Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QAv7MsM9VucD-IMqgXbasLJlJOc.roa
File: QAv7MsM9VucD-IMqgXbasLJlJOc.roa (raw, json)
Hash identifier: HmRZBPdcBZdrbt1oiB5GuZB47x7Su40I+Vy2jzAy4yw=
Subject key identifier: 40:0B:FB:32:C3:3D:56:E7:03:F8:83:2A:81:76:DA:B0:B2:65:24:E7
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018A08131C7E66E0B5B4AD5483CF5A62574E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QAv7MsM9VucD-IMqgXbasLJlJOc.roa
Signing time: Fri 18 Aug 2023 09:56:24 +0000
ROA not before: Fri 18 Aug 2023 09:56:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 84.32.44.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:13:1c:7e:66:e0:b5:b4:ad:54:83:cf:5a:62:57:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 18 09:56:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=400bfb32c33d56e703f8832a8176dab0b26524e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b2:6b:7d:1d:b5:c2:8e:d3:4f:12:5b:3c:2a:
50:2f:b2:a6:82:4b:c9:5d:d3:13:7c:31:e8:cd:e7:
50:24:ef:0b:71:52:f7:bf:55:d6:9f:1d:0d:cb:0e:
b4:fd:26:84:2a:5b:47:51:df:aa:0e:29:ad:68:14:
bf:a6:d3:33:91:56:41:8b:33:81:08:7c:17:f0:86:
7f:5f:1d:f2:e4:8b:00:ba:0a:7f:25:31:2f:3f:92:
42:1e:39:42:e4:2a:7b:bd:38:ed:35:c2:4b:9e:2e:
7b:3e:4a:44:22:38:7f:8b:04:8e:d1:d7:e1:0a:74:
6c:34:12:ac:09:8a:53:ea:bb:15:9d:8e:ea:78:62:
06:68:45:f9:40:9b:50:f2:86:17:04:f1:84:39:21:
a6:1f:b0:0d:e9:32:7f:3b:92:da:03:cc:31:14:79:
f6:5a:06:da:c6:32:8c:f8:44:87:11:33:b3:cd:2b:
e1:d7:7e:a6:ec:79:aa:77:1c:03:e1:e4:b9:ad:c7:
80:c5:28:9f:98:b4:47:c3:a4:14:cd:14:9e:c0:c4:
c0:51:fb:c3:7b:14:06:31:7e:8e:02:e7:00:e8:47:
bf:65:47:8f:65:e6:79:26:e9:42:58:65:69:80:74:
0f:88:54:b0:c3:93:3c:2f:c2:c5:91:fa:f9:23:06:
f3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:0B:FB:32:C3:3D:56:E7:03:F8:83:2A:81:76:DA:B0:B2:65:24:E7
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QAv7MsM9VucD-IMqgXbasLJlJOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.44.0/24
84.32.47.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:5c:f1:3a:e3:97:94:1c:45:bf:a1:a2:55:b8:46:2f:40:ad:
21:1c:ac:6e:23:48:61:63:32:4d:91:84:56:da:e7:a5:ee:ac:
cf:6c:2d:d7:a3:7b:cb:fc:ab:d7:cf:31:97:01:d7:a2:1d:03:
7e:66:df:99:bf:bf:f0:b2:d7:db:02:e3:3c:63:10:d4:f1:14:
7e:7b:b8:48:fc:0c:d2:d1:6f:a3:4f:7f:70:35:5a:aa:4e:fe:
1f:dc:1f:30:8e:74:17:e1:5e:cd:fe:84:f2:d8:c0:26:f1:9a:
7e:40:98:d5:17:35:b3:d2:a6:44:56:5d:6b:8b:e3:ca:25:55:
c8:f4:01:90:b1:56:89:0d:0d:47:58:e0:f3:fd:8d:b3:83:77:
88:fd:10:ca:cb:5b:81:1e:3f:65:78:cd:0a:be:04:94:7e:c0:
de:55:a6:f2:5c:5e:28:b0:87:6c:a7:76:6f:46:b2:f0:b1:e6:
d2:9c:3b:3f:7b:53:8f:e1:61:d5:df:07:af:bd:e7:37:33:0e:
0c:a2:a3:a0:42:1e:19:bd:29:26:c8:19:8b:86:98:84:9a:79:
ef:29:e7:5e:e0:ba:a2:58:eb:4c:a4:f5:bb:b3:cb:8e:75:a0:
0f:2d:64:42:02:27:ad:f7:51:b7:ed:e4:d2:aa:9f:d4:59:ff:
ce:63:bb:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoIExx+ZuC1tK1Ug89aYldOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwODE4MDk1NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDBiZmIzMmMzM2Q1NmU3MDNmODgzMmE4MTc2ZGFiMGIyNjUyNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLJrfR21wo7TTxJbPCpQL7KmgkvJ
XdMTfDHozedQJO8LcVL3v1XWnx0Nyw60/SaEKltHUd+qDimtaBS/ptMzkVZBizOB
CHwX8IZ/Xx3y5IsAugp/JTEvP5JCHjlC5Cp7vTjtNcJLni57PkpEIjh/iwSO0dfh
CnRsNBKsCYpT6rsVnY7qeGIGaEX5QJtQ8oYXBPGEOSGmH7AN6TJ/O5LaA8wxFHn2
WgbaxjKM+ESHETOzzSvh136m7HmqdxwD4eS5rceAxSifmLRHw6QUzRSewMTAUfvD
exQGMX6OAucA6Ee/ZUePZeZ5JulCWGVpgHQPiFSww5M8L8LFkfr5IwbzewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEAL+zLDPVbnA/iDKoF22rCyZSTnMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUUF2N01zTTlWdWNELUlNcWdYYmFzTEpsSk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAsAwQA
VCAvMA0GCSqGSIb3DQEBCwUAA4IBAQCeXPE645eUHEW/oaJVuEYvQK0hHKxuI0hh
YzJNkYRW2uel7qzPbC3Xo3vL/KvXzzGXAdeiHQN+Zt+Zv7/wstfbAuM8YxDU8RR+
e7hI/AzS0W+jT39wNVqqTv4f3B8wjnQX4V7N/oTy2MAm8Zp+QJjVFzWz0qZEVl1r
i+PKJVXI9AGQsVaJDQ1HWODz/Y2zg3eI/RDKy1uBHj9leM0KvgSUfsDeVabyXF4o
sIdsp3ZvRrLwsebSnDs/e1OP4WHV3wevvec3Mw4MoqOgQh4ZvSkmyBmLhpiEmnnv
Kede4LqiWOtMpPW7s8uOdaAPLWRCAiet91G37eTSqp/UWf/OY7u2
-----END CERTIFICATE-----
Generated at Fri Aug 18 12:22:12 2023 by rpki-client on console-ams.rpki-client.org