Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Yv_rLrAjm9W9ecr9tf_GrxjvIV8.roa
File: Yv_rLrAjm9W9ecr9tf_GrxjvIV8.roa (raw, json)
Hash identifier: maPOMsaBm1DeuqSL0XFBvkw3xN6mWZpDfVc1V06Gn9s=
Subject key identifier: 62:FF:EB:2E:B0:23:9B:D5:BD:79:CA:FD:B5:FF:C6:AF:18:EF:21:5F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC5013B60F70F5440F0D48E2FB88C3820
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Yv_rLrAjm9W9ecr9tf_GrxjvIV8.roa
Signing time: Mon 01 Jan 2024 12:30:41 +0000
ROA not before: Mon 01 Jan 2024 12:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16125
IP address blocks: 84.32.215.0/24 maxlen: 24
84.32.214.0/24 maxlen: 24
84.32.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 19:52:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3b:60:f7:0f:54:40:f0:d4:8e:2f:b8:8c:38:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62ffeb2eb0239bd5bd79cafdb5ffc6af18ef215f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6f:8c:5e:56:66:46:7b:ff:b0:73:a0:e3:1e:
54:02:64:b6:05:2d:50:80:d5:a4:c2:a2:ff:17:58:
da:f5:79:c7:f4:24:c0:21:e2:b5:c8:43:79:5a:1c:
f3:1a:6b:1d:35:c3:44:c5:cb:4b:80:b9:ea:39:84:
b0:70:60:36:4f:4b:e2:7c:06:af:9b:ae:fa:61:b5:
3f:f6:45:f7:02:a0:8c:e2:0e:28:c1:91:07:6b:6d:
84:67:84:07:60:e9:2f:90:21:c7:5c:a6:bc:2b:6d:
bc:6e:0a:a0:a8:f8:d3:e4:62:11:27:d5:c0:0e:5d:
86:50:31:75:6e:1e:a8:57:ea:d0:14:b7:22:df:e7:
65:a2:69:cc:0c:0d:7c:60:6f:9d:bd:2c:b1:60:0d:
39:91:ba:7b:90:d3:40:4b:a3:20:bd:f5:05:02:c0:
05:5c:7a:bc:fb:b2:c5:8b:a9:31:ad:ff:1a:8e:e0:
5a:7b:2f:96:54:1f:3e:fa:a8:33:f1:d0:48:c8:d1:
8d:3c:e5:d5:20:4f:e1:57:a9:03:c7:02:c5:b1:fc:
b3:02:2b:70:d0:95:84:3f:9f:0d:f9:b3:26:60:07:
0a:74:de:a4:6f:0f:14:4d:1f:14:fb:1b:f4:eb:bf:
4e:38:c9:92:55:86:b2:5e:8a:49:b2:6b:85:5c:7e:
78:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FF:EB:2E:B0:23:9B:D5:BD:79:CA:FD:B5:FF:C6:AF:18:EF:21:5F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Yv_rLrAjm9W9ecr9tf_GrxjvIV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.214.0/23
84.32.248.0/24
Signature Algorithm: sha256WithRSAEncryption
00:cc:5e:ee:59:6b:fb:25:a6:fd:70:bd:06:b9:c3:95:14:b3:
2c:ef:35:10:2d:f6:e2:e2:68:f8:ed:bd:13:97:cd:0e:e9:23:
6c:ac:cd:1c:58:d0:8b:43:94:ad:01:23:45:f1:1f:2f:52:e6:
a6:bc:13:62:c5:ed:1d:83:e1:ad:56:d7:24:fb:77:fe:9e:70:
ef:b7:25:ec:52:c9:08:8e:a4:21:e8:21:d1:12:77:2e:73:7d:
6e:7f:79:06:60:74:e0:d7:29:58:66:92:50:bc:e0:9a:90:50:
be:e1:d6:3f:90:01:0c:56:18:45:23:92:e1:06:6b:0b:9e:f5:
a9:6e:00:5b:14:bf:d3:70:6a:b5:f9:b2:6b:e8:54:10:18:fe:
ef:19:6d:9d:a8:fc:ca:38:46:1c:f9:fa:8a:96:98:d1:c7:68:
8e:1b:ca:15:c2:ea:b3:9a:8b:9e:6e:bf:5c:5b:8a:56:9a:a8:
3a:e0:d1:60:e4:4e:b0:58:75:b2:02:12:2f:04:a6:e4:40:c7:
9c:4f:a9:6a:9a:19:ee:c7:a0:dc:a5:04:9b:9c:06:9a:1b:25:
4e:0d:02:39:66:47:9a:3e:5c:68:92:3c:20:8e:3b:81:ff:4d:
58:2f:ce:46:fa:80:b7:ab:8d:cf:c5:a8:99:25:34:df:d1:46:
dc:df:b9:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFATtg9w9UQPDUji+4jDggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmZmZWIyZWIwMjM5YmQ1YmQ3OWNhZmRiNWZmYzZhZjE4ZWYyMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2+MXlZmRnv/sHOg4x5UAmS2BS1Q
gNWkwqL/F1ja9XnH9CTAIeK1yEN5WhzzGmsdNcNExctLgLnqOYSwcGA2T0vifAav
m676YbU/9kX3AqCM4g4owZEHa22EZ4QHYOkvkCHHXKa8K228bgqgqPjT5GIRJ9XA
Dl2GUDF1bh6oV+rQFLci3+dlomnMDA18YG+dvSyxYA05kbp7kNNAS6MgvfUFAsAF
XHq8+7LFi6kxrf8ajuBaey+WVB8++qgz8dBIyNGNPOXVIE/hV6kDxwLFsfyzAitw
0JWEP58N+bMmYAcKdN6kbw8UTR8U+xv0679OOMmSVYayXopJsmuFXH547QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGL/6y6wI5vVvXnK/bX/xq8Y7yFfMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWXZfckxyQWptOVc5ZWNyOXRmX0dyeGp2SVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVCDWAwQA
VCD4MA0GCSqGSIb3DQEBCwUAA4IBAQAAzF7uWWv7Jab9cL0GucOVFLMs7zUQLfbi
4mj47b0Tl80O6SNsrM0cWNCLQ5StASNF8R8vUuamvBNixe0dg+GtVtck+3f+nnDv
tyXsUskIjqQh6CHREncuc31uf3kGYHTg1ylYZpJQvOCakFC+4dY/kAEMVhhFI5Lh
BmsLnvWpbgBbFL/TcGq1+bJr6FQQGP7vGW2dqPzKOEYc+fqKlpjRx2iOG8oVwuqz
mouebr9cW4pWmqg64NFg5E6wWHWyAhIvBKbkQMecT6lqmhnux6DcpQSbnAaaGyVO
DQI5ZkeaPlxokjwgjjuB/01YL85G+oC3q43PxaiZJTTf0Ubc37km
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org