Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QPMIzL7RkLbjkb3YwZmPYnqJVFo.roa
File: QPMIzL7RkLbjkb3YwZmPYnqJVFo.roa (raw, json)
Hash identifier: qYW+KrdoqrekCBJ9Zs5vaVPu9vyLW6F0RMMCeChM9F8=
Subject key identifier: 40:F3:08:CC:BE:D1:90:B6:E3:91:BD:D8:C1:99:8F:62:7A:89:54:5A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018863FF6FFEF95992ECEA14EF60A96D2290
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QPMIzL7RkLbjkb3YwZmPYnqJVFo.roa
Signing time: Sun 28 May 2023 20:14:24 +0000
ROA not before: Sun 28 May 2023 20:14:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 84.32.20.0/24 maxlen: 24
84.32.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Jun 2023 13:23:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:63:ff:6f:fe:f9:59:92:ec:ea:14:ef:60:a9:6d:22:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 28 20:14:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40f308ccbed190b6e391bdd8c1998f627a89545a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cd:13:1e:34:d5:f5:6e:f2:4a:6d:0e:f7:8e:
fc:a1:1b:34:45:6c:74:60:24:83:bf:9c:1f:c4:34:
27:41:87:8d:8a:fa:aa:ca:ed:a1:06:45:fa:47:b6:
71:92:2e:fc:b1:63:49:a2:f5:a5:e2:78:28:43:f2:
f4:e0:25:f8:96:4f:2b:be:ff:ff:9d:14:03:af:da:
6f:d7:9d:85:f9:b9:ec:35:83:89:a4:60:0b:a5:d4:
e3:c6:18:a6:0a:1d:c1:03:62:d4:fe:f2:80:68:eb:
6c:c5:30:6e:c7:94:02:89:7e:0a:46:01:de:7e:0f:
4d:93:a1:a3:58:42:18:60:43:4d:ee:6c:35:3c:af:
82:c1:f6:66:ef:fd:eb:e5:6b:2e:1a:52:28:b6:61:
4a:f1:58:56:b4:43:0f:a2:18:ad:a6:dc:95:f7:67:
12:73:0e:77:9b:f7:82:50:ce:72:4d:46:bc:b4:1c:
c3:6e:bd:bc:d3:9a:0d:b0:15:17:88:8a:87:ce:a8:
53:81:d2:42:19:92:ad:1e:2c:0e:9f:4d:bc:01:4f:
6b:71:72:8b:b7:ce:ee:22:81:36:7a:00:18:5f:6b:
4b:11:b4:4c:bb:c7:8c:a4:02:7b:9a:3e:23:f5:3c:
64:a7:71:76:5b:d8:23:37:3d:44:0e:5d:e0:8e:a2:
da:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F3:08:CC:BE:D1:90:B6:E3:91:BD:D8:C1:99:8F:62:7A:89:54:5A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QPMIzL7RkLbjkb3YwZmPYnqJVFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/24
84.32.23.0/24
Signature Algorithm: sha256WithRSAEncryption
09:6a:c0:dd:37:47:35:9b:c9:96:77:09:e0:5e:42:0b:85:14:
2b:10:e9:b7:5f:e7:fc:0e:f1:f7:0d:f5:ca:09:49:28:77:b2:
44:d7:12:59:3c:61:28:6e:c0:19:9f:7a:38:7c:43:4a:62:2f:
28:4e:7f:48:74:c5:6c:85:86:ae:37:80:de:21:8d:23:a0:ff:
41:7e:93:de:84:bb:37:d1:84:d9:6d:c9:5c:83:0c:2e:0f:ec:
bd:02:f6:b4:f5:dd:d3:45:5c:b6:27:56:4e:07:da:22:89:74:
b0:9c:ed:e9:de:2b:65:45:d2:92:41:de:bf:4a:22:3b:ba:e7:
5d:57:88:39:a3:c1:b8:62:0b:43:a4:a3:fc:7d:ad:91:a1:32:
0c:2d:8f:f0:96:06:ca:87:68:31:20:bf:d4:a4:36:ab:d8:30:
c3:4e:05:c4:72:4d:7a:42:9a:e5:d6:b8:5d:11:50:7b:9a:87:
f6:d7:4c:13:99:10:21:1d:3d:2d:97:df:42:4d:c0:05:79:01:
e1:b4:21:52:2e:95:b6:19:9f:e5:36:9c:ba:7d:f1:49:10:b5:
d5:42:05:d4:d7:dd:be:2b:85:95:41:6f:97:3e:32:7b:e4:00:
0b:b6:4c:c7:12:d3:37:b6:b0:af:0f:4a:ab:5a:37:6a:fc:2c:
74:66:95:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhj/2/++VmS7OoU72CpbSKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTI4MjAxNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGYzMDhjY2JlZDE5MGI2ZTM5MWJkZDhjMTk5OGY2MjdhODk1NDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM0THjTV9W7ySm0O9478oRs0RWx0
YCSDv5wfxDQnQYeNivqqyu2hBkX6R7Zxki78sWNJovWl4ngoQ/L04CX4lk8rvv//
nRQDr9pv152F+bnsNYOJpGALpdTjxhimCh3BA2LU/vKAaOtsxTBux5QCiX4KRgHe
fg9Nk6GjWEIYYENN7mw1PK+CwfZm7/3r5WsuGlIotmFK8VhWtEMPohitptyV92cS
cw53m/eCUM5yTUa8tBzDbr2805oNsBUXiIqHzqhTgdJCGZKtHiwOn028AU9rcXKL
t87uIoE2egAYX2tLEbRMu8eMpAJ7mj4j9Txkp3F2W9gjNz1EDl3gjqLauQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEDzCMy+0ZC245G92MGZj2J6iVRaMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUVBNSXpMN1JrTGJqa2IzWXdabVBZbnFKVkZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAUAwQA
VCAXMA0GCSqGSIb3DQEBCwUAA4IBAQAJasDdN0c1m8mWdwngXkILhRQrEOm3X+f8
DvH3DfXKCUkod7JE1xJZPGEobsAZn3o4fENKYi8oTn9IdMVshYauN4DeIY0joP9B
fpPehLs30YTZbclcgwwuD+y9Ava09d3TRVy2J1ZOB9oiiXSwnO3p3itlRdKSQd6/
SiI7uuddV4g5o8G4YgtDpKP8fa2RoTIMLY/wlgbKh2gxIL/UpDar2DDDTgXEck16
Qprl1rhdEVB7mof210wTmRAhHT0tl99CTcAFeQHhtCFSLpW2GZ/lNpy6ffFJELXV
QgXU192+K4WVQW+XPjJ75AALtkzHEtM3trCvD0qrWjdq/Cx0ZpVe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org