Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9Mj87deh7e9PhjJ9_NJ519wOsrg.roa
File: 9Mj87deh7e9PhjJ9_NJ519wOsrg.roa (raw, json)
Hash identifier: QqMSPTw+eu8eV9DLXW6lmWHMDv+KLu8gn8Zl04Fc79o=
Subject key identifier: F4:C8:FC:ED:D7:A1:ED:EF:4F:86:32:7D:FC:D2:79:D7:DC:0E:B2:B8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFCCA2C568A7F186990EDEF426EC4F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9Mj87deh7e9PhjJ9_NJ519wOsrg.roa
Signing time: Sun 01 Jan 2023 18:54:53 +0000
ROA not before: Sun 01 Jan 2023 18:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206119
IP address blocks: 84.32.179.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jan 2023 06:40:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:cc:a2:c5:68:a7:f1:86:99:0e:de:f4:26:ec:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4c8fcedd7a1edef4f86327dfcd279d7dc0eb2b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1b:8a:e4:2f:5b:d8:13:f5:06:30:9b:d7:b6:
be:5a:f7:e2:ad:1b:1d:24:58:b9:bb:d5:ab:28:19:
20:e5:19:fe:d6:43:72:88:83:14:d7:57:a3:94:42:
94:a8:81:cc:85:d3:45:87:4e:d3:f2:43:e6:30:0a:
53:30:0c:97:9c:b1:27:4b:52:0d:5d:4e:ed:21:c4:
24:0f:3d:60:15:a0:45:6f:ab:f4:01:d8:36:b6:ef:
2f:f8:0f:8e:b4:ed:5f:ae:df:63:03:64:aa:87:ca:
d1:e4:ca:da:8b:3f:83:b3:e1:4b:ff:f7:15:67:1c:
9d:66:24:9e:7d:cc:4a:be:8f:a7:dc:b7:a3:2b:d2:
dd:ca:95:51:1d:dd:fd:4e:c1:0c:a2:f5:d1:b1:ef:
5c:bf:dc:c3:0e:7e:50:9a:79:89:6f:fb:04:8b:eb:
2e:a6:b6:f1:9d:39:73:2e:c4:ae:18:f1:88:2c:60:
5f:ca:e0:1f:32:db:50:8c:db:ff:86:43:5b:a0:14:
2a:fc:97:3d:d4:22:59:4d:68:42:ce:2e:43:98:b0:
c0:de:56:0a:13:56:da:83:3d:7d:82:98:49:3f:4c:
8e:e4:2a:b9:f6:f0:c6:da:8b:b5:dc:aa:85:4a:2b:
c9:f1:c3:9f:b7:97:f1:2d:01:7d:74:0d:cd:44:a6:
ca:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C8:FC:ED:D7:A1:ED:EF:4F:86:32:7D:FC:D2:79:D7:DC:0E:B2:B8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9Mj87deh7e9PhjJ9_NJ519wOsrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.178.0/23
84.32.220.0-84.32.222.255
Signature Algorithm: sha256WithRSAEncryption
68:23:18:e4:2d:a0:4f:a6:22:37:bf:5e:c1:01:a1:ae:b7:2f:
1a:8e:46:c9:68:d6:06:c3:8a:cf:a1:03:49:99:f6:c0:20:ec:
82:36:bb:66:17:7c:d9:d7:42:41:05:f4:48:92:77:44:61:2e:
99:2c:4a:6e:b5:60:ef:58:c7:a8:e7:b0:c7:2e:43:ec:98:7d:
3e:51:90:3b:59:16:44:50:d6:67:43:9a:0c:2c:67:86:96:97:
71:c0:08:8c:af:1f:5e:a3:40:a8:78:ce:67:9e:16:2d:d2:76:
8c:3f:c5:de:b6:32:8c:af:c5:6a:2a:6a:d4:c4:bd:67:20:7b:
69:55:7b:89:9d:10:48:3b:8e:40:f5:0d:b3:2b:26:3a:66:f9:
b8:df:c1:fa:56:96:1c:a2:47:0f:97:0f:68:3e:7a:37:03:b6:
e7:cf:ed:58:cb:5e:5f:ca:1e:fe:c3:b2:13:99:11:7c:8d:c6:
33:cf:0e:69:93:ab:26:c3:4d:d1:03:19:3a:38:08:07:d3:5e:
ff:87:6b:f3:0e:fa:05:20:4f:9a:84:61:24:a7:ff:10:42:fc:
2d:d3:8a:18:61:d8:77:9b:1c:58:bb:43:27:0d:e7:23:e4:86:
3b:3c:70:1e:f4:f9:e7:f3:c3:fc:b5:94:26:7e:de:1f:57:7d:
1f:ea:ac:f4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVur8yixWin8YaZDt70JuxPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGM4ZmNlZGQ3YTFlZGVmNGY4NjMyN2RmY2QyNzlkN2RjMGViMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhuK5C9b2BP1BjCb17a+WvfirRsd
JFi5u9WrKBkg5Rn+1kNyiIMU11ejlEKUqIHMhdNFh07T8kPmMApTMAyXnLEnS1IN
XU7tIcQkDz1gFaBFb6v0Adg2tu8v+A+OtO1frt9jA2Sqh8rR5Mraiz+Ds+FL//cV
ZxydZiSefcxKvo+n3LejK9LdypVRHd39TsEMovXRse9cv9zDDn5QmnmJb/sEi+su
prbxnTlzLsSuGPGILGBfyuAfMttQjNv/hkNboBQq/Jc91CJZTWhCzi5DmLDA3lYK
E1bagz19gphJP0yO5Cq59vDG2ou13KqFSivJ8cOft5fxLQF9dA3NRKbKrwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPTI/O3Xoe3vT4YyffzSedfcDrK4MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOU1qODdkZWg3ZTlQaGpKOV9OSjUxOXdPc3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBVCCyMAwD
BAJUINwDBABUIN4wDQYJKoZIhvcNAQELBQADggEBAGgjGOQtoE+mIje/XsEBoa63
LxqORslo1gbDis+hA0mZ9sAg7II2u2YXfNnXQkEF9EiSd0RhLpksSm61YO9Yx6jn
sMcuQ+yYfT5RkDtZFkRQ1mdDmgwsZ4aWl3HACIyvH16jQKh4zmeeFi3Sdow/xd62
MoyvxWoqatTEvWcge2lVe4mdEEg7jkD1DbMrJjpm+bjfwfpWlhyiRw+XD2g+ejcD
tufP7VjLXl/KHv7DshOZEXyNxjPPDmmTqybDTdEDGTo4CAfTXv+Ha/MO+gUgT5qE
YSSn/xBC/C3Tihhh2HebHFi7QycN5yPkhjs8cB70+efzw/y1lCZ+3h9XfR/qrPQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org