Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VpZfexMFrp1GJNJdM0FPmsKw0DE.roa
File: VpZfexMFrp1GJNJdM0FPmsKw0DE.roa (raw, json)
Hash identifier: ylizIcKU/lQP7jgMvgzywjQ4CcSgOGjx7ljlDzn5Nv8=
Subject key identifier: 56:96:5F:7B:13:05:AE:9D:46:24:D2:5D:33:41:4F:9A:C2:B0:D0:31
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018B19F6A93C6D015152E0ECEF191E12C095
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VpZfexMFrp1GJNJdM0FPmsKw0DE.roa
Signing time: Tue 10 Oct 2023 14:21:17 +0000
ROA not before: Tue 10 Oct 2023 14:21:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42055
IP address blocks: 84.32.76.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.233.0/24 maxlen: 24
84.32.237.0/24 maxlen: 24
84.32.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Oct 2023 19:41:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:f6:a9:3c:6d:01:51:52:e0:ec:ef:19:1e:12:c0:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 10 14:21:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56965f7b1305ae9d4624d25d33414f9ac2b0d031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:89:b1:b3:79:a3:80:83:ee:a2:7f:5e:3c:ea:
52:4d:ae:3e:24:23:71:7c:bf:0b:7c:4a:32:a5:71:
6b:19:b7:98:08:a9:43:15:10:2b:8b:68:96:5f:bd:
19:b1:3f:2a:d8:94:fd:ab:15:4a:cf:58:d9:a0:8e:
99:48:de:58:75:aa:60:41:6e:ed:22:da:6b:81:4e:
58:b7:73:3e:7e:ee:80:73:43:fe:57:af:08:e2:8d:
6e:fa:2e:61:65:70:c4:ac:68:5c:fa:54:73:64:e3:
7d:ca:ac:0f:52:99:af:d0:02:1f:d2:19:b8:41:05:
5c:b1:47:74:a5:c6:bb:82:70:59:2c:e6:c3:75:18:
b9:85:02:cb:de:cb:74:27:60:75:e5:39:f9:71:51:
7c:de:ed:47:a2:ce:7a:a9:14:90:79:be:44:58:86:
6d:91:dd:fe:c4:ee:a1:26:46:14:66:8c:77:e5:72:
87:41:3d:7c:b0:4e:67:1d:13:82:a4:74:be:02:9c:
1d:41:42:0c:54:bf:3d:05:94:e6:26:52:c8:63:f8:
fa:10:3c:e2:23:1b:45:52:57:f3:fe:e1:8b:6e:00:
c9:fc:3b:0a:61:ad:21:1f:ac:cf:45:e7:0b:a6:09:
2e:80:3e:61:6f:b1:1a:db:67:38:56:b9:23:0f:d5:
b7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:96:5F:7B:13:05:AE:9D:46:24:D2:5D:33:41:4F:9A:C2:B0:D0:31
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VpZfexMFrp1GJNJdM0FPmsKw0DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.76.0/24
84.32.79.0/24
84.32.94.0/24
84.32.233.0/24
84.32.237.0/24
84.32.252.0/24
Signature Algorithm: sha256WithRSAEncryption
52:f7:d7:1e:05:61:a5:86:25:6a:e7:a4:da:3d:f4:b7:bf:79:
3a:a3:ac:12:48:6a:24:2b:67:ca:87:c0:b8:48:13:34:0a:3c:
a6:ad:cb:c3:29:dd:59:62:ad:20:a3:c4:85:68:33:14:52:96:
29:44:da:a1:e4:6e:66:52:5f:be:6d:41:c1:ec:50:a1:7e:1d:
55:1b:48:e0:f4:ee:af:27:c0:e1:5c:f0:3c:e4:5f:3e:e9:41:
e5:66:8e:51:69:a7:e2:77:0d:40:23:7a:f2:2c:f4:b6:67:82:
b9:03:f6:2b:c5:79:4d:4c:e0:ca:e5:d9:02:5b:54:30:2d:0c:
47:a1:40:45:53:b2:09:56:a6:6a:0d:c6:d7:9b:b6:46:75:42:
11:65:a1:c3:e5:00:40:54:c3:55:85:73:65:26:d7:9d:f5:58:
23:e6:ca:d2:8a:68:21:8d:76:73:de:44:be:96:e2:61:1d:39:
83:0a:22:47:a2:c4:2a:e6:55:48:27:e7:ea:88:68:8a:a6:89:
1a:4b:2a:bd:fa:78:9d:2f:ef:34:a9:f2:65:94:ef:f3:bd:ea:
38:fb:c8:4c:a9:b0:6a:2f:63:3f:cb:41:e0:d1:b9:ce:d2:e1:
c5:dd:07:91:35:39:8e:96:1a:95:40:ed:9e:ed:a5:13:ed:4b:
cd:ef:d8:0e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYsZ9qk8bQFRUuDs7xkeEsCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDEwMTQyMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njk2NWY3YjEzMDVhZTlkNDYyNGQyNWQzMzQxNGY5YWMyYjBkMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4mxs3mjgIPuon9ePOpSTa4+JCNx
fL8LfEoypXFrGbeYCKlDFRAri2iWX70ZsT8q2JT9qxVKz1jZoI6ZSN5YdapgQW7t
ItprgU5Yt3M+fu6Ac0P+V68I4o1u+i5hZXDErGhc+lRzZON9yqwPUpmv0AIf0hm4
QQVcsUd0pca7gnBZLObDdRi5hQLL3st0J2B15Tn5cVF83u1Hos56qRSQeb5EWIZt
kd3+xO6hJkYUZox35XKHQT18sE5nHROCpHS+ApwdQUIMVL89BZTmJlLIY/j6EDzi
IxtFUlfz/uGLbgDJ/DsKYa0hH6zPRecLpgkugD5hb7Ea22c4VrkjD9W3YwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFaWX3sTBa6dRiTSXTNBT5rCsNAxMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVnBaZmV4TUZycDFHSk5KZE0wRlBtc0t3MERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCBMAwQA
VCBPAwQAVCBeAwQAVCDpAwQAVCDtAwQAVCD8MA0GCSqGSIb3DQEBCwUAA4IBAQBS
99ceBWGlhiVq56TaPfS3v3k6o6wSSGokK2fKh8C4SBM0CjymrcvDKd1ZYq0go8SF
aDMUUpYpRNqh5G5mUl++bUHB7FChfh1VG0jg9O6vJ8DhXPA85F8+6UHlZo5Raafi
dw1AI3ryLPS2Z4K5A/YrxXlNTODK5dkCW1QwLQxHoUBFU7IJVqZqDcbXm7ZGdUIR
ZaHD5QBAVMNVhXNlJted9Vgj5srSimghjXZz3kS+luJhHTmDCiJHosQq5lVIJ+fq
iGiKpokaSyq9+nidL+80qfJllO/zveo4+8hMqbBqL2M/y0Hg0bnO0uHF3QeRNTmO
lhqVQO2e7aUT7UvN79gO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org