Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TcZytruGTItyki3xLgwjpATdXM0.roa
File: TcZytruGTItyki3xLgwjpATdXM0.roa (raw, json)
Hash identifier: oWQMoljLd3fztIBSUyMx//syzcbLe5/7I6UFjC/SMls=
Subject key identifier: 4D:C6:72:B6:BB:86:4C:8B:72:92:2D:F1:2E:0C:23:A4:04:DD:5C:CD
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01872EFE48FBD3EAC6C2E29A340112800B62
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TcZytruGTItyki3xLgwjpATdXM0.roa
Signing time: Wed 29 Mar 2023 20:10:29 +0000
ROA not before: Wed 29 Mar 2023 20:10:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209043
IP address blocks: 84.32.78.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2e:fe:48:fb:d3:ea:c6:c2:e2:9a:34:01:12:80:0b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 29 20:10:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dc672b6bb864c8b72922df12e0c23a404dd5ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:44:fa:9f:14:72:f4:2f:2e:3a:9a:ce:77:a5:
5d:f8:d5:11:c1:66:1a:34:30:be:48:18:4e:3a:20:
98:35:e2:c4:6e:7f:ec:ae:ca:c4:73:b7:13:02:e9:
3b:82:ab:62:d4:16:1d:58:4d:fa:97:dc:a4:9f:46:
30:6f:ba:eb:39:b7:8f:4e:8b:17:46:c0:52:33:61:
61:75:7c:7b:e3:e1:f4:ad:bc:8d:27:fe:5d:aa:59:
67:4e:bd:ce:e7:a9:71:10:1a:af:8e:4c:ce:21:a4:
f0:05:8f:dc:08:ef:54:bc:c3:30:32:60:d6:95:a5:
d9:27:98:bc:96:6a:bd:45:dc:13:35:da:0a:4d:2a:
76:47:25:72:63:1e:e9:19:d3:dc:14:2d:04:73:9c:
a6:de:b3:40:2a:1f:3e:ab:c2:37:93:42:3f:48:84:
51:0c:60:17:a1:7b:75:55:27:38:6d:18:5d:01:1f:
b9:7b:b4:5b:f1:fe:14:7f:fa:3f:5a:f6:c7:40:ae:
1e:6d:09:c1:42:80:1c:fe:d3:fa:ef:99:54:07:05:
14:2c:a8:f8:73:73:44:6d:fc:95:dc:33:5b:8b:e5:
91:61:74:28:42:02:75:47:50:29:da:aa:67:2d:77:
3d:c6:68:de:df:23:e0:ef:6a:cf:e0:da:da:10:00:
9e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C6:72:B6:BB:86:4C:8B:72:92:2D:F1:2E:0C:23:A4:04:DD:5C:CD
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TcZytruGTItyki3xLgwjpATdXM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.78.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:cd:49:ec:38:b6:30:62:aa:55:73:7a:23:88:07:59:87:9e:
e4:a3:02:18:3b:e4:87:53:4f:1c:22:c6:9e:b4:ef:67:ca:4d:
b8:97:8f:93:46:42:3d:75:9f:42:04:a2:0c:11:88:04:38:52:
f8:63:ba:19:09:b2:a4:33:33:08:b9:60:27:98:59:cf:18:1a:
f2:fd:f4:42:42:4b:fb:ea:bc:8e:bb:9f:b2:bd:8c:74:dd:60:
bd:7b:f0:1e:b9:09:44:77:d9:40:2e:b0:eb:e5:49:14:81:83:
1e:1e:2d:43:a0:76:a4:32:12:7d:04:54:07:8a:7c:fb:0d:c3:
97:a5:c9:bc:10:11:66:56:4f:08:dc:bc:41:83:0b:c3:e6:ef:
bb:35:a5:8c:a9:c5:6f:05:c6:bd:e8:cc:b4:15:d5:5c:ab:78:
c2:7c:6b:e6:78:a3:79:cc:1c:dc:a7:2d:08:ee:15:61:d5:89:
36:82:1e:a5:d8:f8:b7:42:4d:f2:15:83:a0:34:f9:37:97:84:
a0:4f:c4:23:ed:fd:23:eb:63:7f:ef:31:2d:cc:6d:04:53:62:
75:d3:57:8b:da:d5:51:a0:73:8e:0a:84:5e:cd:12:f3:09:21:
06:5b:e6:4a:91:a6:cd:11:f7:ac:86:ba:7a:e4:fe:3e:01:68:
d6:62:41:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcu/kj70+rGwuKaNAESgAtiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzI5MjAxMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGM2NzJiNmJiODY0YzhiNzI5MjJkZjEyZTBjMjNhNDA0ZGQ1Y2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0T6nxRy9C8uOprOd6Vd+NURwWYa
NDC+SBhOOiCYNeLEbn/srsrEc7cTAuk7gqti1BYdWE36l9ykn0Ywb7rrObePTosX
RsBSM2FhdXx74+H0rbyNJ/5dqllnTr3O56lxEBqvjkzOIaTwBY/cCO9UvMMwMmDW
laXZJ5i8lmq9RdwTNdoKTSp2RyVyYx7pGdPcFC0Ec5ym3rNAKh8+q8I3k0I/SIRR
DGAXoXt1VSc4bRhdAR+5e7Rb8f4Uf/o/WvbHQK4ebQnBQoAc/tP675lUBwUULKj4
c3NEbfyV3DNbi+WRYXQoQgJ1R1Ap2qpnLXc9xmje3yPg72rP4NraEACeBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE3Gcra7hkyLcpIt8S4MI6QE3VzNMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVGNaeXRydUdUSXR5a2kzeExnd2pwQVRkWE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCBOMA0G
CSqGSIb3DQEBCwUAA4IBAQA/zUnsOLYwYqpVc3ojiAdZh57kowIYO+SHU08cIsae
tO9nyk24l4+TRkI9dZ9CBKIMEYgEOFL4Y7oZCbKkMzMIuWAnmFnPGBry/fRCQkv7
6ryOu5+yvYx03WC9e/AeuQlEd9lALrDr5UkUgYMeHi1DoHakMhJ9BFQHinz7DcOX
pcm8EBFmVk8I3LxBgwvD5u+7NaWMqcVvBca96My0FdVcq3jCfGvmeKN5zBzcpy0I
7hVh1Yk2gh6l2Pi3Qk3yFYOgNPk3l4SgT8Qj7f0j62N/7zEtzG0EU2J101eL2tVR
oHOOCoRezRLzCSEGW+ZKkabNEfeshrp65P4+AWjWYkEq
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:41 2024 by rpki-client on console-ams.rpki-client.org