Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Y_U6kuHxGJ_DFkdCL2JLdYA0i94.roa
File: Y_U6kuHxGJ_DFkdCL2JLdYA0i94.roa (raw, json)
Hash identifier: YBuc5HwHOX/ScBQ7N68E0uNqm63PKLjLYF1mrz6X3vE=
Subject key identifier: 63:F5:3A:92:E1:F1:18:9F:C3:16:47:42:2F:62:4B:75:80:34:8B:DE
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0187D74BD4A96A01EEB40E336E142529E688
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Y_U6kuHxGJ_DFkdCL2JLdYA0i94.roa
Signing time: Mon 01 May 2023 12:31:23 +0000
ROA not before: Mon 01 May 2023 12:31:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44547
IP address blocks: 84.32.15.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 May 2023 17:44:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d7:4b:d4:a9:6a:01:ee:b4:0e:33:6e:14:25:29:e6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 1 12:31:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63f53a92e1f1189fc31647422f624b7580348bde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:02:a9:c1:1b:44:e9:60:a6:31:3e:b6:b2:87:
dc:ef:96:ec:02:19:b1:4c:da:b8:f1:0a:aa:50:6c:
f1:19:2e:93:0f:7d:d2:17:b3:7f:1f:3b:ae:58:f6:
c9:2d:12:0e:1f:f9:4c:d9:48:92:7f:75:2d:d6:a4:
39:06:b9:9e:0c:2c:f4:81:6e:1e:30:34:75:df:12:
bb:61:0c:aa:a5:ba:1c:23:59:d5:02:5f:59:09:cc:
5a:15:64:a4:ce:24:bc:78:1d:d3:e2:d5:18:99:05:
6d:0b:46:9b:b8:24:6e:7b:60:ef:bb:2a:7c:3d:5a:
54:d4:3e:27:32:09:83:2a:55:ff:01:4d:fa:ad:54:
1b:fc:fb:f9:7d:c7:8d:26:e1:99:81:ee:00:07:33:
4a:93:b5:fd:7e:3c:f8:41:23:5f:91:12:ff:4b:1d:
1b:5f:22:1b:6b:ef:67:b3:62:2c:b8:9d:76:00:f4:
3b:cb:ee:7c:66:5b:fd:b5:18:e6:1e:b0:a8:e3:b8:
e1:85:be:42:63:2e:3c:4c:5d:02:2c:56:0d:ce:ed:
d7:0b:5c:ea:be:0e:07:21:db:51:13:55:a3:2c:48:
4b:0f:a5:41:d8:f5:21:81:fc:c0:c4:bd:27:00:da:
7d:ec:5c:4c:57:fa:31:14:80:c0:fd:9e:c9:da:f8:
5a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F5:3A:92:E1:F1:18:9F:C3:16:47:42:2F:62:4B:75:80:34:8B:DE
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Y_U6kuHxGJ_DFkdCL2JLdYA0i94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.15.0/24
84.32.244.0/23
84.32.250.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:40:13:81:00:30:2f:22:c0:8c:70:84:d0:c3:22:84:7c:cb:
61:09:23:f7:db:4a:e1:0f:9c:e3:b1:b3:e4:7d:21:9a:68:0b:
3c:5e:a4:31:30:9e:d0:62:c5:ea:35:cf:9c:73:86:89:1d:79:
52:c6:de:55:73:b3:37:3e:2f:cb:26:d5:58:f4:95:7c:15:3b:
45:1d:1b:48:0c:e4:58:96:c4:96:00:6a:e2:65:e7:c4:3f:c9:
00:f7:7c:df:eb:ca:db:4e:f9:0d:e3:6f:50:0d:41:ca:6b:d6:
cb:31:af:d2:22:7e:4d:cd:36:d9:aa:51:8b:bc:11:88:24:4d:
a6:3d:2c:4b:43:ab:da:2a:c2:55:42:5d:6b:6a:3e:ce:af:18:
e6:bf:24:7f:f8:02:6f:14:1d:e7:eb:23:a2:88:6b:72:e5:39:
d0:c2:e6:9b:d5:d4:8d:0d:fe:04:77:fe:52:55:02:9a:3e:fe:
14:ad:d4:4a:a3:ad:6d:c6:08:d2:15:7c:af:a7:75:39:ef:9d:
5a:72:10:19:cd:0b:8b:32:f2:0c:26:a7:27:8c:c4:a3:11:c8:
fb:c2:8a:ee:62:e2:75:76:f5:f1:08:91:47:7c:74:01:de:e3:
4f:2c:a7:b4:1d:ad:d6:fe:b0:c1:cb:c0:ac:33:de:23:4b:d8:
6e:c1:13:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfXS9SpagHutA4zbhQlKeaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTAxMTIzMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Y1M2E5MmUxZjExODlmYzMxNjQ3NDIyZjYyNGI3NTgwMzQ4YmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQKpwRtE6WCmMT62sofc75bsAhmx
TNq48QqqUGzxGS6TD33SF7N/HzuuWPbJLRIOH/lM2UiSf3Ut1qQ5BrmeDCz0gW4e
MDR13xK7YQyqpbocI1nVAl9ZCcxaFWSkziS8eB3T4tUYmQVtC0abuCRue2Dvuyp8
PVpU1D4nMgmDKlX/AU36rVQb/Pv5fceNJuGZge4ABzNKk7X9fjz4QSNfkRL/Sx0b
XyIba+9ns2IsuJ12APQ7y+58Zlv9tRjmHrCo47jhhb5CYy48TF0CLFYNzu3XC1zq
vg4HIdtRE1WjLEhLD6VB2PUhgfzAxL0nANp97FxMV/oxFIDA/Z7J2vhaXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGP1OpLh8RifwxZHQi9iS3WANIveMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWV9VNmt1SHhHSl9ERmtkQ0wySkxkWUEwaTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAPAwQB
VCD0AwQAVCD6MA0GCSqGSIb3DQEBCwUAA4IBAQCKQBOBADAvIsCMcITQwyKEfMth
CSP320rhD5zjsbPkfSGaaAs8XqQxMJ7QYsXqNc+cc4aJHXlSxt5Vc7M3Pi/LJtVY
9JV8FTtFHRtIDORYlsSWAGriZefEP8kA93zf68rbTvkN429QDUHKa9bLMa/SIn5N
zTbZqlGLvBGIJE2mPSxLQ6vaKsJVQl1raj7OrxjmvyR/+AJvFB3n6yOiiGty5TnQ
wuab1dSNDf4Ed/5SVQKaPv4UrdRKo61txgjSFXyvp3U5751achAZzQuLMvIMJqcn
jMSjEcj7woruYuJ1dvXxCJFHfHQB3uNPLKe0Ha3W/rDBy8CsM94jS9huwRMp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org