Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Ezc4OvjBz4PgGlXvsRrlie98xcA.roa
File: Ezc4OvjBz4PgGlXvsRrlie98xcA.roa (raw, json)
Hash identifier: wMxWmgE6J0FRuIIDrdg4BbQQYm0fCdgXtyXFiMZ5QGw=
Subject key identifier: 13:37:38:3A:F8:C1:CF:83:E0:1A:55:EF:B1:1A:E5:89:EF:7C:C5:C0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01887720678ABEDB5A3F90D8A7362F6B87E3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Ezc4OvjBz4PgGlXvsRrlie98xcA.roa
Signing time: Thu 01 Jun 2023 13:23:12 +0000
ROA not before: Thu 01 Jun 2023 13:23:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 84.32.20.0/24 maxlen: 24
84.32.23.0/24 maxlen: 24
84.32.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Jun 2023 05:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:77:20:67:8a:be:db:5a:3f:90:d8:a7:36:2f:6b:87:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 1 13:23:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1337383af8c1cf83e01a55efb11ae589ef7cc5c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6e:73:74:de:7d:21:37:0f:19:6a:f3:e5:0b:
3b:00:09:d6:f8:c9:51:7a:d1:f7:93:21:29:d1:8c:
8d:c8:19:8a:68:70:f6:d4:1e:7d:80:f4:3b:0a:76:
3c:2f:c2:c8:70:78:02:13:b5:5f:db:f3:eb:82:15:
01:ac:a9:97:76:31:7d:e1:a0:73:41:aa:0f:90:67:
2f:2f:f2:d9:e0:31:3c:98:7e:01:97:0c:2e:c7:5f:
bf:b6:c8:17:cd:2a:c5:1b:28:e5:0b:b9:e8:68:e5:
26:3c:84:a3:1f:4e:4c:10:3b:03:13:f5:da:37:94:
ee:7e:28:06:2d:8a:b9:dd:5f:27:e2:e5:47:92:33:
23:4e:2f:69:30:87:15:a7:bb:c8:27:96:01:e5:2a:
13:61:8d:30:fb:69:bb:8b:12:d6:4e:de:9a:e1:14:
47:8c:9b:a4:07:bd:f6:57:5a:ef:01:03:57:72:40:
41:a7:aa:28:94:a4:28:b2:a9:39:a1:b2:05:f6:fa:
2d:b5:38:31:8f:3c:fd:29:e7:40:fd:86:71:6d:4f:
3e:9e:23:f5:c8:75:18:b1:4b:2b:a2:7a:59:70:66:
50:f0:c8:52:b7:98:f0:5e:86:cf:6e:fb:3d:0d:d8:
19:99:25:91:43:48:8b:06:e4:d7:21:bd:e0:6b:71:
48:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:37:38:3A:F8:C1:CF:83:E0:1A:55:EF:B1:1A:E5:89:EF:7C:C5:C0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Ezc4OvjBz4PgGlXvsRrlie98xcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/23
84.32.23.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:28:e5:bd:d0:d5:18:b7:93:9d:dd:97:97:b9:25:23:0c:08:
e7:5e:b3:ec:e0:c0:ce:2c:07:2e:65:e9:3a:e9:11:e1:38:13:
85:a6:70:4e:3b:b3:91:8c:c1:50:30:86:40:cd:99:b9:20:a6:
8a:b6:10:38:61:e0:c0:e2:57:14:00:71:4f:7d:ea:19:01:20:
82:01:2c:9f:ff:94:22:7f:8e:53:f5:12:d8:3b:ab:05:f2:ef:
82:39:99:1e:a5:1e:59:8b:0d:d4:db:81:b0:33:1c:35:ad:41:
01:77:32:d6:73:9b:6c:17:bb:13:49:03:3f:ee:30:10:6a:1c:
41:62:2a:b7:5f:e6:53:67:c2:63:cb:eb:e0:47:60:42:58:e7:
1d:38:12:c7:8e:0d:b4:b6:cb:e7:17:82:61:ae:48:8a:6a:06:
55:40:c8:7b:03:75:f7:2a:3f:13:15:cc:0f:46:2a:8a:7e:b5:
ba:2c:92:92:f1:d3:ba:c6:37:6d:3c:42:2b:b4:b1:ba:86:1a:
b2:52:cf:ba:f7:98:1e:cd:3b:7c:48:4d:a2:03:bc:ca:36:ce:
45:a5:8c:33:44:96:f9:4d:76:06:36:f4:0b:7f:d2:ea:e1:1a:
03:67:e8:87:d4:42:84:d8:4f:87:4b:ee:39:d5:f2:b7:31:21:
34:59:f7:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYh3IGeKvttaP5DYpzYva4fjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjAxMTMyMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzM3MzgzYWY4YzFjZjgzZTAxYTU1ZWZiMTFhZTU4OWVmN2NjNWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA325zdN59ITcPGWrz5Qs7AAnW+MlR
etH3kyEp0YyNyBmKaHD21B59gPQ7CnY8L8LIcHgCE7Vf2/PrghUBrKmXdjF94aBz
QaoPkGcvL/LZ4DE8mH4Blwwux1+/tsgXzSrFGyjlC7noaOUmPISjH05MEDsDE/Xa
N5TufigGLYq53V8n4uVHkjMjTi9pMIcVp7vIJ5YB5SoTYY0w+2m7ixLWTt6a4RRH
jJukB732V1rvAQNXckBBp6oolKQosqk5obIF9vottTgxjzz9KedA/YZxbU8+niP1
yHUYsUsronpZcGZQ8MhSt5jwXobPbvs9DdgZmSWRQ0iLBuTXIb3ga3FIzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBM3ODr4wc+D4BpV77Ea5YnvfMXAMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRXpjNE92akJ6NFBnR2xYdnNScmxpZTk4eGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVCAUAwQA
VCAXMA0GCSqGSIb3DQEBCwUAA4IBAQCKKOW90NUYt5Od3ZeXuSUjDAjnXrPs4MDO
LAcuZek66RHhOBOFpnBOO7ORjMFQMIZAzZm5IKaKthA4YeDA4lcUAHFPfeoZASCC
ASyf/5Qif45T9RLYO6sF8u+COZkepR5Ziw3U24GwMxw1rUEBdzLWc5tsF7sTSQM/
7jAQahxBYiq3X+ZTZ8Jjy+vgR2BCWOcdOBLHjg20tsvnF4JhrkiKagZVQMh7A3X3
Kj8TFcwPRiqKfrW6LJKS8dO6xjdtPEIrtLG6hhqyUs+695gezTt8SE2iA7zKNs5F
pYwzRJb5TXYGNvQLf9Lq4RoDZ+iH1EKE2E+HS+451fK3MSE0Wfcd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org