Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/G1alR1zijkHS1pfXZ79iAoUCk_k.roa
File: G1alR1zijkHS1pfXZ79iAoUCk_k.roa (raw, json)
Hash identifier: pxWZHNTDrQ54tBx3wB8zUcWuUzTi4O/fW6PSZUD6LHU=
Subject key identifier: 1B:56:A5:47:5C:E2:8E:41:D2:D6:97:D7:67:BF:62:02:85:02:93:F9
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826C98DB87D7DE5611FCD3B00416E2C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/G1alR1zijkHS1pfXZ79iAoUCk_k.roa
Signing time: Thu 02 Jan 2025 17:53:38 +0000
ROA not before: Thu 02 Jan 2025 17:53:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214304
IP address blocks: 84.32.24.0/22 maxlen: 24
84.32.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 09:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:c9:8d:b8:7d:7d:e5:61:1f:cd:3b:00:41:6e:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b56a5475ce28e41d2d697d767bf6202850293f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:70:2a:ac:7c:10:f1:eb:1e:02:dc:d6:29:11:
7e:7e:b3:1a:91:ea:31:b5:0c:7a:a0:d3:6f:fd:c9:
45:d2:df:ff:7e:b1:90:e0:ce:24:e3:f0:3b:00:08:
57:86:82:21:c8:0c:7a:2f:65:5a:bf:e0:31:97:f4:
92:96:0c:e2:d4:e3:b5:98:d0:80:66:88:49:d5:2b:
9e:e2:fa:c0:d8:b2:4e:8d:1b:31:11:92:0f:da:6a:
e3:ee:31:61:a8:ea:46:28:ea:9b:25:de:42:56:0f:
75:56:0c:96:a9:d2:4f:ae:f1:5f:ec:f3:a5:0c:f6:
f1:c6:b8:f3:e5:8f:ae:71:7c:e6:f7:bc:66:8d:17:
83:49:14:75:b0:21:83:c6:ed:32:ad:f1:cc:aa:a0:
b5:df:6d:6e:2a:b6:76:5e:1a:86:25:5e:85:9d:eb:
52:38:9b:b0:fb:67:31:36:a2:bc:80:4a:f9:9a:bf:
ca:91:32:0a:1c:51:dd:0b:f9:ac:ef:9c:af:9e:43:
33:db:17:e1:54:d4:83:6e:4a:4d:23:d7:88:6f:a3:
ce:6a:fe:ff:eb:88:43:8c:5f:e7:35:43:4a:14:c8:
25:57:ff:dd:a3:23:16:8e:9c:3d:9d:eb:30:e6:3b:
97:f4:e9:81:2a:1e:76:82:9b:40:db:fb:f4:be:10:
8b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:56:A5:47:5C:E2:8E:41:D2:D6:97:D7:67:BF:62:02:85:02:93:F9
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/G1alR1zijkHS1pfXZ79iAoUCk_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
Signature Algorithm: sha256WithRSAEncryption
73:de:3f:f8:62:9a:ff:21:43:e7:03:2c:98:8d:ba:af:c3:b9:
42:45:6b:dd:f1:8a:f8:60:bb:29:84:39:6e:75:72:a1:8c:0a:
94:e3:9b:7d:03:61:5d:f3:52:f6:1d:a4:cd:14:e1:86:fd:cd:
b5:2d:c5:9e:1d:cb:7b:34:f4:11:51:01:f6:d1:a7:51:a9:db:
4a:d1:69:35:46:9e:c4:ff:79:0f:67:4a:e3:fa:84:4a:2c:17:
30:d2:b7:95:d6:55:20:fb:e6:f7:02:60:2d:95:37:ea:63:27:
e5:a1:0a:ab:46:da:fa:9d:1d:34:01:c4:3c:99:2d:a8:03:f2:
ac:ce:3a:1e:5b:0a:ae:d9:a6:8b:0a:6b:dd:8b:3e:ab:b2:7e:
c7:97:4b:13:ed:76:85:46:39:f7:5e:36:94:b3:b6:c7:0d:5e:
ac:24:6b:ed:e5:93:11:10:14:1e:bc:80:ed:02:5b:24:15:d7:
40:20:b7:38:d3:af:c4:62:20:57:fb:93:c2:d2:62:6f:69:b6:
af:76:eb:fb:41:a3:ae:f3:ed:fb:e9:29:d2:40:93:33:59:4b:
b9:40:08:88:73:62:78:9a:82:5a:39:b5:50:55:b4:cb:54:02:
38:bb:e4:c6:1e:9e:fa:fb:91:9b:31:00:bf:07:10:ea:5a:00:
12:88:2c:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJsmNuH195WEfzTsAQW4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjU2YTU0NzVjZTI4ZTQxZDJkNjk3ZDc2N2JmNjIwMjg1MDI5M2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXAqrHwQ8eseAtzWKRF+frMakeox
tQx6oNNv/clF0t//frGQ4M4k4/A7AAhXhoIhyAx6L2Vav+Axl/SSlgzi1OO1mNCA
ZohJ1Sue4vrA2LJOjRsxEZIP2mrj7jFhqOpGKOqbJd5CVg91VgyWqdJPrvFf7POl
DPbxxrjz5Y+ucXzm97xmjReDSRR1sCGDxu0yrfHMqqC1321uKrZ2XhqGJV6FnetS
OJuw+2cxNqK8gEr5mr/KkTIKHFHdC/ms75yvnkMz2xfhVNSDbkpNI9eIb6POav7/
64hDjF/nNUNKFMglV//doyMWjpw9nesw5juX9OmBKh52gptA2/v0vhCLJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBtWpUdc4o5B0taX12e/YgKFApP5MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRzFhbFIxemlqa0hTMXBmWFo3OWlBb1VDa19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVCAYMA0G
CSqGSIb3DQEBCwUAA4IBAQBz3j/4Ypr/IUPnAyyYjbqvw7lCRWvd8Yr4YLsphDlu
dXKhjAqU45t9A2Fd81L2HaTNFOGG/c21LcWeHct7NPQRUQH20adRqdtK0Wk1Rp7E
/3kPZ0rj+oRKLBcw0reV1lUg++b3AmAtlTfqYyfloQqrRtr6nR00AcQ8mS2oA/Ks
zjoeWwqu2aaLCmvdiz6rsn7Hl0sT7XaFRjn3XjaUs7bHDV6sJGvt5ZMREBQevIDt
AlskFddAILc406/EYiBX+5PC0mJvabavduv7QaOu8+376SnSQJMzWUu5QAiIc2J4
moJaObVQVbTLVAI4u+TGHp76+5GbMQC/BxDqWgASiCyr
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:10:46 2025 by rpki-client