Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JeDqJuFqkBUOe9pthq1wQ4Vdj_Y.roa
File: JeDqJuFqkBUOe9pthq1wQ4Vdj_Y.roa (raw, json)
Hash identifier: QDy0aXX2b/hU6wr8JGplM+RKNWgNuFUcAsnmj5r9LtI=
Subject key identifier: 25:E0:EA:26:E1:6A:90:15:0E:7B:DA:6D:86:AD:70:43:85:5D:8F:F6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018A6160702D701B3F7F03A32F206CBE7105
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JeDqJuFqkBUOe9pthq1wQ4Vdj_Y.roa
Signing time: Mon 04 Sep 2023 18:07:04 +0000
ROA not before: Mon 04 Sep 2023 18:07:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16125
IP address blocks: 84.32.215.0/24 maxlen: 24
84.32.214.0/24 maxlen: 24
84.32.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:61:60:70:2d:70:1b:3f:7f:03:a3:2f:20:6c:be:71:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 4 18:07:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25e0ea26e16a90150e7bda6d86ad7043855d8ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:47:3a:c5:e8:79:5d:97:e5:49:f5:37:9a:80:
a7:17:76:97:39:5a:43:11:fd:04:c8:f9:6f:e6:d1:
ed:aa:56:5e:6f:af:e1:5f:48:0d:09:7f:78:13:0c:
80:37:95:68:ad:2a:50:ef:7a:a1:9b:a3:b7:f7:2f:
4f:31:44:d4:9e:2c:db:7a:4f:7d:c0:7f:8a:1b:31:
93:78:31:16:44:cf:9a:c7:7c:b7:09:b5:b6:59:90:
14:44:f4:a1:6a:1a:12:94:90:74:5c:eb:b2:7e:60:
51:e0:57:b4:17:4b:4c:41:fb:b9:a5:e2:38:70:f1:
ef:ca:ec:24:e9:36:ec:c6:d3:75:02:7e:fd:4f:f8:
12:76:50:65:62:b7:95:aa:18:ef:4f:53:b9:d4:9d:
03:c4:6f:74:b7:c4:e3:c4:3b:42:e0:eb:7b:c8:9e:
7b:05:6a:13:e7:a5:b0:44:7a:bb:f8:70:ca:9f:4b:
9b:71:86:33:b9:ab:59:d3:1f:a7:5d:aa:ab:10:78:
62:d3:45:5f:7a:12:e1:53:66:ce:b4:e2:5c:e7:0e:
e6:d7:38:d8:7b:2b:89:3f:c4:1c:43:48:9c:1a:1b:
0d:ec:8a:23:4a:22:98:db:e2:c9:55:9e:78:1e:d8:
9a:ac:ab:11:46:37:a5:90:23:ee:38:d7:10:19:26:
47:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E0:EA:26:E1:6A:90:15:0E:7B:DA:6D:86:AD:70:43:85:5D:8F:F6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JeDqJuFqkBUOe9pthq1wQ4Vdj_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.214.0/23
84.32.248.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:6f:26:b0:41:57:78:e0:24:ea:1e:17:1e:07:b1:b6:a2:f2:
79:d8:40:b9:28:04:b9:63:a8:90:2c:32:83:96:8f:39:b2:ad:
53:8d:b7:1c:0d:77:4e:c9:f7:4a:62:b6:ab:6c:af:ae:e7:11:
94:a4:e1:ff:51:99:6e:da:ad:d1:81:5e:8b:19:d8:6e:88:6f:
15:ae:2f:e1:ad:bf:b7:ee:c5:97:90:41:9e:68:25:57:ad:14:
30:5c:03:de:9e:00:eb:0c:7b:0d:57:b0:5b:c7:a0:21:73:8a:
5a:43:d2:fe:09:78:ad:e0:92:a1:1c:a6:0d:cf:31:d9:b7:5f:
a3:df:5d:ba:e4:dd:1e:89:dd:9e:81:2f:c9:f3:a3:d7:95:2b:
fe:c4:76:90:56:f9:c7:e7:22:31:57:6c:c2:62:61:e2:ec:67:
92:ed:b1:71:77:e5:54:ed:c5:e4:41:b6:af:3e:ca:19:9a:be:
8a:03:a4:20:52:b7:6c:32:05:bf:dc:02:6f:67:df:8e:a5:c6:
b2:12:63:cf:59:78:40:a7:d0:56:58:87:ab:0c:e9:f4:8e:8f:
29:77:79:66:7b:18:b1:90:60:cc:a7:05:71:27:ae:36:8f:83:
f2:c7:33:56:d0:4a:76:47:a0:78:9e:a5:e4:7e:e4:25:bf:31:
d9:f4:5c:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYphYHAtcBs/fwOjLyBsvnEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwOTA0MTgwNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWUwZWEyNmUxNmE5MDE1MGU3YmRhNmQ4NmFkNzA0Mzg1NWQ4ZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEc6xeh5XZflSfU3moCnF3aXOVpD
Ef0EyPlv5tHtqlZeb6/hX0gNCX94EwyAN5VorSpQ73qhm6O39y9PMUTUnizbek99
wH+KGzGTeDEWRM+ax3y3CbW2WZAURPShahoSlJB0XOuyfmBR4Fe0F0tMQfu5peI4
cPHvyuwk6TbsxtN1An79T/gSdlBlYreVqhjvT1O51J0DxG90t8TjxDtC4Ot7yJ57
BWoT56WwRHq7+HDKn0ubcYYzuatZ0x+nXaqrEHhi00VfehLhU2bOtOJc5w7m1zjY
eyuJP8QcQ0icGhsN7IojSiKY2+LJVZ54HtiarKsRRjelkCPuONcQGSZHIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCXg6ibhapAVDnvabYatcEOFXY/2MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSmVEcUp1RnFrQlVPZTlwdGhxMXdRNFZkal9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVCDWAwQA
VCD4MA0GCSqGSIb3DQEBCwUAA4IBAQALbyawQVd44CTqHhceB7G2ovJ52EC5KAS5
Y6iQLDKDlo85sq1TjbccDXdOyfdKYrarbK+u5xGUpOH/UZlu2q3RgV6LGdhuiG8V
ri/hrb+37sWXkEGeaCVXrRQwXAPengDrDHsNV7Bbx6Ahc4paQ9L+CXit4JKhHKYN
zzHZt1+j31265N0eid2egS/J86PXlSv+xHaQVvnH5yIxV2zCYmHi7GeS7bFxd+VU
7cXkQbavPsoZmr6KA6QgUrdsMgW/3AJvZ9+OpcayEmPPWXhAp9BWWIerDOn0jo8p
d3lmexixkGDMpwVxJ642j4PyxzNW0Ep2R6B4nqXkfuQlvzHZ9FwG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org