Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Y1qbFL7Elmnljz7kgAzcvIIgPBw.roa
File: Y1qbFL7Elmnljz7kgAzcvIIgPBw.roa (raw, json)
Hash identifier: cYbpGD8W9aml5jE1xgz+FYp1a6SuOz3FcNZa/vYjeo0=
Subject key identifier: 63:5A:9B:14:BE:C4:96:69:E5:8F:3E:E4:80:0C:DC:BC:82:20:3C:1C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018602CB5F6049940CF0AD02B8C5C34D1966
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Y1qbFL7Elmnljz7kgAzcvIIgPBw.roa
Signing time: Mon 30 Jan 2023 13:08:48 +0000
ROA not before: Mon 30 Jan 2023 13:08:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59642
IP address blocks: 84.32.184.0/22 maxlen: 24
84.32.188.0/22 maxlen: 22
84.32.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Jan 2023 10:43:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:02:cb:5f:60:49:94:0c:f0:ad:02:b8:c5:c3:4d:19:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 30 13:08:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=635a9b14bec49669e58f3ee4800cdcbc82203c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:be:10:84:b4:7e:c4:02:9c:5d:33:6e:c4:e0:
e9:64:05:91:c9:8f:4d:d9:95:d0:b8:af:0f:9f:07:
35:90:d3:ec:ba:20:90:16:b4:33:a6:cc:dc:f2:44:
99:e6:bf:f7:0b:b6:d0:1f:e7:94:af:55:0c:89:6a:
bf:9d:56:82:07:b9:40:fc:d7:4f:77:19:a2:ea:db:
11:3c:8b:93:f8:cb:79:24:db:cf:e7:c4:4b:dd:6f:
09:1a:3c:59:9c:e9:74:88:e2:75:da:02:a7:72:71:
b9:f6:40:d6:7d:67:50:e1:f2:fe:13:86:1d:e8:f3:
e3:bb:7e:ac:e0:29:d1:a1:d0:94:82:6e:7c:4e:ef:
6a:85:57:79:16:1f:f2:dc:2f:26:c5:af:15:8c:fc:
be:05:7e:39:86:f4:af:63:6c:66:2e:de:0f:73:55:
b9:e8:56:e5:44:48:f3:ac:52:9d:81:b4:e7:20:bb:
2b:1c:0f:d0:d6:46:08:91:9b:a5:33:4b:68:10:a0:
dd:74:e8:e9:4d:6c:3c:25:fa:ef:cd:0e:75:dc:20:
6d:33:1e:fc:2f:8a:c9:87:f4:9f:ba:27:82:9b:8d:
76:e7:82:0f:2f:80:a5:ad:2c:2c:25:82:09:2c:4c:
04:8f:36:20:41:03:55:6d:c7:44:27:86:cd:1c:97:
02:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:5A:9B:14:BE:C4:96:69:E5:8F:3E:E4:80:0C:DC:BC:82:20:3C:1C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Y1qbFL7Elmnljz7kgAzcvIIgPBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.34.0/24
84.32.184.0/21
Signature Algorithm: sha256WithRSAEncryption
90:82:c4:c4:5b:84:25:e0:5b:56:5e:7e:ca:9b:5b:92:57:d5:
48:02:9c:1b:48:ea:16:5c:c6:fe:d9:e3:37:50:e9:cc:00:66:
c9:0e:5c:51:f9:18:23:4e:e0:c1:18:93:81:be:67:0a:c5:b4:
5b:c5:5b:f4:a2:8e:1e:c9:4f:cb:0c:80:48:16:5a:f0:c5:e6:
63:07:26:4a:62:5a:cf:65:15:56:ed:a0:b6:80:db:ef:22:e8:
73:af:58:b7:1b:fb:ce:ca:1c:a4:6e:81:17:1b:ca:2d:50:58:
35:b1:39:da:f3:4c:fc:a8:3a:df:71:80:7f:cf:d9:77:9d:8b:
8a:01:ef:dd:87:35:8b:f9:f2:b3:bd:7b:b9:a7:78:5f:c2:22:
7a:5e:70:1b:74:c1:11:5e:50:0c:83:9e:2b:8d:84:d8:e2:4a:
d7:13:9b:63:1c:f2:55:f5:d1:aa:eb:33:70:87:cd:50:71:18:
33:4a:41:31:d9:2f:76:e1:dd:a1:bf:94:d6:75:94:bc:2c:1a:
20:d7:30:41:f0:a1:6e:ee:d4:2a:02:43:7b:ba:51:90:0b:25:
90:61:4b:8c:06:b1:d7:8a:18:c1:10:12:c9:8e:db:84:01:3e:
6e:92:ed:c3:b4:89:9a:46:82:c0:0d:6a:bd:cf:8a:f4:d8:37:
9e:ed:68:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYCy19gSZQM8K0CuMXDTRlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTMwMTMwODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzVhOWIxNGJlYzQ5NjY5ZTU4ZjNlZTQ4MDBjZGNiYzgyMjAzYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgL4QhLR+xAKcXTNuxODpZAWRyY9N
2ZXQuK8Pnwc1kNPsuiCQFrQzpszc8kSZ5r/3C7bQH+eUr1UMiWq/nVaCB7lA/NdP
dxmi6tsRPIuT+Mt5JNvP58RL3W8JGjxZnOl0iOJ12gKncnG59kDWfWdQ4fL+E4Yd
6PPju36s4CnRodCUgm58Tu9qhVd5Fh/y3C8mxa8VjPy+BX45hvSvY2xmLt4Pc1W5
6FblREjzrFKdgbTnILsrHA/Q1kYIkZulM0toEKDddOjpTWw8JfrvzQ513CBtMx78
L4rJh/SfuieCm41254IPL4ClrSwsJYIJLEwEjzYgQQNVbcdEJ4bNHJcCeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGNamxS+xJZp5Y8+5IAM3LyCIDwcMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWTFxYkZMN0VsbW5sano3a2dBemN2SUlnUEJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAiAwQD
VCC4MA0GCSqGSIb3DQEBCwUAA4IBAQCQgsTEW4Ql4FtWXn7Km1uSV9VIApwbSOoW
XMb+2eM3UOnMAGbJDlxR+RgjTuDBGJOBvmcKxbRbxVv0oo4eyU/LDIBIFlrwxeZj
ByZKYlrPZRVW7aC2gNvvIuhzr1i3G/vOyhykboEXG8otUFg1sTna80z8qDrfcYB/
z9l3nYuKAe/dhzWL+fKzvXu5p3hfwiJ6XnAbdMERXlAMg54rjYTY4krXE5tjHPJV
9dGq6zNwh81QcRgzSkEx2S924d2hv5TWdZS8LBog1zBB8KFu7tQqAkN7ulGQCyWQ
YUuMBrHXihjBEBLJjtuEAT5uku3DtImaRoLADWq9z4r02Dee7Wi2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org