Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MrCnJR0F8M2ypAVQV4jRZAMIZcY.roa
File: MrCnJR0F8M2ypAVQV4jRZAMIZcY.roa (raw, json)
Hash identifier: 0J53UM7odQ6+cRjbqfyEOyFfA5fi305pceKoM+pRBWo=
Subject key identifier: 32:B0:A7:25:1D:05:F0:CD:B2:A4:05:50:57:88:D1:64:03:08:65:C6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018729D617F4B878618300E26A33241C62E7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MrCnJR0F8M2ypAVQV4jRZAMIZcY.roa
Signing time: Tue 28 Mar 2023 20:08:29 +0000
ROA not before: Tue 28 Mar 2023 20:08:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212669
IP address blocks: 84.32.86.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 May 2023 07:40:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:29:d6:17:f4:b8:78:61:83:00:e2:6a:33:24:1c:62:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 28 20:08:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32b0a7251d05f0cdb2a405505788d164030865c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:55:63:e2:37:fd:ec:2a:32:06:b9:f5:36:1d:
41:62:66:9c:3f:06:c9:db:3c:5d:ea:ee:db:f9:3e:
65:c2:1e:ca:1b:8e:8d:19:bb:65:95:cd:83:af:64:
d2:b1:3b:f6:67:f2:f9:cf:53:b0:bc:9f:d6:45:ec:
88:e4:f1:e5:9f:65:a6:1a:c1:93:f9:81:9f:b8:b4:
85:36:f9:30:40:40:dc:fc:64:9d:07:43:bf:3f:40:
79:54:d2:ca:34:62:24:16:a0:34:4f:fc:d7:6d:6b:
93:6a:ba:db:7b:aa:41:b2:54:5d:cd:62:53:11:b2:
e4:39:07:ab:84:02:3d:49:36:03:01:e6:df:5c:b4:
bf:74:0d:88:c1:e3:63:8d:4f:0b:39:03:3f:d6:b0:
ae:96:b6:21:9f:6c:13:fd:7d:e7:7b:af:16:d7:a1:
5a:17:77:59:fe:71:97:81:9f:a3:0f:9d:6b:05:c4:
1b:65:6b:a7:13:d6:2f:9d:ec:ab:fd:8e:1a:d0:b4:
66:60:10:50:fb:9e:55:b0:98:ea:c4:16:dd:63:d8:
1d:c2:f2:b3:f6:ad:3b:12:a1:c4:c3:e4:3d:1c:35:
ea:fe:7f:c8:00:45:29:cf:d8:e1:df:53:6d:3e:41:
a1:bd:47:f1:12:cf:e8:da:d7:c8:b9:eb:17:ab:1f:
1c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B0:A7:25:1D:05:F0:CD:B2:A4:05:50:57:88:D1:64:03:08:65:C6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MrCnJR0F8M2ypAVQV4jRZAMIZcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.86.0/24
84.32.227.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:f4:6c:5b:1b:82:73:cb:cb:c3:7d:e1:89:3e:f4:d4:22:19:
ac:25:7a:6b:38:99:35:ad:ed:85:19:d2:0d:08:14:85:e0:3c:
be:7d:3a:79:57:ea:44:d6:4c:39:47:a6:87:97:b7:3e:a0:4b:
a4:1f:d0:e7:8f:3e:96:10:84:ce:7f:27:8d:ab:37:5c:20:e1:
23:60:7f:78:01:96:c3:d5:21:f2:bc:6e:c1:59:d6:87:f7:45:
ef:25:0b:ef:70:5b:2a:43:1a:a1:5b:31:02:8b:74:21:69:36:
a4:6b:71:ac:b9:83:55:23:a7:9d:c4:9f:fc:a3:2a:99:10:18:
75:49:cb:af:ad:00:de:f9:bf:3f:86:76:c2:8b:6d:b3:71:ce:
cb:d7:c3:f6:6d:35:bb:62:4d:ba:e6:ea:e2:78:5b:9d:37:f7:
87:ce:6b:eb:70:92:90:4f:ec:ac:db:fb:42:13:cf:7e:4f:a1:
75:be:4e:a1:93:73:df:ee:d2:52:f0:30:5b:55:62:89:0c:5f:
61:e2:63:6e:66:e2:a2:07:cb:9f:0f:46:7f:8c:6e:f0:df:14:
69:a2:2d:92:c7:30:00:14:dc:48:c3:0f:8a:a8:fe:90:f4:a7:
ab:25:5c:80:0e:9c:2f:27:5a:d7:06:d1:30:69:5b:2d:42:07:
1d:74:4c:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcp1hf0uHhhgwDiajMkHGLnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzI4MjAwODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmIwYTcyNTFkMDVmMGNkYjJhNDA1NTA1Nzg4ZDE2NDAzMDg2NWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1Vj4jf97CoyBrn1Nh1BYmacPwbJ
2zxd6u7b+T5lwh7KG46NGbtllc2Dr2TSsTv2Z/L5z1OwvJ/WReyI5PHln2WmGsGT
+YGfuLSFNvkwQEDc/GSdB0O/P0B5VNLKNGIkFqA0T/zXbWuTarrbe6pBslRdzWJT
EbLkOQerhAI9STYDAebfXLS/dA2IweNjjU8LOQM/1rCulrYhn2wT/X3ne68W16Fa
F3dZ/nGXgZ+jD51rBcQbZWunE9Yvneyr/Y4a0LRmYBBQ+55VsJjqxBbdY9gdwvKz
9q07EqHEw+Q9HDXq/n/IAEUpz9jh31NtPkGhvUfxEs/o2tfIuesXqx8cMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDKwpyUdBfDNsqQFUFeI0WQDCGXGMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTXJDbkpSMEY4TTJ5cEFWUVY0alJaQU1JWmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCBWAwQA
VCDjMA0GCSqGSIb3DQEBCwUAA4IBAQAf9GxbG4Jzy8vDfeGJPvTUIhmsJXprOJk1
re2FGdINCBSF4Dy+fTp5V+pE1kw5R6aHl7c+oEukH9Dnjz6WEITOfyeNqzdcIOEj
YH94AZbD1SHyvG7BWdaH90XvJQvvcFsqQxqhWzECi3QhaTaka3GsuYNVI6edxJ/8
oyqZEBh1ScuvrQDe+b8/hnbCi22zcc7L18P2bTW7Yk265urieFudN/eHzmvrcJKQ
T+ys2/tCE89+T6F1vk6hk3Pf7tJS8DBbVWKJDF9h4mNuZuKiB8ufD0Z/jG7w3xRp
oi2SxzAAFNxIww+KqP6Q9KerJVyADpwvJ1rXBtEwaVstQgcddExw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org