7b:21:5d:5e:76:d0:8c:57:36:
37:e1:a3:16:82:b0:48:ac:83:c9:af:b4:59:cf:22:a2:59:99:
32:c3:9c:49:2a:a0:14:9d:42:9b:86:0b:44:8a:60:de:3c:76:
26:c6:dc:ea:9c:d8:16:f6:1c:a1:a1:01:e7:77:d1:c4:76:05:
41:ea:d8:3a:a3:56:d0:26:89:23:76:93:f0:eb:cc:8c:0e:86:
89:2e:2d:e6:4e:9c:f3:4e:90:15:f3:9f:28:a0:d5:80:b2:08:
4b:99:8f:7e:98:e6:ab:0c:d5:07:d2:8c:bd:88:55:c8:72:0c:
bb:b2:b8:d6:1f:de:cb:0b:06:92:80:7c:47:cf:5e:4d:d2:52:
b7:ca:f6:54:9b:d1:37:3d:6b:21:2e:25:ef:44:32:88:0d:b7:
7f:53:e0:3d:fa:ef:66:0f:1b:d4:5e:fc:d3:14:1b:ca:e1:08:
4c:0a:b3:a1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmq1YSTUZM1V7BhWheY47w1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNzMxMDcyNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmI2NGU3NzU4Mzg3MGFkMDQyYTAyOTMxMzgxMDRhNGNlOWNkN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTtDrPHseqf+PLoorCdxEfc9yc3s
KUIJPcvc69Mjp5SQC3VgsDs+ho4RorQBqjRp1b2o4sVVbG+V5FOe/bBfwQm691Fy
6ojixfrfq6qiXWK7sH3P3getgXHMzRh7fLwFE33whLF6yGdNlCM9KnKXjrmtKNAG
PeniVqeM6+KgGFxxQgfMrzuFl3AhEkOxdnYOq7Sa3cB7xfiluRus41icWuk12x+2
ndj3HvpcPC8KcVymaMQxez9E/bRrnPNKvFRFzMe7bZvcnvWP7hd2dlH5x66dvC3d
rhRJKQ7Mn05Kc7cGQRobRwSmCr0/fhsspZuexrCDbro5BaGmdrN1WhjsVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPK2TndYOHCtBCoCkxOBBKTOnNe7MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOHJaT2QxZzRjSzBFS2dLVEU0RUVwTTZjMTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCAqAwQA
VCA4AwQAVCBEAwQAVCBcMA0GCSqGSIb3DQEBCwUAA4IBAQCCOSz+vLIdgKh39LVX
UOIVLswzw0sjuJSts2brekTmsooHxNuy+hzoFckIzlJD4GKMOaXuB+a2Av0quMT4
K+hxbp/wckGALVBgA/hmAoGKb6h7IV1edtCMVzY34aMWgrBIrIPJr7RZzyKiWZky
w5xJKqAUnUKbhgtEimDePHYmxtzqnNgW9hyhoQHnd9HEdgVB6tg6o1bQJokjdpPw
68yMDoaJLi3mTpzzTpAV858ooNWAsghLmY9+mOarDNUH0oy9iFXIcgy7srjWH97L
CwaSgHxHz15N0lK3yvZUm9E3PWshLiXvRDKIDbd/U+A9+u9mDxvUXvzTFBvK4QhM
CrOh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org