Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XVkNZDjWU8OHyMxtixrbEWt0X_c.roa
File: XVkNZDjWU8OHyMxtixrbEWt0X_c.roa (raw, json)
Hash identifier: 8Q5eAcxt5pQ8GjIzZnnnpEof1voUxLIXHCd6Fxr8J+8=
Subject key identifier: 5D:59:0D:64:38:D6:53:C3:87:C8:CC:6D:8B:1A:DB:11:6B:74:5F:F7
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018776640FCE509EC914D0045D32B8172EA6
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XVkNZDjWU8OHyMxtixrbEWt0X_c.roa
Signing time: Wed 12 Apr 2023 16:54:41 +0000
ROA not before: Wed 12 Apr 2023 16:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 84.32.217.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 May 2023 05:50:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:64:0f:ce:50:9e:c9:14:d0:04:5d:32:b8:17:2e:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 12 16:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d590d6438d653c387c8cc6d8b1adb116b745ff7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:59:50:0a:3b:46:9b:7e:7d:85:cb:1c:98:9a:
62:0a:d5:2f:db:7e:3f:c4:80:11:b6:de:5e:9b:4a:
77:08:44:0f:3a:fb:d2:87:f9:99:53:13:bf:7f:e2:
5c:f1:31:2e:0b:d9:b4:4e:59:9b:44:dd:e4:84:66:
22:bb:35:18:43:e0:9a:5a:31:d3:9a:09:dc:64:bf:
91:25:d4:4f:8e:fb:8d:04:7a:8c:de:79:73:3e:61:
a3:05:2e:dd:2b:14:28:2d:fe:5d:04:ee:9e:ae:02:
58:b7:e0:eb:0d:e0:71:f2:50:44:2e:97:c8:02:16:
a6:14:c3:75:ed:b3:10:b7:a3:63:2d:c8:85:59:89:
60:39:dd:f6:f0:06:e1:ef:8f:4e:67:0d:64:4a:46:
72:92:a4:0f:36:a4:06:2c:8b:da:22:7f:d3:08:b1:
15:26:57:20:90:c6:f6:d0:1a:57:f1:ac:38:a3:71:
e4:b0:32:0a:01:bc:be:a6:ab:22:ad:0a:7e:d0:a2:
be:20:ab:f8:33:41:d9:62:71:6d:49:39:34:3a:cd:
cf:ce:6e:6a:85:cc:e6:b8:45:e2:fc:2a:9b:9b:9f:
b6:d7:f6:e6:0d:bb:77:b4:f6:a8:81:8d:0d:cd:9a:
ef:67:b1:22:cb:9e:30:a0:18:d4:69:e5:08:c8:d9:
4e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:59:0D:64:38:D6:53:C3:87:C8:CC:6D:8B:1A:DB:11:6B:74:5F:F7
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/XVkNZDjWU8OHyMxtixrbEWt0X_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.157.0/24
84.32.217.0/24
Signature Algorithm: sha256WithRSAEncryption
98:2a:59:4a:a7:30:94:f9:d3:fd:f9:4c:00:ba:02:f8:56:02:
08:b5:81:19:1f:95:f8:b1:58:cf:c8:10:1b:d2:19:de:44:87:
eb:74:18:fd:7c:6e:4c:a9:41:d8:d4:16:b9:c0:52:30:10:c2:
f4:a4:83:49:e4:1a:b1:2a:93:03:9d:bc:52:0e:99:6a:20:ec:
11:35:66:86:15:63:92:26:00:61:16:60:0c:cc:68:b2:33:65:
e3:fe:f5:35:ae:e6:4f:d0:11:55:28:a7:b0:34:76:d8:c9:0b:
51:6b:5d:99:60:cd:f5:03:8c:ce:11:6a:53:6b:68:4d:af:f7:
bd:fd:2c:c1:96:9a:20:43:bc:1f:23:c9:19:53:6e:4e:e4:a5:
f2:0b:d7:a8:04:37:aa:81:57:e5:38:eb:21:13:13:01:5a:b6:
6d:26:24:c7:eb:04:92:ed:05:79:4e:ff:a5:1f:93:c2:c7:bb:
0a:bf:63:de:ef:79:b7:c0:3d:bf:cc:8f:3b:e3:2f:01:fd:90:
6c:ca:28:00:44:68:9f:46:36:4c:0f:67:b2:fd:d6:8e:82:b1:
85:9e:71:3e:9c:78:44:c4:eb:1f:96:72:b3:e5:e6:be:a2:07:
6e:9f:92:aa:7e:ea:d0:93:9d:87:dc:bc:cf:b0:18:dc:34:22:
f9:7a:d3:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd2ZA/OUJ7JFNAEXTK4Fy6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDEyMTY1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDU5MGQ2NDM4ZDY1M2MzODdjOGNjNmQ4YjFhZGIxMTZiNzQ1ZmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmllQCjtGm359hcscmJpiCtUv234/
xIARtt5em0p3CEQPOvvSh/mZUxO/f+Jc8TEuC9m0TlmbRN3khGYiuzUYQ+CaWjHT
mgncZL+RJdRPjvuNBHqM3nlzPmGjBS7dKxQoLf5dBO6ergJYt+DrDeBx8lBELpfI
AhamFMN17bMQt6NjLciFWYlgOd328Abh749OZw1kSkZykqQPNqQGLIvaIn/TCLEV
JlcgkMb20BpX8aw4o3HksDIKAby+pqsirQp+0KK+IKv4M0HZYnFtSTk0Os3Pzm5q
hczmuEXi/Cqbm5+21/bmDbt3tPaogY0NzZrvZ7Eiy54woBjUaeUIyNlOLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF1ZDWQ41lPDh8jMbYsa2xFrdF/3MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWFZrTlpEaldVOE9IeU14dGl4cmJFV3QwWF9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCCdAwQA
VCDZMA0GCSqGSIb3DQEBCwUAA4IBAQCYKllKpzCU+dP9+UwAugL4VgIItYEZH5X4
sVjPyBAb0hneRIfrdBj9fG5MqUHY1Ba5wFIwEML0pINJ5BqxKpMDnbxSDplqIOwR
NWaGFWOSJgBhFmAMzGiyM2Xj/vU1ruZP0BFVKKewNHbYyQtRa12ZYM31A4zOEWpT
a2hNr/e9/SzBlpogQ7wfI8kZU25O5KXyC9eoBDeqgVflOOshExMBWrZtJiTH6wSS
7QV5Tv+lH5PCx7sKv2Pe73m3wD2/zI874y8B/ZBsyigARGifRjZMD2ey/daOgrGF
nnE+nHhExOsflnKz5ea+ogdun5KqfurQk52H3LzPsBjcNCL5etNi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org