Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GxkN9mwfrKGzO-zkOTbd80FtvRA.roa
File: GxkN9mwfrKGzO-zkOTbd80FtvRA.roa (raw, json)
Hash identifier: 8/OKek+Dse6RiUOt+Ozcn2dVARb1o1OcD9mYiu+Bk7s=
Subject key identifier: 1B:19:0D:F6:6C:1F:AC:A1:B3:3B:EC:E4:39:36:DD:F3:41:6D:BD:10
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFCFA777922D0A6538BAC40FABF43F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GxkN9mwfrKGzO-zkOTbd80FtvRA.roa
Signing time: Sun 01 Jan 2023 18:54:53 +0000
ROA not before: Sun 01 Jan 2023 18:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 84.32.69.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jan 2023 08:13:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:cf:a7:77:92:2d:0a:65:38:ba:c4:0f:ab:f4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b190df66c1faca1b33bece43936ddf3416dbd10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:63:06:9c:3c:d0:c8:41:64:e0:f6:59:54:ef:
89:3f:fb:c0:67:ca:a2:3d:1f:db:08:b7:2d:13:cb:
2b:be:1b:de:eb:41:91:f6:e2:3f:c5:a0:04:5d:e1:
a3:eb:e8:37:73:e3:fb:44:3f:01:50:cf:72:92:64:
7b:e5:82:c0:fc:f2:cf:80:73:f4:05:fc:47:48:03:
48:34:95:79:cd:1b:68:80:a8:38:56:92:21:fe:54:
74:a0:58:e4:1b:98:22:e3:40:6a:e8:93:60:57:05:
77:39:9b:7c:8d:ee:ed:4d:b5:ff:31:79:d0:69:ff:
9f:5e:71:8c:7f:1c:43:4e:68:b8:1c:db:3d:ae:7f:
70:bb:d9:3e:ba:7e:5a:6d:16:98:08:10:c7:c1:52:
17:1e:16:56:16:88:81:c8:67:5a:44:67:2e:b3:22:
91:ac:44:b7:ce:c1:7d:0f:e5:a2:17:39:8e:a9:3a:
1f:53:21:66:a0:ce:48:2a:10:b1:d1:9e:f8:73:bc:
89:69:37:e5:5b:16:93:8b:02:0a:26:68:5c:89:eb:
2e:1b:61:89:7e:2b:de:24:11:02:59:63:e4:d8:dc:
ba:3b:09:42:82:ea:e3:17:20:1b:9e:27:51:87:4d:
da:de:cc:d3:da:a8:c7:5c:9b:3f:a0:cd:6a:e3:5d:
01:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:19:0D:F6:6C:1F:AC:A1:B3:3B:EC:E4:39:36:DD:F3:41:6D:BD:10
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GxkN9mwfrKGzO-zkOTbd80FtvRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.40.0/24
84.32.69.0/24
84.32.242.0/24
88.216.41.0/24
Signature Algorithm: sha256WithRSAEncryption
93:bc:79:36:7c:e3:68:83:0e:2f:41:df:6e:9e:39:89:82:cd:
62:ee:7c:ad:5c:57:91:59:a5:36:86:60:7c:7e:ea:6c:4e:e2:
a0:e6:c1:28:20:43:95:60:22:ba:71:f7:fe:88:4e:0e:7f:17:
67:70:71:6c:d1:0b:16:dc:8c:3d:8e:6c:95:b6:fa:00:cb:8f:
22:ec:2d:dd:98:94:0b:fe:78:5d:d7:9c:41:4e:45:ae:ee:78:
3a:09:6c:93:9a:db:5e:4a:9f:8c:9a:16:66:be:59:89:68:38:
ce:6a:e0:4b:73:96:f1:42:95:e3:db:71:02:f8:5e:f8:0f:8c:
2f:7d:59:d8:f3:eb:03:11:a2:3b:f0:71:26:1e:45:62:02:8d:
96:e9:c4:13:b7:05:3f:92:42:dc:c6:10:cd:94:dc:f8:05:59:
a1:fa:07:6a:39:15:69:8d:f8:d4:32:a5:dc:c6:ea:97:cf:47:
f6:d6:ce:9a:9d:b9:25:bc:cb:0e:08:e1:9c:a2:95:b9:f5:33:
14:28:2e:20:d4:ea:27:d2:95:9c:4e:dd:3b:47:49:fc:d4:ce:
37:7a:c6:9d:6a:87:1c:72:02:11:e4:8c:63:f6:3a:57:22:40:
05:40:e9:43:a9:5c:c6:8f:a7:3c:2c:73:d3:e4:06:52:15:76:
a2:7c:cd:73
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVur8+nd5ItCmU4usQPq/Q/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjE5MGRmNjZjMWZhY2ExYjMzYmVjZTQzOTM2ZGRmMzQxNmRiZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGMGnDzQyEFk4PZZVO+JP/vAZ8qi
PR/bCLctE8srvhve60GR9uI/xaAEXeGj6+g3c+P7RD8BUM9ykmR75YLA/PLPgHP0
BfxHSANINJV5zRtogKg4VpIh/lR0oFjkG5gi40Bq6JNgVwV3OZt8je7tTbX/MXnQ
af+fXnGMfxxDTmi4HNs9rn9wu9k+un5abRaYCBDHwVIXHhZWFoiByGdaRGcusyKR
rES3zsF9D+WiFzmOqTofUyFmoM5IKhCx0Z74c7yJaTflWxaTiwIKJmhciesuG2GJ
fiveJBECWWPk2Ny6OwlCgurjFyAbnidRh03a3szT2qjHXJs/oM1q410BjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBsZDfZsH6yhszvs5Dk23fNBbb0QMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvR3hrTjltd2ZyS0d6Ty16a09UYmQ4MEZ0dlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCAoAwQA
VCBFAwQAVCDyAwQAWNgpMA0GCSqGSIb3DQEBCwUAA4IBAQCTvHk2fONogw4vQd9u
njmJgs1i7nytXFeRWaU2hmB8fupsTuKg5sEoIEOVYCK6cff+iE4OfxdncHFs0QsW
3Iw9jmyVtvoAy48i7C3dmJQL/nhd15xBTkWu7ng6CWyTmtteSp+MmhZmvlmJaDjO
auBLc5bxQpXj23EC+F74D4wvfVnY8+sDEaI78HEmHkViAo2W6cQTtwU/kkLcxhDN
lNz4BVmh+gdqORVpjfjUMqXcxuqXz0f21s6anbklvMsOCOGcopW59TMUKC4g1Oon
0pWcTt07R0n81M43esadaocccgIR5Ixj9jpXIkAFQOlDqVzGj6c8LHPT5AZSFXai
fM1z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org