Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KPMfVpA-WALTruMu7GzbKTmif4M.roa
File: KPMfVpA-WALTruMu7GzbKTmif4M.roa (raw, json)
Hash identifier: kLobVxO4kChiGdzDeSLQyEHyFcePQRQM/noZ9kLbKDA=
Subject key identifier: 28:F3:1F:56:90:3E:58:02:D3:AE:E3:2E:EC:6C:DB:29:39:A2:7F:83
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0189BB781EFA529143D82515C3D03DA75E40
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KPMfVpA-WALTruMu7GzbKTmif4M.roa
Signing time: Thu 03 Aug 2023 12:55:58 +0000
ROA not before: Thu 03 Aug 2023 12:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197644
IP address blocks: 84.32.29.0/24 maxlen: 24
84.32.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Aug 2023 08:11:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bb:78:1e:fa:52:91:43:d8:25:15:c3:d0:3d:a7:5e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 3 12:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28f31f56903e5802d3aee32eec6cdb2939a27f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a2:aa:6d:76:45:db:5e:ec:1a:57:bd:1e:c2:
5d:b0:2a:7f:a4:50:d3:81:aa:f7:6e:21:06:75:f6:
ec:6f:6c:0e:00:99:d1:d6:ff:26:bf:83:3b:fc:27:
fe:de:15:a5:3a:dc:72:d3:d3:63:0e:2e:76:a4:23:
cb:57:e0:05:45:8a:76:ea:4b:1d:02:26:7c:47:62:
4f:28:63:3c:5f:c3:d7:45:51:18:41:1b:e2:8a:bb:
e8:af:b9:90:79:00:98:6f:7d:6b:43:0a:68:02:4e:
04:05:11:54:ae:d9:02:51:56:1d:c3:c8:6b:66:57:
f1:fe:80:64:a8:74:6c:2a:e0:77:a6:1c:9d:e3:bd:
c3:88:e2:2c:ce:94:29:6e:95:53:b2:f9:da:82:48:
37:bf:d0:fa:66:7a:d2:31:c9:7d:24:0c:56:8f:24:
fd:92:99:2e:80:63:db:bf:77:8b:66:fd:fa:14:25:
82:36:be:92:cb:80:5b:4a:0c:ff:eb:1b:7a:32:3a:
ee:74:4d:5f:4d:61:44:51:c0:00:0b:43:fb:52:a9:
57:9d:35:13:09:2d:b1:b2:18:55:dd:d1:79:d2:da:
07:6d:ba:6e:ff:ea:f3:b4:fc:10:72:43:a2:28:55:
1f:d4:1c:ca:9f:c4:4a:e5:f5:db:f6:c1:03:be:01:
01:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F3:1F:56:90:3E:58:02:D3:AE:E3:2E:EC:6C:DB:29:39:A2:7F:83
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KPMfVpA-WALTruMu7GzbKTmif4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.29.0/24
84.32.155.0/24
Signature Algorithm: sha256WithRSAEncryption
03:19:30:4a:f1:f1:e6:cc:79:08:77:05:a5:00:d4:61:61:52:
55:78:fd:77:be:8b:43:40:9f:65:2e:62:f0:f4:71:12:79:50:
a1:be:02:19:36:c0:f3:c4:ac:03:a4:0f:f7:d2:06:c7:62:3c:
9f:be:00:2a:80:88:88:71:74:01:85:4e:78:45:f7:85:da:0d:
f2:b1:ca:5d:5a:53:eb:be:67:97:7f:67:94:04:63:d6:c8:53:
72:51:df:f5:83:f7:12:86:df:a2:4c:27:c8:2c:ca:51:74:32:
48:21:ef:b1:6f:a0:a6:d3:1c:d9:48:27:9d:88:6d:37:3a:5c:
44:39:25:43:fc:53:4a:9c:00:6f:fb:d8:65:0c:9f:b5:e8:cb:
50:02:3f:2e:4a:8f:f8:62:4f:5d:15:6c:cd:5a:c9:95:0e:2d:
96:3f:df:9f:62:aa:af:77:f7:db:f7:35:b3:dd:71:e3:99:40:
75:3a:9e:39:72:9e:c0:d0:3c:20:79:84:d6:33:89:57:28:84:
f0:32:4f:bc:8d:66:6a:9a:02:09:72:a3:2d:f7:cd:f3:e8:40:
c1:fb:39:1b:a5:64:b9:70:38:87:c0:dc:aa:9b:37:fc:81:98:
74:50:fd:ce:e6:0f:1d:8c:0a:8a:ff:b8:d7:ab:61:e4:06:a7:
87:10:77:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm7eB76UpFD2CUVw9A9p15AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwODAzMTI1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGYzMWY1NjkwM2U1ODAyZDNhZWUzMmVlYzZjZGIyOTM5YTI3ZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqKqbXZF217sGle9HsJdsCp/pFDT
gar3biEGdfbsb2wOAJnR1v8mv4M7/Cf+3hWlOtxy09NjDi52pCPLV+AFRYp26ksd
AiZ8R2JPKGM8X8PXRVEYQRviirvor7mQeQCYb31rQwpoAk4EBRFUrtkCUVYdw8hr
Zlfx/oBkqHRsKuB3phyd473DiOIszpQpbpVTsvnagkg3v9D6ZnrSMcl9JAxWjyT9
kpkugGPbv3eLZv36FCWCNr6Sy4BbSgz/6xt6MjrudE1fTWFEUcAAC0P7UqlXnTUT
CS2xshhV3dF50toHbbpu/+rztPwQckOiKFUf1BzKn8RK5fXb9sEDvgEB5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCjzH1aQPlgC067jLuxs2yk5on+DMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvS1BNZlZwQS1XQUxUcnVNdTdHemJLVG1pZjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAdAwQA
VCCbMA0GCSqGSIb3DQEBCwUAA4IBAQADGTBK8fHmzHkIdwWlANRhYVJVeP13votD
QJ9lLmLw9HESeVChvgIZNsDzxKwDpA/30gbHYjyfvgAqgIiIcXQBhU54RfeF2g3y
scpdWlPrvmeXf2eUBGPWyFNyUd/1g/cSht+iTCfILMpRdDJIIe+xb6Cm0xzZSCed
iG03OlxEOSVD/FNKnABv+9hlDJ+16MtQAj8uSo/4Yk9dFWzNWsmVDi2WP9+fYqqv
d/fb9zWz3XHjmUB1Op45cp7A0DwgeYTWM4lXKITwMk+8jWZqmgIJcqMt983z6EDB
+zkbpWS5cDiHwNyqmzf8gZh0UP3O5g8djAqK/7jXq2HkBqeHEHeW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org