Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BcfXYIMFkWUBAAytagVc35RLIWU.roa
File: BcfXYIMFkWUBAAytagVc35RLIWU.roa (raw, json)
Hash identifier: vPJYm1F6WvzDm5N0ePqJtfu87BoKD8xmpOGB5SQQaHg=
Subject key identifier: 05:C7:D7:60:83:05:91:65:01:00:0C:AD:6A:05:5C:DF:94:4B:21:65
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186076D0E3E0D6C330BBC6D5825072B9DDF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BcfXYIMFkWUBAAytagVc35RLIWU.roa
Signing time: Tue 31 Jan 2023 10:43:52 +0000
ROA not before: Tue 31 Jan 2023 10:43:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204770
IP address blocks: 84.32.128.0/22 maxlen: 32
84.32.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Feb 2023 14:24:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:07:6d:0e:3e:0d:6c:33:0b:bc:6d:58:25:07:2b:9d:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 31 10:43:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05c7d7608305916501000cad6a055cdf944b2165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:93:fe:bc:fe:26:14:bb:60:71:36:d5:29:18:
51:7a:c0:e8:4a:cc:4d:59:8f:b8:e8:07:53:11:b5:
1a:94:e3:47:6a:1d:61:de:6e:4a:e5:12:8c:f4:f7:
fa:60:e7:ba:59:c2:9d:df:34:c1:e4:a0:8d:16:a2:
6a:b8:21:d4:62:cc:fd:bf:0f:cf:84:4e:5c:44:84:
16:b5:e9:02:54:14:f8:b4:c8:eb:6c:b2:71:30:53:
59:e8:05:8a:58:c1:e7:2a:0a:e5:7a:e2:b5:34:83:
04:b8:f0:87:7e:c6:06:e7:62:cc:72:82:f0:9a:35:
e9:65:f5:b1:e5:7c:59:ec:a7:bc:0d:ca:c7:a1:3c:
95:9a:b9:2d:ae:ad:e5:b1:31:3a:a2:7a:fd:f5:fb:
c9:58:62:9c:82:24:c1:72:0f:01:9d:c0:c2:4b:3d:
e6:48:1b:4a:92:36:d2:d5:99:69:ec:1f:d7:7f:02:
62:8d:58:18:ed:25:8b:bd:da:69:61:14:8f:17:a6:
5f:4c:d5:56:4d:21:7f:99:20:4e:13:06:57:11:4d:
69:63:3d:35:1a:67:ca:3c:c1:e2:03:94:54:b7:2b:
76:dc:ce:4e:50:b4:83:fc:dc:8f:52:42:9a:17:a0:
32:7f:d0:33:f5:63:c8:d1:af:ba:93:c6:c4:a8:0b:
e9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C7:D7:60:83:05:91:65:01:00:0C:AD:6A:05:5C:DF:94:4B:21:65
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BcfXYIMFkWUBAAytagVc35RLIWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.34.0/24
84.32.128.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:4e:ae:48:99:fe:36:12:a7:b9:09:83:0a:c9:5a:7b:99:26:
4d:28:0c:2a:16:75:a2:9f:ec:4c:d3:90:5d:9c:64:c5:be:4d:
24:77:2f:04:6e:2e:8b:e8:69:32:f2:46:50:0d:ba:7e:8d:52:
ec:00:df:2f:aa:bb:40:fa:a0:7a:ce:b7:6b:30:c8:f7:77:27:
3c:37:3b:09:fe:ce:a8:ed:4e:e0:01:fe:e9:36:40:50:76:92:
83:46:37:46:87:1b:2d:a9:40:42:75:1e:2a:d9:b1:20:ea:b1:
9a:29:3e:74:d8:31:d2:88:94:38:a2:8f:cf:ad:da:ce:5c:2c:
ad:bf:39:b1:63:19:bd:a4:18:03:22:92:59:8b:b6:2b:3a:56:
d3:bb:7d:97:20:d7:44:3d:e4:27:9a:a0:e0:0b:5a:26:0b:3c:
a1:8f:f9:93:37:8e:63:cd:11:3b:92:f1:7c:18:67:fa:2c:ad:
0e:f2:d2:37:fa:2c:1e:03:31:6b:f1:0d:0d:f1:dd:9f:a2:d3:
4b:17:e8:ea:4a:fd:f5:76:9e:d1:86:a3:bb:25:a1:86:46:8d:
8f:64:f9:c6:2f:f7:7d:28:6f:03:c4:11:0f:20:73:24:4d:8f:
bf:31:d4:e5:0e:e3:ea:a7:cd:2f:a3:ab:5c:32:d8:4f:02:a4:
9c:4d:08:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYHbQ4+DWwzC7xtWCUHK53fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTMxMTA0MzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWM3ZDc2MDgzMDU5MTY1MDEwMDBjYWQ2YTA1NWNkZjk0NGIyMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZP+vP4mFLtgcTbVKRhResDoSsxN
WY+46AdTEbUalONHah1h3m5K5RKM9Pf6YOe6WcKd3zTB5KCNFqJquCHUYsz9vw/P
hE5cRIQWtekCVBT4tMjrbLJxMFNZ6AWKWMHnKgrleuK1NIMEuPCHfsYG52LMcoLw
mjXpZfWx5XxZ7Ke8DcrHoTyVmrktrq3lsTE6onr99fvJWGKcgiTBcg8BncDCSz3m
SBtKkjbS1Zlp7B/XfwJijVgY7SWLvdppYRSPF6ZfTNVWTSF/mSBOEwZXEU1pYz01
GmfKPMHiA5RUtyt23M5OULSD/NyPUkKaF6Ayf9Az9WPI0a+6k8bEqAvpmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAXH12CDBZFlAQAMrWoFXN+USyFlMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQmNmWFlJTUZrV1VCQUF5dGFnVmMzNVJMSVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAiAwQC
VCCAMA0GCSqGSIb3DQEBCwUAA4IBAQAOTq5Imf42Eqe5CYMKyVp7mSZNKAwqFnWi
n+xM05BdnGTFvk0kdy8Ebi6L6Gky8kZQDbp+jVLsAN8vqrtA+qB6zrdrMMj3dyc8
NzsJ/s6o7U7gAf7pNkBQdpKDRjdGhxstqUBCdR4q2bEg6rGaKT502DHSiJQ4oo/P
rdrOXCytvzmxYxm9pBgDIpJZi7YrOlbTu32XINdEPeQnmqDgC1omCzyhj/mTN45j
zRE7kvF8GGf6LK0O8tI3+iweAzFr8Q0N8d2fotNLF+jqSv31dp7RhqO7JaGGRo2P
ZPnGL/d9KG8DxBEPIHMkTY+/MdTlDuPqp80vo6tcMthPAqScTQhX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org