Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MvFw1CRGNAC6TBq1ALhs9GHxkBk.roa
File: MvFw1CRGNAC6TBq1ALhs9GHxkBk.roa (raw, json)
Hash identifier: 0BJbH/m65JH25/kLl2pmmM6esw6y2ztWjpSbovWjxUQ=
Subject key identifier: 32:F1:70:D4:24:46:34:00:BA:4C:1A:B5:00:B8:6C:F4:61:F1:90:19
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFC5B6DFD09C4BC352D76BF46165FC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MvFw1CRGNAC6TBq1ALhs9GHxkBk.roa
Signing time: Sun 01 Jan 2023 18:54:51 +0000
ROA not before: Sun 01 Jan 2023 18:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140947
IP address blocks: 84.32.61.0/24 maxlen: 24
84.32.9.0/24 maxlen: 24
84.32.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Jan 2023 21:13:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:c5:b6:df:d0:9c:4b:c3:52:d7:6b:f4:61:65:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32f170d424463400ba4c1ab500b86cf461f19019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fd:27:61:45:ad:ab:b3:e9:35:3c:1e:89:13:
85:0f:a1:5d:02:c0:e7:d5:74:78:c4:6d:e4:01:65:
be:69:bb:7e:de:29:54:d5:c7:10:95:c8:7b:45:6f:
b0:87:f6:a4:a1:0b:f6:87:27:e3:54:40:5d:e1:a8:
8f:3d:e8:65:da:2d:6e:49:66:20:59:38:9d:65:06:
e9:ec:b6:f2:7a:2a:66:52:85:6d:aa:66:79:aa:33:
0f:24:b2:e2:30:2f:58:61:bd:f2:13:8a:be:22:3a:
c8:dd:c0:8a:4c:0f:a4:39:e2:4d:40:af:8f:b0:bc:
cb:b0:dc:19:97:f2:ee:82:fc:ef:ca:d8:99:3f:21:
76:09:db:09:31:64:0b:c1:dc:94:b9:62:f6:09:21:
03:b0:57:89:2d:58:ea:b5:28:e1:73:0b:2a:37:42:
8d:f4:52:70:c4:31:72:97:40:cb:2b:df:29:b9:b1:
6f:0c:3f:1c:2d:62:59:bc:e0:8d:f1:db:ce:1d:47:
86:90:81:08:e8:25:4f:69:b6:79:d4:12:ef:9a:82:
74:b0:5d:68:64:cf:7d:ba:26:ff:25:12:56:54:1f:
95:7e:a9:98:4f:14:d3:1a:21:36:f8:e0:99:ec:68:
1e:90:d3:3e:a3:bb:1c:ef:22:01:cf:8f:a7:cc:36:
45:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F1:70:D4:24:46:34:00:BA:4C:1A:B5:00:B8:6C:F4:61:F1:90:19
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MvFw1CRGNAC6TBq1ALhs9GHxkBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.9.0/24
84.32.11.0/24
84.32.61.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:3f:13:56:af:25:6e:99:37:01:49:d7:f6:2a:a8:ad:85:ac:
f4:76:9d:97:28:75:7c:fa:ed:3a:ae:aa:fc:2b:e5:bf:24:c9:
81:a1:c6:1a:19:10:56:7f:18:0d:91:cc:ad:da:dd:3c:7a:b5:
bf:35:9c:97:c4:c9:b3:45:43:cf:f8:a8:7d:41:19:f5:0d:d9:
2f:2c:6c:d9:e6:0d:09:90:3a:4a:0a:6f:5e:5f:14:ba:9d:ba:
cb:d5:3e:3a:2b:2c:2a:66:a7:9a:0f:b4:4b:91:e6:9f:a5:0b:
02:09:8f:c9:d4:d0:8e:54:7e:8f:ba:bd:c2:2f:e7:b4:c4:79:
cd:97:93:e2:2a:11:ea:60:40:5c:0b:3a:6f:bf:6d:12:13:b4:
5c:0e:ba:31:2d:78:c3:0d:bf:f5:c7:a4:16:a4:eb:5d:3d:23:
ec:e8:22:34:8d:86:e3:7a:af:dd:8f:a9:e6:2e:36:5f:71:b8:
54:9e:71:61:c5:d4:95:f8:4f:29:46:39:51:43:44:a3:96:33:
5a:96:cb:6d:12:e8:d3:6a:87:c1:e7:30:d9:a0:9d:f4:f1:92:
bb:c2:4e:16:61:ef:e6:86:95:6b:f6:d3:fa:5d:46:8d:0f:33:
4a:36:2d:68:e2:98:40:f4:b5:00:78:cb:d0:52:70:6b:a7:0c:
74:e1:2c:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVur8W239CcS8NS12v0YWX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmYxNzBkNDI0NDYzNDAwYmE0YzFhYjUwMGI4NmNmNDYxZjE5MDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv0nYUWtq7PpNTweiROFD6FdAsDn
1XR4xG3kAWW+abt+3ilU1ccQlch7RW+wh/akoQv2hyfjVEBd4aiPPehl2i1uSWYg
WTidZQbp7LbyeipmUoVtqmZ5qjMPJLLiMC9YYb3yE4q+IjrI3cCKTA+kOeJNQK+P
sLzLsNwZl/LugvzvytiZPyF2CdsJMWQLwdyUuWL2CSEDsFeJLVjqtSjhcwsqN0KN
9FJwxDFyl0DLK98pubFvDD8cLWJZvOCN8dvOHUeGkIEI6CVPabZ51BLvmoJ0sF1o
ZM99uib/JRJWVB+VfqmYTxTTGiE2+OCZ7GgekNM+o7sc7yIBz4+nzDZFOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDLxcNQkRjQAukwatQC4bPRh8ZAZMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTXZGdzFDUkdOQUM2VEJxMUFMaHM5R0h4a0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAJAwQA
VCALAwQAVCA9MA0GCSqGSIb3DQEBCwUAA4IBAQBNPxNWryVumTcBSdf2Kqithaz0
dp2XKHV8+u06rqr8K+W/JMmBocYaGRBWfxgNkcyt2t08erW/NZyXxMmzRUPP+Kh9
QRn1DdkvLGzZ5g0JkDpKCm9eXxS6nbrL1T46KywqZqeaD7RLkeafpQsCCY/J1NCO
VH6Pur3CL+e0xHnNl5PiKhHqYEBcCzpvv20SE7RcDroxLXjDDb/1x6QWpOtdPSPs
6CI0jYbjeq/dj6nmLjZfcbhUnnFhxdSV+E8pRjlRQ0SjljNalsttEujTaofB5zDZ
oJ308ZK7wk4WYe/mhpVr9tP6XUaNDzNKNi1o4phA9LUAeMvQUnBrpwx04SwE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org