Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LvN3xX2GdprE5nvmfPog3l1BLJ8.roa
File: LvN3xX2GdprE5nvmfPog3l1BLJ8.roa (raw, json)
Hash identifier: GTlxUOWBqQ/XOX2KawbI29JwwXNzofYxv7IxQgO+gRI=
Subject key identifier: 2E:F3:77:C5:7D:86:76:9A:C4:E6:7B:E6:7C:FA:20:DE:5D:41:2C:9F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01892080ACE499AAE763DA2E5F0605C0B05E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LvN3xX2GdprE5nvmfPog3l1BLJ8.roa
Signing time: Tue 04 Jul 2023 10:44:11 +0000
ROA not before: Tue 04 Jul 2023 10:44:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43043
IP address blocks: 84.32.61.0/24 maxlen: 24
84.32.107.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jul 2023 06:34:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:80:ac:e4:99:aa:e7:63:da:2e:5f:06:05:c0:b0:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 4 10:44:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ef377c57d86769ac4e67be67cfa20de5d412c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f2:53:02:5b:ee:48:d7:ed:7b:ce:0c:e3:d3:
c9:58:6f:28:35:88:25:2f:78:79:14:72:ae:75:80:
42:12:56:f8:57:22:64:1e:fd:8b:50:99:79:ef:02:
4c:d4:6a:ae:4a:6f:82:1d:6f:5a:f1:9c:12:ae:e8:
11:37:39:00:14:f8:ae:e1:6a:59:f5:c2:70:ed:6b:
76:71:1b:ce:8c:c8:05:89:c6:5d:ed:b3:34:44:59:
35:0d:2b:52:49:78:e7:d7:f1:ec:54:2f:ba:43:5c:
a0:fc:b7:f2:03:13:fb:67:5e:42:ee:79:45:0f:24:
b2:9d:2f:da:37:f2:d0:64:e2:86:7c:8d:b1:61:50:
38:3b:51:2b:e2:c8:dd:b5:b6:3f:9e:f1:db:ed:e2:
7a:7f:26:6e:52:4f:60:97:24:56:5e:9f:84:2e:31:
d9:2f:c8:17:d4:5c:de:d8:5d:98:60:06:c2:a4:3b:
ad:43:59:35:de:f2:d1:77:fb:a3:6c:b2:f0:c9:06:
75:02:1f:82:f6:02:0b:7a:37:1f:52:ee:0d:68:58:
e3:22:35:b3:6b:37:85:db:16:1d:f0:82:c4:db:f5:
4e:d8:89:98:65:98:87:e2:cc:15:72:14:4f:a4:01:
98:0d:0e:55:f1:c0:fa:3b:41:74:7f:4f:20:11:0b:
7c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:F3:77:C5:7D:86:76:9A:C4:E6:7B:E6:7C:FA:20:DE:5D:41:2C:9F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LvN3xX2GdprE5nvmfPog3l1BLJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.46.0/24
84.32.61.0/24
84.32.107.0/24
Signature Algorithm: sha256WithRSAEncryption
67:8d:59:bd:a9:dd:42:33:c9:cc:83:02:c1:ff:7f:23:dd:52:
03:ff:7f:b7:26:bf:dd:45:30:a1:46:e5:59:d7:77:9c:34:b0:
12:2f:df:42:7c:23:49:4f:9c:ca:4a:af:38:3b:15:e0:60:15:
c6:d3:16:c1:e6:1a:ca:1c:b9:88:48:c7:c0:8c:db:6e:54:e4:
6c:99:7d:30:61:bd:50:d6:97:c3:00:3c:5b:35:aa:08:cf:b3:
c4:9e:3e:42:c9:25:b8:11:6b:0c:bd:1a:f8:fc:ef:36:32:fa:
15:79:da:b6:8c:71:6e:ef:d2:c5:f1:20:be:ee:ac:e0:18:e6:
d1:ed:6a:b0:1c:9d:10:69:83:92:a2:25:34:a2:f9:2d:f1:3f:
63:75:1c:e9:83:1f:09:36:62:cf:bb:ba:c8:49:25:79:75:bc:
65:a7:31:2e:d7:b5:d5:71:10:00:08:c6:c2:a7:39:2a:40:29:
ec:92:1f:fb:5e:8a:ee:7a:14:bc:72:dc:1e:84:c8:6a:f9:88:
ec:54:e4:1c:bf:93:51:6d:62:5e:74:74:05:bb:aa:c4:64:03:
0b:d8:a1:94:91:46:4c:87:cc:e6:c6:87:42:28:23:35:de:39:
d9:f3:7d:43:fe:71:1f:0c:ff:13:5f:91:70:2b:20:bd:8b:05:
40:2b:0f:95
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkggKzkmarnY9ouXwYFwLBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNzA0MTA0NDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWYzNzdjNTdkODY3NjlhYzRlNjdiZTY3Y2ZhMjBkZTVkNDEyYzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPJTAlvuSNfte84M49PJWG8oNYgl
L3h5FHKudYBCElb4VyJkHv2LUJl57wJM1GquSm+CHW9a8ZwSrugRNzkAFPiu4WpZ
9cJw7Wt2cRvOjMgFicZd7bM0RFk1DStSSXjn1/HsVC+6Q1yg/LfyAxP7Z15C7nlF
DySynS/aN/LQZOKGfI2xYVA4O1Er4sjdtbY/nvHb7eJ6fyZuUk9glyRWXp+ELjHZ
L8gX1Fze2F2YYAbCpDutQ1k13vLRd/ujbLLwyQZ1Ah+C9gILejcfUu4NaFjjIjWz
azeF2xYd8ILE2/VO2ImYZZiH4swVchRPpAGYDQ5V8cD6O0F0f08gEQt8TQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC7zd8V9hnaaxOZ75nz6IN5dQSyfMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTHZOM3hYMkdkcHJFNW52bWZQb2czbDFCTEo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAuAwQA
VCA9AwQAVCBrMA0GCSqGSIb3DQEBCwUAA4IBAQBnjVm9qd1CM8nMgwLB/38j3VID
/3+3Jr/dRTChRuVZ13ecNLASL99CfCNJT5zKSq84OxXgYBXG0xbB5hrKHLmISMfA
jNtuVORsmX0wYb1Q1pfDADxbNaoIz7PEnj5CySW4EWsMvRr4/O82MvoVedq2jHFu
79LF8SC+7qzgGObR7WqwHJ0QaYOSoiU0ovkt8T9jdRzpgx8JNmLPu7rISSV5dbxl
pzEu17XVcRAACMbCpzkqQCnskh/7XoruehS8ctwehMhq+YjsVOQcv5NRbWJedHQF
u6rEZAML2KGUkUZMh8zmxodCKCM13jnZ831D/nEfDP8TX5FwKyC9iwVAKw+V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org