Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OykN1Oprc4r9b3zcqPgfhJra6h8.roa
File: OykN1Oprc4r9b3zcqPgfhJra6h8.roa (raw, json)
Hash identifier: GqwdpzVBrMB25IYojf8xd3WoMT7V+AsmHAAN53G60tQ=
Subject key identifier: 3B:29:0D:D4:EA:6B:73:8A:FD:6F:7C:DC:A8:F8:1F:84:9A:DA:EA:1F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0189B4AC496BE6334C68DD95C03CA2DCD7CE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OykN1Oprc4r9b3zcqPgfhJra6h8.roa
Signing time: Wed 02 Aug 2023 05:15:37 +0000
ROA not before: Wed 02 Aug 2023 05:15:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 84.32.56.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Sep 2023 06:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b4:ac:49:6b:e6:33:4c:68:dd:95:c0:3c:a2:dc:d7:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 2 05:15:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b290dd4ea6b738afd6f7cdca8f81f849adaea1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7c:e5:de:d0:63:4e:a1:13:b5:a1:77:ef:57:
b5:9f:db:33:40:08:26:7e:4b:45:ce:52:91:55:0f:
d0:84:ab:15:80:e7:96:b1:ae:57:38:d9:65:fd:12:
a3:a7:fa:f1:75:21:6d:7d:19:0b:b7:27:7a:29:70:
8d:f6:62:f1:4f:ad:db:e6:f2:09:ec:9c:21:57:56:
82:cd:4d:fe:85:9f:ce:6b:55:c9:25:e6:18:51:2b:
76:05:16:a5:d6:87:1d:32:c2:22:03:5d:c1:a3:33:
cb:2d:f6:f2:a8:42:d5:9b:ad:87:86:46:b8:83:7d:
4f:80:c1:40:19:81:ae:a3:43:c0:ba:65:20:5d:72:
d7:16:b5:d6:35:d4:ca:9e:b9:75:77:ea:56:47:18:
75:aa:ab:40:bb:a0:30:d0:83:a3:8b:50:55:b5:4c:
f1:4b:38:c6:e9:22:9a:f2:9e:99:95:6b:79:2f:55:
5b:42:fe:10:00:97:b2:58:29:e1:b9:94:92:e5:a2:
d6:9e:16:39:55:b5:11:44:ad:98:69:d4:83:c9:36:
8f:11:ca:d8:e3:ae:0a:11:0c:64:c9:d9:5c:bf:e4:
04:13:56:7f:71:19:e2:00:f8:e3:88:e0:13:3c:41:
0d:c6:d0:f4:b7:a2:8c:1f:79:35:82:ec:87:8c:80:
2f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:29:0D:D4:EA:6B:73:8A:FD:6F:7C:DC:A8:F8:1F:84:9A:DA:EA:1F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OykN1Oprc4r9b3zcqPgfhJra6h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.42.0/24
84.32.56.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:8e:8e:7d:23:1a:7a:ea:ab:fd:3b:11:e4:ae:97:34:72:6f:
78:47:03:10:9a:48:70:95:3d:54:de:53:a1:00:61:a0:3f:e5:
42:b5:9f:63:5d:e6:54:79:f4:48:e1:4c:73:49:fb:ae:29:12:
0b:9d:1d:7e:6c:80:c1:c3:28:c6:d4:a0:8c:4f:9b:dd:7a:b6:
db:d1:0b:af:c5:6b:8b:54:38:ed:b1:68:cc:30:40:33:cf:13:
6b:57:8a:24:69:7c:2b:2c:8d:26:78:6b:95:c0:c3:80:a2:08:
8e:e0:22:9e:fe:77:d5:ce:0b:dc:58:19:2e:b4:1a:10:2d:d0:
63:04:e1:76:e8:1b:19:8b:db:dd:09:32:ba:f3:3a:01:40:76:
a5:c8:14:ba:24:4c:1f:d4:fb:fe:c7:d9:38:4a:92:c5:cd:a3:
66:2c:36:64:d3:01:a4:d4:a6:cc:24:d4:da:15:53:c3:6b:5f:
49:27:ed:4a:4a:12:cc:33:58:51:c3:a8:3e:21:e4:44:c7:cd:
fe:91:fe:da:f1:0a:91:ad:cb:a9:74:2e:ec:dc:5c:b0:cc:7a:
9a:14:46:8f:df:30:de:c2:46:cd:0c:32:d4:d1:0a:fe:92:3e:
3d:c1:27:b5:36:50:15:b9:d0:a5:20:b1:61:94:8b:09:37:3c:
9f:f7:74:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm0rElr5jNMaN2VwDyi3NfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwODAyMDUxNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI5MGRkNGVhNmI3MzhhZmQ2ZjdjZGNhOGY4MWY4NDlhZGFlYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHzl3tBjTqETtaF371e1n9szQAgm
fktFzlKRVQ/QhKsVgOeWsa5XONll/RKjp/rxdSFtfRkLtyd6KXCN9mLxT63b5vIJ
7JwhV1aCzU3+hZ/Oa1XJJeYYUSt2BRal1ocdMsIiA13BozPLLfbyqELVm62Hhka4
g31PgMFAGYGuo0PAumUgXXLXFrXWNdTKnrl1d+pWRxh1qqtAu6Aw0IOji1BVtUzx
SzjG6SKa8p6ZlWt5L1VbQv4QAJeyWCnhuZSS5aLWnhY5VbURRK2YadSDyTaPEcrY
464KEQxkydlcv+QEE1Z/cRniAPjjiOATPEENxtD0t6KMH3k1guyHjIAvPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDspDdTqa3OK/W983Kj4H4Sa2uofMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvT3lrTjFPcHJjNHI5YjN6Y3FQZ2ZoSnJhNmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAqAwQA
VCA4MA0GCSqGSIb3DQEBCwUAA4IBAQBLjo59Ixp66qv9OxHkrpc0cm94RwMQmkhw
lT1U3lOhAGGgP+VCtZ9jXeZUefRI4UxzSfuuKRILnR1+bIDBwyjG1KCMT5vderbb
0QuvxWuLVDjtsWjMMEAzzxNrV4okaXwrLI0meGuVwMOAogiO4CKe/nfVzgvcWBku
tBoQLdBjBOF26BsZi9vdCTK68zoBQHalyBS6JEwf1Pv+x9k4SpLFzaNmLDZk0wGk
1KbMJNTaFVPDa19JJ+1KShLMM1hRw6g+IeREx83+kf7a8QqRrcupdC7s3FywzHqa
FEaP3zDewkbNDDLU0Qr+kj49wSe1NlAVudClILFhlIsJNzyf93QH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org