Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KkkVxtPzRhCzHJeRKNx767q8Xcg.roa
File: KkkVxtPzRhCzHJeRKNx767q8Xcg.roa (raw, json)
Hash identifier: LmfMvvyX9W1lSgEAyGp0CElKVOigh+G2HHDrp255cek=
Subject key identifier: 2A:49:15:C6:D3:F3:46:10:B3:1C:97:91:28:DC:7B:EB:BA:BC:5D:C8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01882638828D3A812F5B741C5A287ECE6401
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KkkVxtPzRhCzHJeRKNx767q8Xcg.roa
Signing time: Tue 16 May 2023 20:20:17 +0000
ROA not before: Tue 16 May 2023 20:20:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 84.32.217.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:26:38:82:8d:3a:81:2f:5b:74:1c:5a:28:7e:ce:64:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 16 20:20:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a4915c6d3f34610b31c979128dc7bebbabc5dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e8:4f:0d:b2:ab:92:ed:84:3b:4d:a7:0d:3a:
f0:3e:f9:b6:8f:d7:b6:30:16:e3:b5:a7:e9:0b:a7:
62:64:1c:2a:40:d9:c6:bd:0e:d9:81:2f:5c:60:79:
26:9b:32:41:5d:ae:70:7e:39:15:09:19:83:86:c8:
36:fb:4f:72:96:8b:71:60:31:8e:4a:68:ff:e3:93:
01:6a:5f:b7:51:61:60:69:67:3a:43:e3:37:08:90:
fe:0c:e4:2c:b3:8c:70:62:8a:ed:a1:58:f8:0f:5d:
de:49:f0:be:f8:9c:7a:f9:fc:5f:ac:59:3e:b7:26:
00:1d:38:f6:21:e9:e4:33:00:2e:98:8c:50:96:c4:
42:44:8f:01:d7:72:0a:1a:84:0e:48:7e:d3:d0:48:
84:c9:0b:d6:4a:2b:38:20:86:d3:04:9b:17:a5:7b:
1b:0f:98:d8:3f:08:f0:bf:40:2f:e1:dc:4b:64:18:
f2:57:37:b4:dd:bf:af:3c:b4:19:07:fd:23:b4:f7:
da:fd:2c:95:c1:05:e5:20:35:e7:79:11:c3:a9:e9:
ae:96:83:47:ba:ce:a1:50:48:74:f9:45:0b:1b:95:
4c:24:27:e6:15:e2:bd:2f:ff:3e:02:5b:de:48:a4:
dd:a3:a5:e2:22:6b:ad:60:67:13:11:f8:b1:e2:34:
4d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:49:15:C6:D3:F3:46:10:B3:1C:97:91:28:DC:7B:EB:BA:BC:5D:C8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KkkVxtPzRhCzHJeRKNx767q8Xcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.157.0/24
84.32.217.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:94:ed:94:af:05:a8:03:85:45:70:c3:c9:1e:60:0f:fa:00:
79:c4:b5:ff:84:5a:b5:8c:fd:c9:5e:8d:56:76:ec:8e:f5:9a:
2e:fb:6f:ec:ed:7e:b0:64:ee:49:23:4d:dc:f7:6e:36:78:32:
2f:12:b7:ea:4c:8c:09:26:04:a0:63:d7:3b:b8:bf:d7:37:4a:
e9:cf:e4:01:9b:86:c5:58:75:70:29:9a:8d:0a:e8:a5:3e:db:
7a:4c:9a:9d:be:af:5a:9b:83:12:73:07:37:9c:d9:69:a9:42:
aa:e7:b6:a1:be:e2:d1:87:ec:66:e1:6d:cb:e5:a7:de:22:4e:
33:ce:c1:7d:eb:99:9f:93:2f:52:8e:a3:3e:57:56:86:b4:e2:
88:de:56:5d:f9:5e:76:80:d8:2f:85:24:f4:23:ce:9e:5f:d6:
b3:9e:4a:5c:28:52:ab:b9:fe:ce:da:4a:71:d5:b9:0c:b9:04:
41:3f:a2:ee:36:11:77:bc:d4:76:52:6f:c4:1d:87:ec:e0:1e:
81:a9:52:b0:ec:b4:7d:df:49:34:99:d9:c3:86:5f:f5:ad:ea:
d0:9a:56:93:73:79:25:04:de:93:01:af:17:78:33:66:70:25:
a1:c7:4c:61:4d:94:a4:27:49:71:0e:e0:4b:e5:9d:96:3e:c9:
36:ed:fd:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgmOIKNOoEvW3QcWih+zmQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTE2MjAyMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQ5MTVjNmQzZjM0NjEwYjMxYzk3OTEyOGRjN2JlYmJhYmM1ZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluhPDbKrku2EO02nDTrwPvm2j9e2
MBbjtafpC6diZBwqQNnGvQ7ZgS9cYHkmmzJBXa5wfjkVCRmDhsg2+09ylotxYDGO
Smj/45MBal+3UWFgaWc6Q+M3CJD+DOQss4xwYortoVj4D13eSfC++Jx6+fxfrFk+
tyYAHTj2IenkMwAumIxQlsRCRI8B13IKGoQOSH7T0EiEyQvWSis4IIbTBJsXpXsb
D5jYPwjwv0Av4dxLZBjyVze03b+vPLQZB/0jtPfa/SyVwQXlIDXneRHDqemuloNH
us6hUEh0+UULG5VMJCfmFeK9L/8+AlveSKTdo6XiImutYGcTEfix4jRNXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCpJFcbT80YQsxyXkSjce+u6vF3IMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvS2trVnh0UHpSaEN6SEplUktOeDc2N3E4WGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCCdAwQA
VCDZMA0GCSqGSIb3DQEBCwUAA4IBAQAdlO2UrwWoA4VFcMPJHmAP+gB5xLX/hFq1
jP3JXo1WduyO9Zou+2/s7X6wZO5JI03c9242eDIvErfqTIwJJgSgY9c7uL/XN0rp
z+QBm4bFWHVwKZqNCuilPtt6TJqdvq9am4MScwc3nNlpqUKq57ahvuLRh+xm4W3L
5afeIk4zzsF965mfky9SjqM+V1aGtOKI3lZd+V52gNgvhST0I86eX9aznkpcKFKr
uf7O2kpx1bkMuQRBP6LuNhF3vNR2Um/EHYfs4B6BqVKw7LR930k0mdnDhl/1rerQ
mlaTc3klBN6TAa8XeDNmcCWhx0xhTZSkJ0lxDuBL5Z2WPsk27f23
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org