Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KZgxz623v-XZCC9j2NDQ9CrPC0M.roa
File: KZgxz623v-XZCC9j2NDQ9CrPC0M.roa (raw, json)
Hash identifier: 4rDWAiosY/IZjyMRIEvgpaCjaea6rB+xkvosjXUU2Bg=
Subject key identifier: 29:98:31:CF:AD:B7:BF:E5:D9:08:2F:63:D8:D0:D0:F4:2A:CF:0B:43
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018ACAFA6A78EC2E63BF5EC5206244DA0F1C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KZgxz623v-XZCC9j2NDQ9CrPC0M.roa
Signing time: Mon 25 Sep 2023 06:15:23 +0000
ROA not before: Mon 25 Sep 2023 06:15:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206119
IP address blocks: 84.32.221.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 04:46:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ca:fa:6a:78:ec:2e:63:bf:5e:c5:20:62:44:da:0f:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 25 06:15:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=299831cfadb7bfe5d9082f63d8d0d0f42acf0b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0e:4b:09:14:05:2f:60:e0:ee:58:d2:4c:6a:
54:11:e2:c2:1f:cd:e7:49:c5:0c:a9:3b:4a:dc:2c:
eb:09:86:bd:a9:b5:7a:0c:61:5f:ba:09:4d:a9:f8:
7a:7f:3c:73:ee:1b:3d:e5:6a:cc:40:ef:a6:c8:2a:
03:f3:24:60:68:16:61:7b:1f:3f:9f:99:20:57:c4:
2d:73:96:55:1b:a7:c2:31:58:d6:d9:76:c4:8f:b8:
31:1f:3c:0f:77:31:45:df:62:ce:05:17:48:bb:98:
0b:36:56:b1:88:9a:84:9c:73:d4:9c:e8:a3:a1:3a:
66:9f:65:1d:89:b1:0a:25:9c:a5:0c:a8:33:14:29:
86:8c:ba:3f:b7:14:3a:64:8a:55:b4:f5:2a:dd:8a:
f5:39:bb:df:ca:4f:bf:af:46:34:93:e0:7c:a9:29:
04:78:75:8a:ff:ce:d9:e2:cd:f9:b2:e0:ae:5c:3c:
b7:63:d0:47:2f:59:51:ce:1c:86:80:fe:ee:d3:ca:
3c:22:c7:21:96:f3:ca:b2:8e:c1:00:4f:1a:6c:0d:
e7:5e:7e:c5:4e:e2:3b:41:2c:0c:4b:c5:7b:68:09:
89:16:20:2d:71:96:b2:aa:d9:04:64:9f:cc:ef:fa:
f3:43:93:47:9b:a5:a9:ac:eb:dd:d4:c9:b9:58:64:
b7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:98:31:CF:AD:B7:BF:E5:D9:08:2F:63:D8:D0:D0:F4:2A:CF:0B:43
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KZgxz623v-XZCC9j2NDQ9CrPC0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.221.0/24
88.216.47.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:53:d9:9a:a9:a3:3b:26:03:81:f2:6e:26:70:40:3d:72:ad:
1e:00:74:6f:dd:3f:d5:25:25:5d:ad:0d:12:16:e7:96:8b:80:
c2:ef:4d:50:15:e6:d9:00:f7:61:d2:70:a1:2f:80:22:f4:32:
2b:a6:c4:73:3f:6f:ae:de:f2:a7:cf:f2:9a:48:1d:c4:b1:c8:
db:f3:5d:78:78:5b:ad:24:a1:2e:89:34:6a:4b:79:69:8d:98:
c9:7e:c1:69:12:cf:14:4e:96:ad:c7:2e:9f:7c:31:65:69:f3:
74:6b:7e:45:23:82:16:89:9f:c9:84:a6:88:48:a7:e7:c1:61:
0d:e4:f7:4d:01:9a:dc:7b:4c:89:c3:06:35:17:f7:e5:3f:16:
c9:08:bf:59:40:91:7a:bf:8e:c6:75:06:a9:36:1a:3c:8a:9d:
59:b5:4d:bc:d9:76:5d:45:43:3e:e0:a8:d9:40:61:20:1c:c3:
71:f1:5d:43:0d:da:11:3e:0c:fd:0a:33:cf:af:c3:22:14:85:
31:f8:14:73:58:a4:73:67:59:e1:1b:1c:e3:75:55:25:91:d8:
bc:06:99:33:5b:91:3d:1f:c9:6f:64:8f:9f:85:8a:98:b2:ec:
bf:24:9a:00:9f:3b:50:7b:0c:a1:c2:7f:58:b2:ad:db:a7:6b:
0a:38:f4:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrK+mp47C5jv17FIGJE2g8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwOTI1MDYxNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk4MzFjZmFkYjdiZmU1ZDkwODJmNjNkOGQwZDBmNDJhY2YwYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ5LCRQFL2Dg7ljSTGpUEeLCH83n
ScUMqTtK3CzrCYa9qbV6DGFfuglNqfh6fzxz7hs95WrMQO+myCoD8yRgaBZhex8/
n5kgV8Qtc5ZVG6fCMVjW2XbEj7gxHzwPdzFF32LOBRdIu5gLNlaxiJqEnHPUnOij
oTpmn2UdibEKJZylDKgzFCmGjLo/txQ6ZIpVtPUq3Yr1Obvfyk+/r0Y0k+B8qSkE
eHWK/87Z4s35suCuXDy3Y9BHL1lRzhyGgP7u08o8IschlvPKso7BAE8abA3nXn7F
TuI7QSwMS8V7aAmJFiAtcZayqtkEZJ/M7/rzQ5NHm6WprOvd1Mm5WGS3LQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCmYMc+tt7/l2QgvY9jQ0PQqzwtDMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvS1pneHo2MjN2LVhaQ0M5ajJORFE5Q3JQQzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCDdAwQA
WNgvMA0GCSqGSIb3DQEBCwUAA4IBAQBOU9maqaM7JgOB8m4mcEA9cq0eAHRv3T/V
JSVdrQ0SFueWi4DC701QFebZAPdh0nChL4Ai9DIrpsRzP2+u3vKnz/KaSB3Escjb
8114eFutJKEuiTRqS3lpjZjJfsFpEs8UTpatxy6ffDFlafN0a35FI4IWiZ/JhKaI
SKfnwWEN5PdNAZrce0yJwwY1F/flPxbJCL9ZQJF6v47GdQapNho8ip1ZtU282XZd
RUM+4KjZQGEgHMNx8V1DDdoRPgz9CjPPr8MiFIUx+BRzWKRzZ1nhGxzjdVUlkdi8
BpkzW5E9H8lvZI+fhYqYsuy/JJoAnztQewyhwn9Ysq3bp2sKOPR2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org