Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PjO-cOX5asZLAPq4b54NQJNwM-M.roa
File: PjO-cOX5asZLAPq4b54NQJNwM-M.roa (raw, json)
Hash identifier: jF48nMZN8Byu0jcxJLaAL/2FNA3IFIynJxxGR6OZj4E=
Subject key identifier: 3E:33:BE:70:E5:F9:6A:C6:4B:00:FA:B8:6F:9E:0D:40:93:70:33:E3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01883FC6FB72110025A32023817D8B3D0AD6
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PjO-cOX5asZLAPq4b54NQJNwM-M.roa
Signing time: Sun 21 May 2023 19:26:25 +0000
ROA not before: Sun 21 May 2023 19:26:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12912
IP address blocks: 84.32.57.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jul 2023 05:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:3f:c6:fb:72:11:00:25:a3:20:23:81:7d:8b:3d:0a:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 21 19:26:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e33be70e5f96ac64b00fab86f9e0d40937033e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:08:ca:c0:85:e6:81:72:ef:bf:8c:1e:2a:91:
6d:f9:5c:fd:ab:07:88:5e:f4:95:e0:2a:1a:45:5f:
f6:b5:e2:bd:94:0e:28:8b:57:aa:d6:4e:f6:19:e0:
f1:a5:f8:3c:88:b3:fc:67:c9:a5:3e:31:70:ff:66:
87:b7:e7:0d:07:d6:45:66:51:1a:71:ed:d7:f4:a1:
a9:be:15:03:6e:0a:df:0a:39:5f:d5:94:a4:94:cf:
43:c4:8e:78:32:39:d8:c9:fe:33:30:dd:71:ff:8c:
bb:f8:d2:f5:e0:2b:ad:c1:06:27:49:0e:8f:18:df:
db:ac:24:fa:1b:86:79:5e:b0:37:3e:d8:ca:60:ea:
17:4e:9c:a4:b4:56:b1:ff:31:13:ed:74:67:65:e3:
16:de:d2:3a:c6:97:4e:c5:61:61:9d:e3:08:53:bd:
b8:00:4b:fb:f0:86:5d:21:69:09:f8:14:a3:8f:32:
48:bd:04:60:28:00:80:18:ca:db:ac:af:11:5a:4f:
10:44:4d:bd:63:04:55:65:01:49:da:5c:a1:2c:85:
1f:80:6c:2f:57:cc:13:32:5d:df:e2:e5:c8:1e:60:
7e:ca:43:fc:51:7b:b8:52:52:82:c5:9f:db:58:2f:
7d:ce:87:e5:8f:2b:c0:e9:c4:c1:a4:fc:ce:47:08:
d5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:33:BE:70:E5:F9:6A:C6:4B:00:FA:B8:6F:9E:0D:40:93:70:33:E3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PjO-cOX5asZLAPq4b54NQJNwM-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.39.0/24
84.32.57.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:f7:da:39:df:52:a6:6c:1e:dd:69:af:72:7e:ce:b7:93:ca:
a4:a4:70:79:89:00:2b:1f:ab:8e:c5:7a:ac:ef:ae:e5:55:37:
1f:f4:63:de:56:c0:ab:6b:74:19:8d:2e:7e:95:de:17:f4:8e:
a0:1b:b9:43:01:dc:26:58:a2:69:6a:9b:bd:1b:68:bc:6f:4e:
f2:46:e8:ea:0e:4c:76:87:4b:3f:52:be:fa:e5:e7:58:63:c8:
d8:82:7d:8c:a0:da:66:6e:43:30:cd:f3:05:52:61:18:78:4a:
64:bf:8d:e4:85:e3:63:1b:67:d0:41:77:11:5f:f7:ef:c6:71:
db:36:8d:45:e5:d7:a7:02:76:a2:03:0b:18:b4:03:89:9b:ce:
1c:1d:0e:2a:6f:4a:4b:9f:3d:8f:21:a4:8b:cf:aa:ab:37:54:
1f:f5:2d:e8:b0:45:48:84:27:a6:76:37:90:3a:75:be:3b:b9:
a9:68:35:4f:6a:97:9c:5d:d4:0e:65:a9:29:34:ec:82:6e:ea:
b8:22:08:e8:3b:48:60:af:5d:58:ae:a6:5d:c0:25:f1:bc:8f:
07:e3:d8:e0:42:8d:a7:f7:d2:e7:da:cb:fc:8c:51:23:f2:74:
e1:cd:95:1c:d7:25:45:7d:1b:1b:0b:aa:2b:34:43:eb:1a:70:
9c:9e:bc:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYg/xvtyEQAloyAjgX2LPQrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTIxMTkyNjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTMzYmU3MGU1Zjk2YWM2NGIwMGZhYjg2ZjllMGQ0MDkzNzAzM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wjKwIXmgXLvv4weKpFt+Vz9qweI
XvSV4CoaRV/2teK9lA4oi1eq1k72GeDxpfg8iLP8Z8mlPjFw/2aHt+cNB9ZFZlEa
ce3X9KGpvhUDbgrfCjlf1ZSklM9DxI54MjnYyf4zMN1x/4y7+NL14CutwQYnSQ6P
GN/brCT6G4Z5XrA3PtjKYOoXTpyktFax/zET7XRnZeMW3tI6xpdOxWFhneMIU724
AEv78IZdIWkJ+BSjjzJIvQRgKACAGMrbrK8RWk8QRE29YwRVZQFJ2lyhLIUfgGwv
V8wTMl3f4uXIHmB+ykP8UXu4UlKCxZ/bWC99zofljyvA6cTBpPzORwjVIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD4zvnDl+WrGSwD6uG+eDUCTcDPjMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUGpPLWNPWDVhc1pMQVBxNGI1NE5RSk53TS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAnAwQA
VCA5MA0GCSqGSIb3DQEBCwUAA4IBAQBd99o531KmbB7daa9yfs63k8qkpHB5iQAr
H6uOxXqs767lVTcf9GPeVsCra3QZjS5+ld4X9I6gG7lDAdwmWKJpapu9G2i8b07y
RujqDkx2h0s/Ur765edYY8jYgn2MoNpmbkMwzfMFUmEYeEpkv43kheNjG2fQQXcR
X/fvxnHbNo1F5denAnaiAwsYtAOJm84cHQ4qb0pLnz2PIaSLz6qrN1Qf9S3osEVI
hCemdjeQOnW+O7mpaDVPapecXdQOZakpNOyCbuq4IgjoO0hgr11YrqZdwCXxvI8H
49jgQo2n99Ln2sv8jFEj8nThzZUc1yVFfRsbC6orNEPrGnCcnryi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org