Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IMkZpxKMed4EP64VvMcrpmIQSsc.roa
File: IMkZpxKMed4EP64VvMcrpmIQSsc.roa (raw, json)
Hash identifier: gL/v8Nn9Z6wkenb82LpUyOwwxPY4zCwjOTMtx3S7HMo=
Subject key identifier: 20:C9:19:A7:12:8C:79:DE:04:3F:AE:15:BC:C7:2B:A6:62:10:4A:C7
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01887AA631F4F5A2D144372FE89F275E28F3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IMkZpxKMed4EP64VvMcrpmIQSsc.roa
Signing time: Fri 02 Jun 2023 05:48:12 +0000
ROA not before: Fri 02 Jun 2023 05:48:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43043
IP address blocks: 84.32.61.0/24 maxlen: 24
84.32.83.0/24 maxlen: 24
84.32.107.0/24 maxlen: 24
84.32.11.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Jun 2023 09:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7a:a6:31:f4:f5:a2:d1:44:37:2f:e8:9f:27:5e:28:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 2 05:48:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20c919a7128c79de043fae15bcc72ba662104ac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4a:fd:7f:86:d5:ae:0b:9b:96:dc:72:b3:1e:
1f:ac:b5:8a:26:86:ad:66:50:ca:eb:76:a0:e7:7a:
4e:c2:62:b4:59:b2:f3:bd:d5:06:87:a8:c3:0e:f5:
53:aa:b5:12:4d:d4:91:80:63:09:71:6d:99:6d:2a:
56:0a:d2:a4:c1:c9:5b:9e:bc:0a:b9:48:de:7f:da:
88:39:f1:42:28:1a:d1:99:56:ca:fb:da:ce:26:a3:
26:42:c1:b7:5a:e9:8e:ea:50:fe:e6:7b:10:09:c0:
5d:90:05:66:18:3b:8d:f3:39:42:5f:6a:5f:ed:89:
96:3d:f6:7b:02:d5:45:7c:4c:70:e8:ad:ff:3d:aa:
f1:0a:6e:0e:87:44:c0:ee:3e:7a:cf:6d:66:50:c9:
6d:fe:ee:16:f8:3b:3a:cf:f8:e7:95:3b:34:73:a7:
1e:03:65:08:f5:8c:1c:ac:b3:41:7e:2f:ad:0a:25:
d4:86:4c:1a:07:f4:3e:3d:14:f5:f1:5c:3d:f5:5f:
d7:bd:0b:68:19:67:ec:a5:81:c3:61:62:fd:9c:e7:
23:ed:ac:f5:98:34:f2:54:33:8b:70:0e:bf:eb:bc:
92:c7:fb:b8:b7:e3:cd:6e:bc:ae:2e:2d:07:89:59:
b1:6c:9e:4d:59:38:74:bc:10:7d:dd:bb:88:f3:95:
51:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C9:19:A7:12:8C:79:DE:04:3F:AE:15:BC:C7:2B:A6:62:10:4A:C7
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IMkZpxKMed4EP64VvMcrpmIQSsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.11.0/24
84.32.31.0/24
84.32.46.0/24
84.32.61.0/24
84.32.83.0/24
84.32.107.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:90:a4:1a:e3:88:e0:38:f8:f6:66:7d:46:c9:15:8c:71:ff:
18:53:e9:df:79:ff:8f:fd:b7:7b:b8:4f:7e:f9:35:40:3c:a5:
0d:12:54:17:e1:d1:da:11:5a:60:09:5d:a7:6e:b3:a4:bc:a4:
d0:ac:a9:f1:d3:20:8a:66:83:18:85:83:4a:8a:2e:e9:9a:d9:
52:c5:83:8a:9a:2f:d4:19:06:b0:7f:df:f6:75:dc:d9:80:7c:
84:a9:f0:4b:cb:72:a1:2d:b1:fa:12:93:e0:f8:78:97:d4:0d:
0e:27:bc:c8:f6:8b:ab:95:90:11:d1:41:ad:0f:f5:e6:f8:bd:
06:51:9d:f2:84:e0:18:fc:d6:d5:44:0c:83:9a:35:42:40:95:
b9:e6:9a:ad:3b:31:ac:67:0c:0f:49:2d:e9:1e:06:37:18:ff:
92:c4:1c:2d:d1:e3:f7:8a:45:a4:6b:e6:6f:a4:fb:2b:77:2a:
02:a1:4a:38:c0:8f:b0:e7:27:3c:6b:79:a1:d8:ec:b8:57:c2:
b4:44:07:7a:15:8f:cf:f0:78:6c:5b:f7:65:4d:de:5e:d6:d3:
79:2f:d0:02:43:1a:e6:01:8c:f8:15:65:d8:fc:2c:ae:19:ff:
57:d7:25:45:80:aa:9d:4f:06:ef:4c:61:c5:10:49:b6:c0:57:
17:71:d7:52
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYh6pjH09aLRRDcv6J8nXijzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjAyMDU0ODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGM5MTlhNzEyOGM3OWRlMDQzZmFlMTViY2M3MmJhNjYyMTA0YWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEr9f4bVrgubltxysx4frLWKJoat
ZlDK63ag53pOwmK0WbLzvdUGh6jDDvVTqrUSTdSRgGMJcW2ZbSpWCtKkwclbnrwK
uUjef9qIOfFCKBrRmVbK+9rOJqMmQsG3WumO6lD+5nsQCcBdkAVmGDuN8zlCX2pf
7YmWPfZ7AtVFfExw6K3/ParxCm4Oh0TA7j56z21mUMlt/u4W+Ds6z/jnlTs0c6ce
A2UI9YwcrLNBfi+tCiXUhkwaB/Q+PRT18Vw99V/XvQtoGWfspYHDYWL9nOcj7az1
mDTyVDOLcA6/67ySx/u4t+PNbryuLi0HiVmxbJ5NWTh0vBB93buI85VRlQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCDJGacSjHneBD+uFbzHK6ZiEErHMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSU1rWnB4S01lZDRFUDY0VnZNY3JwbUlRU3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCALAwQA
VCAfAwQAVCAuAwQAVCA9AwQAVCBTAwQAVCBrMA0GCSqGSIb3DQEBCwUAA4IBAQBN
kKQa44jgOPj2Zn1GyRWMcf8YU+nfef+P/bd7uE9++TVAPKUNElQX4dHaEVpgCV2n
brOkvKTQrKnx0yCKZoMYhYNKii7pmtlSxYOKmi/UGQawf9/2ddzZgHyEqfBLy3Kh
LbH6EpPg+HiX1A0OJ7zI9ourlZAR0UGtD/Xm+L0GUZ3yhOAY/NbVRAyDmjVCQJW5
5pqtOzGsZwwPSS3pHgY3GP+SxBwt0eP3ikWka+ZvpPsrdyoCoUo4wI+w5yc8a3mh
2Oy4V8K0RAd6FY/P8HhsW/dlTd5e1tN5L9ACQxrmAYz4FWXY/CyuGf9X1yVFgKqd
TwbvTGHFEEm2wFcXcddS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org