Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/K0W9z8yRCeE0yAVn7-XSWYVbWu0.roa
File: K0W9z8yRCeE0yAVn7-XSWYVbWu0.roa (raw, json)
Hash identifier: 8yQtEJZXDKQp6Nb6fijBUltujLvd7JM3/U00/LbXjJ0=
Subject key identifier: 2B:45:BD:CF:CC:91:09:E1:34:C8:05:67:EF:E5:D2:59:85:5B:5A:ED
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01859A80A032A7DF3517408D8EAF2B7920E2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/K0W9z8yRCeE0yAVn7-XSWYVbWu0.roa
Signing time: Tue 10 Jan 2023 07:06:38 +0000
ROA not before: Tue 10 Jan 2023 07:06:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 84.32.233.0/24 maxlen: 24
84.32.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Sep 2023 06:03:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9a:80:a0:32:a7:df:35:17:40:8d:8e:af:2b:79:20:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 10 07:06:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b45bdcfcc9109e134c80567efe5d259855b5aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:86:25:5b:e0:6a:f1:bc:0a:7e:ed:19:b9:e7:
af:82:36:bf:d1:ab:33:1f:ff:d4:94:13:bf:6e:bf:
fb:11:6a:27:b2:ac:be:3f:e3:90:cc:7c:fb:b9:2b:
21:d8:f1:ff:90:ba:0f:6c:76:21:f7:f3:10:7d:a1:
57:7c:50:3e:a0:c8:e3:a5:d3:ea:7d:d9:a6:0a:4c:
25:9a:15:75:a2:59:be:cd:c5:8d:e1:23:d0:94:cd:
ff:8e:61:84:77:bf:a0:34:f1:c4:6c:3b:cf:2e:bf:
4a:ea:03:85:ac:73:38:0a:f2:c0:e3:91:2b:ef:5e:
49:d1:6f:00:0e:ce:17:24:8e:e3:41:c6:06:a2:3f:
ee:94:13:99:f0:6c:76:79:9f:6d:7f:83:39:38:f2:
08:7f:3b:23:f3:0a:fa:5c:8d:8f:7c:56:ba:05:37:
dc:0f:28:67:f1:56:61:c3:bc:42:f2:fa:c0:dd:61:
61:14:a3:6e:b9:10:dd:c8:4c:2f:f4:20:39:d2:98:
ac:3a:ae:da:c8:2a:d2:5e:f6:64:8a:34:5a:2b:c4:
7b:8e:7f:a2:d3:78:de:e5:8e:c1:df:64:08:b9:39:
e2:4f:df:71:58:ac:ff:e1:91:86:94:fe:96:28:09:
7d:2d:14:8a:d8:08:9a:40:b3:d6:cf:ae:75:a7:3a:
4c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:45:BD:CF:CC:91:09:E1:34:C8:05:67:EF:E5:D2:59:85:5B:5A:ED
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/K0W9z8yRCeE0yAVn7-XSWYVbWu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.233.0/24
84.32.238.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:ed:f4:0f:81:9e:fb:97:80:3a:1a:f5:e9:4c:f2:d2:ed:0e:
fe:7f:0c:6e:ce:99:3a:2c:ca:92:05:37:2b:41:de:d9:3b:77:
65:ea:b5:c1:35:36:b7:43:2c:24:e2:e4:ca:b6:2d:b0:82:00:
51:59:85:27:74:07:b3:39:0c:1c:dc:21:13:04:a9:4d:cf:22:
c8:16:d3:25:25:4c:79:17:b5:78:5c:97:dd:0a:0d:e0:76:3b:
39:06:4d:bf:c2:83:b4:66:11:7e:7e:51:a6:9e:c0:41:14:03:
71:17:40:af:c8:b6:c8:1c:d3:86:62:fb:a2:7c:8f:26:10:da:
62:bb:5e:3d:45:a4:05:0a:cb:b3:7c:0c:e8:91:89:26:51:0c:
c6:8d:23:0e:42:cd:d2:d2:5d:a3:e8:04:3a:56:ca:c1:cb:9b:
6a:00:a8:87:ae:45:93:39:0a:84:29:58:bd:a6:8c:ca:f4:da:
10:ef:ce:cd:2e:14:bc:93:fe:00:c9:b3:ff:dc:a5:ee:1f:57:
96:fb:48:f9:4e:60:b8:b5:ad:13:21:f9:37:9f:ec:0f:74:6a:
6b:bf:0d:b7:72:86:ff:44:4d:fb:5f:ac:57:7a:c6:49:56:aa:
6a:f7:23:ca:ba:92:ba:3c:06:7d:e5:e2:f5:97:cf:38:c3:81:
88:0a:87:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWagKAyp981F0CNjq8reSDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTEwMDcwNjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjQ1YmRjZmNjOTEwOWUxMzRjODA1NjdlZmU1ZDI1OTg1NWI1YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYYlW+Bq8bwKfu0Zueevgja/0asz
H//UlBO/br/7EWonsqy+P+OQzHz7uSsh2PH/kLoPbHYh9/MQfaFXfFA+oMjjpdPq
fdmmCkwlmhV1olm+zcWN4SPQlM3/jmGEd7+gNPHEbDvPLr9K6gOFrHM4CvLA45Er
715J0W8ADs4XJI7jQcYGoj/ulBOZ8Gx2eZ9tf4M5OPIIfzsj8wr6XI2PfFa6BTfc
Dyhn8VZhw7xC8vrA3WFhFKNuuRDdyEwv9CA50pisOq7ayCrSXvZkijRaK8R7jn+i
03je5Y7B32QIuTniT99xWKz/4ZGGlP6WKAl9LRSK2AiaQLPWz651pzpMWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCtFvc/MkQnhNMgFZ+/l0lmFW1rtMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSzBXOXo4eVJDZUUweUFWbjctWFNXWVZiV3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCDpAwQA
VCDuMA0GCSqGSIb3DQEBCwUAA4IBAQCN7fQPgZ77l4A6GvXpTPLS7Q7+fwxuzpk6
LMqSBTcrQd7ZO3dl6rXBNTa3Qywk4uTKti2wggBRWYUndAezOQwc3CETBKlNzyLI
FtMlJUx5F7V4XJfdCg3gdjs5Bk2/woO0ZhF+flGmnsBBFANxF0CvyLbIHNOGYvui
fI8mENpiu149RaQFCsuzfAzokYkmUQzGjSMOQs3S0l2j6AQ6VsrBy5tqAKiHrkWT
OQqEKVi9pozK9NoQ787NLhS8k/4AybP/3KXuH1eW+0j5TmC4ta0TIfk3n+wPdGpr
vw23cob/RE37X6xXesZJVqpq9yPKupK6PAZ95eL1l884w4GICofo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org