Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_RJw3yUfuulB2nNe5veM85JpHqE.roa
File: _RJw3yUfuulB2nNe5veM85JpHqE.roa (raw, json)
Hash identifier: tJQofXPRI9HRTOFXkGD6ZzbOWErIJaN6tXZQ73dJO0E=
Subject key identifier: FD:12:70:DF:25:1F:BA:E9:41:DA:73:5E:E6:F7:8C:F3:92:69:1E:A1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185A2B404A5C597CF7350B9DCD08893EB3D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_RJw3yUfuulB2nNe5veM85JpHqE.roa
Signing time: Wed 11 Jan 2023 21:19:44 +0000
ROA not before: Wed 11 Jan 2023 21:19:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 84.32.208.0/23 maxlen: 24
88.216.208.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.246.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Feb 2023 06:26:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a2:b4:04:a5:c5:97:cf:73:50:b9:dc:d0:88:93:eb:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 11 21:19:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd1270df251fbae941da735ee6f78cf392691ea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fc:8a:94:66:d1:c4:05:47:f2:fe:8c:f2:5b:
d5:53:d9:d9:31:44:56:a3:76:8e:40:ab:7b:1a:82:
19:8c:37:1f:64:68:74:9b:f4:b4:01:74:f7:02:56:
c1:e8:94:10:37:88:76:e7:13:62:78:0e:f7:00:a1:
0c:bf:5a:48:cc:2e:d8:e0:e2:76:35:29:5e:83:57:
ca:13:02:d6:df:48:75:e8:95:66:a4:f2:50:60:10:
9a:09:e8:5d:6f:29:fc:a8:fb:03:00:ef:65:3f:82:
af:5f:f6:10:37:b8:3b:70:37:45:7f:5b:2e:1e:2d:
65:2b:25:cb:a3:d3:bb:3a:f9:2d:ea:88:82:2e:56:
1d:e4:47:3e:15:fa:46:f8:e4:32:1b:36:02:9a:7b:
94:e9:47:54:f4:a9:5a:ca:05:80:0f:4f:8b:3c:16:
cd:57:ed:26:41:52:b2:b9:96:9e:82:5d:77:48:67:
29:37:c0:a9:08:a7:98:78:3c:4c:16:7d:f4:de:08:
ce:ea:c3:c8:f6:88:14:09:52:7b:66:3d:e0:69:eb:
e9:c1:b5:77:aa:3a:60:57:0d:f9:74:4a:5f:66:c6:
37:94:57:40:06:db:84:d9:06:2a:9c:87:cc:01:7c:
f9:f8:26:f4:e2:02:c8:dd:13:4e:70:9f:25:cf:b8:
07:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:12:70:DF:25:1F:BA:E9:41:DA:73:5E:E6:F7:8C:F3:92:69:1E:A1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_RJw3yUfuulB2nNe5veM85JpHqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/22
84.32.208.0/23
84.32.246.0/23
88.216.208.0/24
Signature Algorithm: sha256WithRSAEncryption
01:3e:a8:f6:ee:e5:3b:06:c8:6c:71:4c:02:72:a4:d5:e5:3b:
95:74:56:f2:b0:58:8d:c5:31:34:a9:fb:31:5e:c0:fc:5a:cb:
0a:6a:c5:65:d8:3e:3b:d3:2a:1d:9b:eb:cd:20:00:94:ee:5c:
b1:66:24:15:fd:c1:03:a2:2d:04:6a:be:05:15:b2:f5:50:a5:
3b:03:51:f3:21:92:74:ee:04:8b:96:fd:4b:32:08:78:a4:4c:
02:06:35:21:d2:e9:b0:c2:08:68:a7:24:05:57:49:5c:9c:b1:
71:83:b0:24:61:4c:e2:8d:29:a9:b2:0f:5c:10:02:5d:2f:fc:
fe:a1:30:75:42:75:f5:00:fa:4b:f2:7f:71:f4:f6:2c:31:2c:
85:0f:46:61:5a:cd:63:8c:f7:4c:ef:ec:42:b4:84:0d:09:3f:
fe:ad:b1:07:96:67:ee:63:c1:4a:6a:bc:7c:27:aa:cf:6b:65:
88:ef:6c:94:6e:56:f5:bf:1d:e0:6c:46:bf:88:7c:ea:6b:8d:
41:5f:f6:fa:4d:06:45:86:95:f1:fc:e8:ba:d8:3e:28:d6:41:
b7:a6:16:e5:b4:97:3b:04:7b:04:50:b9:c4:d0:af:ab:35:d5:
c6:0e:9c:0e:2f:ab:08:16:54:5d:83:a5:4b:30:04:f4:d3:86:
48:27:9c:ff
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWitASlxZfPc1C53NCIk+s9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTExMjExOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDEyNzBkZjI1MWZiYWU5NDFkYTczNWVlNmY3OGNmMzkyNjkxZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/yKlGbRxAVH8v6M8lvVU9nZMURW
o3aOQKt7GoIZjDcfZGh0m/S0AXT3AlbB6JQQN4h25xNieA73AKEMv1pIzC7Y4OJ2
NSleg1fKEwLW30h16JVmpPJQYBCaCehdbyn8qPsDAO9lP4KvX/YQN7g7cDdFf1su
Hi1lKyXLo9O7Ovkt6oiCLlYd5Ec+FfpG+OQyGzYCmnuU6UdU9KlaygWAD0+LPBbN
V+0mQVKyuZaegl13SGcpN8CpCKeYeDxMFn303gjO6sPI9ogUCVJ7Zj3gaevpwbV3
qjpgVw35dEpfZsY3lFdABtuE2QYqnIfMAXz5+Cb04gLI3RNOcJ8lz7gHdQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP0ScN8lH7rpQdpzXub3jPOSaR6hMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvX1JKdzN5VWZ1dWxCMm5OZTV2ZU04NUpwSHFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVCAUAwQB
VCDQAwQBVCD2AwQAWNjQMA0GCSqGSIb3DQEBCwUAA4IBAQABPqj27uU7BshscUwC
cqTV5TuVdFbysFiNxTE0qfsxXsD8WssKasVl2D470yodm+vNIACU7lyxZiQV/cED
oi0Ear4FFbL1UKU7A1HzIZJ07gSLlv1LMgh4pEwCBjUh0umwwghopyQFV0lcnLFx
g7AkYUzijSmpsg9cEAJdL/z+oTB1QnX1APpL8n9x9PYsMSyFD0ZhWs1jjPdM7+xC
tIQNCT/+rbEHlmfuY8FKarx8J6rPa2WI72yUblb1vx3gbEa/iHzqa41BX/b6TQZF
hpXx/Oi62D4o1kG3phbltJc7BHsEULnE0K+rNdXGDpwOL6sIFlRdg6VLMAT004ZI
J5z/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org