Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XMtReopMLvvlNp8k8ovuVWlE3sg.roa
File: XMtReopMLvvlNp8k8ovuVWlE3sg.roa (raw, json)
Hash identifier: bD8TufSEOMo1b5Mm2aUCB+K21FKtN1a8Erh2wbOfh8w=
Subject key identifier: 5C:CB:51:7A:8A:4C:2E:FB:E5:36:9F:24:F2:8B:EE:55:69:44:DE:C8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186BAB2BB5ACCD961DB68105425F5ADDBB8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XMtReopMLvvlNp8k8ovuVWlE3sg.roa
Signing time: Tue 07 Mar 2023 06:12:00 +0000
ROA not before: Tue 07 Mar 2023 06:12:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49581
IP address blocks: 84.32.173.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Mar 2023 06:47:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ba:b2:bb:5a:cc:d9:61:db:68:10:54:25:f5:ad:db:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 7 06:12:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ccb517a8a4c2efbe5369f24f28bee556944dec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f2:b6:4a:7c:74:2a:a0:46:11:05:f4:e2:48:
3d:dc:69:94:fd:22:38:5a:f2:56:5b:23:94:4d:45:
f6:b4:c4:eb:7a:99:ef:43:79:aa:a3:29:58:dd:6c:
fb:d6:04:c7:4d:79:02:17:0f:ec:d3:e5:2f:ca:02:
b1:83:cf:f4:6c:60:bc:37:bf:e4:ec:f4:66:18:70:
3a:14:0f:6e:f9:ba:b6:a3:06:5a:16:78:70:d2:4b:
35:22:5a:92:1d:6b:b3:22:92:a4:05:a9:35:d8:b3:
96:77:31:fa:f8:f6:31:d9:1d:1f:07:11:fa:b4:92:
da:37:67:7e:95:89:d4:2d:e0:e1:21:c0:6f:fb:f8:
2b:b3:0d:b8:a7:9a:31:75:8d:db:0f:40:d0:47:5e:
96:6f:6b:cc:11:f0:5a:35:1c:14:3a:e3:da:da:e0:
79:82:6f:20:b4:86:0e:ee:bb:44:09:e3:65:53:ad:
82:97:da:d3:7e:23:fa:9a:ef:5e:f6:79:24:00:13:
a6:f2:68:d5:5e:0d:10:15:1d:30:18:40:4d:ab:b0:
f2:4a:74:ee:6f:19:03:f0:42:c3:ec:19:11:7b:e5:
94:54:c3:d4:87:71:83:ae:fc:f7:46:de:1a:34:a1:
12:cb:50:ba:6b:4d:94:74:ed:55:48:20:0c:42:c1:
5f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:CB:51:7A:8A:4C:2E:FB:E5:36:9F:24:F2:8B:EE:55:69:44:DE:C8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XMtReopMLvvlNp8k8ovuVWlE3sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.173.0/24
84.32.223.0/24
84.32.251.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:bc:c3:50:64:bc:17:46:41:a8:f5:85:0c:d6:b5:e9:bc:e8:
94:4e:be:15:d7:15:29:96:03:2c:b2:95:bd:26:8c:31:bf:af:
ac:8b:7c:57:49:1a:b4:06:bb:b5:8a:f7:da:61:52:6c:cc:82:
7a:f2:89:36:2d:9e:da:80:bd:4b:33:ba:53:d2:0f:61:54:bd:
84:45:ad:5e:a4:02:58:82:62:a2:4d:07:04:7b:7a:58:bd:bf:
21:05:c2:ad:0b:34:f6:00:06:9c:80:32:41:ec:dd:ec:94:ab:
e7:b2:d9:7e:63:dd:cb:d5:27:05:75:81:49:e9:fa:25:42:e4:
3c:84:39:96:28:9a:40:d0:7b:f6:83:cb:49:90:01:a6:d4:fa:
fd:82:8b:74:c0:fe:ee:de:4b:6a:4a:5f:5c:fb:6e:54:73:6f:
a7:42:84:f2:0e:d4:e9:ba:bd:9a:7b:b3:03:c5:8e:2d:a8:fc:
65:97:8a:fe:4a:35:bb:bb:47:9a:96:01:c2:70:1a:02:17:b8:
3e:a4:4e:55:f6:ab:e4:7b:74:ad:13:dd:b6:72:60:5f:49:c5:
a8:42:91:02:83:09:29:ec:1e:fa:bf:32:9a:cc:16:44:eb:a8:
b8:fa:eb:0a:cb:4b:98:2a:0c:7b:10:2f:45:ef:79:95:c7:8a:
d0:5a:f7:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYa6srtazNlh22gQVCX1rdu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzA3MDYxMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2NiNTE3YThhNGMyZWZiZTUzNjlmMjRmMjhiZWU1NTY5NDRkZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfK2Snx0KqBGEQX04kg93GmU/SI4
WvJWWyOUTUX2tMTrepnvQ3mqoylY3Wz71gTHTXkCFw/s0+UvygKxg8/0bGC8N7/k
7PRmGHA6FA9u+bq2owZaFnhw0ks1IlqSHWuzIpKkBak12LOWdzH6+PYx2R0fBxH6
tJLaN2d+lYnULeDhIcBv+/grsw24p5oxdY3bD0DQR16Wb2vMEfBaNRwUOuPa2uB5
gm8gtIYO7rtECeNlU62Cl9rTfiP6mu9e9nkkABOm8mjVXg0QFR0wGEBNq7DySnTu
bxkD8ELD7BkRe+WUVMPUh3GDrvz3Rt4aNKESy1C6a02UdO1VSCAMQsFfBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFzLUXqKTC775TafJPKL7lVpRN7IMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWE10UmVvcE1MdnZsTnA4azhvdnVWV2xFM3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCCtAwQA
VCDfAwQAVCD7MA0GCSqGSIb3DQEBCwUAA4IBAQAqvMNQZLwXRkGo9YUM1rXpvOiU
Tr4V1xUplgMsspW9Jowxv6+si3xXSRq0Bru1ivfaYVJszIJ68ok2LZ7agL1LM7pT
0g9hVL2ERa1epAJYgmKiTQcEe3pYvb8hBcKtCzT2AAacgDJB7N3slKvnstl+Y93L
1ScFdYFJ6folQuQ8hDmWKJpA0Hv2g8tJkAGm1Pr9got0wP7u3ktqSl9c+25Uc2+n
QoTyDtTpur2ae7MDxY4tqPxll4r+SjW7u0ealgHCcBoCF7g+pE5V9qvke3StE922
cmBfScWoQpECgwkp7B76vzKazBZE66i4+usKy0uYKgx7EC9F73mVx4rQWvee
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org