Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9vdsEaJHcUYcCvmXeONOCGqidYE.roa
File: 9vdsEaJHcUYcCvmXeONOCGqidYE.roa (raw, json)
Hash identifier: Spl62r3FMNum4CDIesVmsVh6tz5BdNMLgni0KP2oWno=
Subject key identifier: F6:F7:6C:11:A2:47:71:46:1C:0A:F9:97:78:E3:4E:08:6A:A2:75:81
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185A069142D0D6CC19BD977C54741AD3BFF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9vdsEaJHcUYcCvmXeONOCGqidYE.roa
Signing time: Wed 11 Jan 2023 10:38:39 +0000
ROA not before: Wed 11 Jan 2023 10:38:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.79.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jan 2023 12:34:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:69:14:2d:0d:6c:c1:9b:d9:77:c5:47:41:ad:3b:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 11 10:38:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6f76c11a24771461c0af99778e34e086aa27581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:86:e6:37:1b:7f:a2:bb:a4:7f:12:63:9b:3c:
b3:63:ee:54:d3:48:28:ed:7d:df:80:63:e3:6c:3a:
c2:3e:38:a8:ca:3e:bc:b7:74:72:43:eb:20:9f:90:
74:93:56:2d:44:67:17:32:6b:b1:c6:cb:21:a3:96:
80:19:70:09:83:5e:85:6c:f8:a0:b1:55:3c:01:43:
8b:10:7a:9c:00:4e:89:47:38:d9:5d:17:66:33:6b:
05:bc:54:ba:3f:20:27:bc:88:58:b9:72:14:cd:1e:
38:ff:a6:8a:55:74:b1:82:51:98:4a:fb:f1:b2:c4:
fa:b5:1c:5c:8a:ee:5c:f2:e9:08:7d:87:b8:e5:1a:
e0:a6:b4:1f:9e:93:74:24:a3:97:b7:e1:ba:6a:d0:
22:bc:1d:9f:fb:9c:63:65:8c:93:ee:9f:6f:71:68:
7d:e6:34:b5:a5:df:ac:8c:ca:42:cf:a8:ed:26:74:
77:86:40:6c:7e:62:c5:ca:43:6e:55:40:5b:ed:de:
69:b6:43:97:9b:51:7e:9e:16:a2:82:6e:2c:52:31:
3e:b4:ca:61:64:69:43:75:ce:38:41:96:d7:97:ab:
07:6e:b4:12:15:62:01:81:dd:6c:26:ae:1a:c9:f3:
4b:1b:90:be:5b:62:51:2c:6f:c7:21:2a:b9:ca:57:
5b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F7:6C:11:A2:47:71:46:1C:0A:F9:97:78:E3:4E:08:6A:A2:75:81
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9vdsEaJHcUYcCvmXeONOCGqidYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.79.0/24
84.32.212.0/24
88.216.224.0/22
Signature Algorithm: sha256WithRSAEncryption
78:db:fb:f0:16:bf:f3:12:be:ad:99:6c:5a:98:70:95:30:e9:
01:70:1d:ce:08:ec:d2:4c:aa:f0:51:9a:d6:1d:75:a7:06:46:
81:8a:3e:ac:3e:c2:d6:d3:ac:dc:4e:1c:16:1f:88:68:3b:47:
94:6d:45:cf:c1:10:47:ed:a4:59:e2:b2:4e:b8:05:78:60:b6:
35:92:33:1b:af:9a:33:0f:13:a0:23:08:22:2b:27:b1:3b:51:
d8:56:c4:62:9c:08:8a:28:9f:0b:73:5b:de:ce:48:cc:63:e2:
9b:09:26:6c:88:da:f6:c4:b7:c5:7d:7b:0c:f3:5b:72:0f:36:
45:9c:43:07:9d:7a:59:06:34:a6:c8:e2:68:7a:74:af:1c:90:
bc:bf:3e:ab:dd:b0:e3:d6:c5:b9:16:55:e5:25:d6:78:8b:98:
52:79:94:6f:b3:66:28:48:15:e8:b8:c0:5a:3b:40:43:d6:8f:
9d:1a:67:b0:19:0e:1b:b5:30:05:c2:0c:82:06:cf:2d:18:69:
d8:5d:ab:3b:78:ae:27:59:c4:aa:12:44:6a:51:75:85:f3:e5:
64:ae:6e:75:f7:e7:ac:fd:a2:5d:80:bc:8b:57:69:72:94:8d:
45:4c:fe:fa:87:e9:01:8c:14:30:a4:ba:e7:ed:78:13:1e:c4:
91:28:ac:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWgaRQtDWzBm9l3xUdBrTv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTExMTAzODM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmY3NmMxMWEyNDc3MTQ2MWMwYWY5OTc3OGUzNGUwODZhYTI3NTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIbmNxt/orukfxJjmzyzY+5U00go
7X3fgGPjbDrCPjioyj68t3RyQ+sgn5B0k1YtRGcXMmuxxssho5aAGXAJg16FbPig
sVU8AUOLEHqcAE6JRzjZXRdmM2sFvFS6PyAnvIhYuXIUzR44/6aKVXSxglGYSvvx
ssT6tRxciu5c8ukIfYe45RrgprQfnpN0JKOXt+G6atAivB2f+5xjZYyT7p9vcWh9
5jS1pd+sjMpCz6jtJnR3hkBsfmLFykNuVUBb7d5ptkOXm1F+nhaigm4sUjE+tMph
ZGlDdc44QZbXl6sHbrQSFWIBgd1sJq4ayfNLG5C+W2JRLG/HISq5yldb9wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPb3bBGiR3FGHAr5l3jjTghqonWBMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOXZkc0VhSkhjVVljQ3ZtWGVPTk9DR3FpZFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVCAYAwQA
VCBPAwQAVCDUAwQCWNjgMA0GCSqGSIb3DQEBCwUAA4IBAQB42/vwFr/zEr6tmWxa
mHCVMOkBcB3OCOzSTKrwUZrWHXWnBkaBij6sPsLW06zcThwWH4hoO0eUbUXPwRBH
7aRZ4rJOuAV4YLY1kjMbr5ozDxOgIwgiKyexO1HYVsRinAiKKJ8Lc1vezkjMY+Kb
CSZsiNr2xLfFfXsM81tyDzZFnEMHnXpZBjSmyOJoenSvHJC8vz6r3bDj1sW5FlXl
JdZ4i5hSeZRvs2YoSBXouMBaO0BD1o+dGmewGQ4btTAFwgyCBs8tGGnYXas7eK4n
WcSqEkRqUXWF8+Vkrm519+es/aJdgLyLV2lylI1FTP76h+kBjBQwpLrn7XgTHsSR
KKxJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org