Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aMSpzCr3eDrdFvCtW6Zdup8O1EM.roa
File: aMSpzCr3eDrdFvCtW6Zdup8O1EM.roa (raw, json)
Hash identifier: TMdZ6PMWIAFkUmOV9R3grvllpI7zqsVomgfYfXxZbLg=
Subject key identifier: 68:C4:A9:CC:2A:F7:78:3A:DD:16:F0:AD:5B:A6:5D:BA:9F:0E:D4:43
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018AF0767DEF65CC8DCA6CD497B75F099661
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aMSpzCr3eDrdFvCtW6Zdup8O1EM.roa
Signing time: Mon 02 Oct 2023 12:56:51 +0000
ROA not before: Mon 02 Oct 2023 12:56:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197789
IP address blocks: 84.32.236.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:76:7d:ef:65:cc:8d:ca:6c:d4:97:b7:5f:09:96:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 2 12:56:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68c4a9cc2af7783add16f0ad5ba65dba9f0ed443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:06:0e:9d:ff:7c:d4:22:fc:63:f3:82:d2:2e:
b1:bc:3f:16:cd:bc:2d:be:73:b8:ca:26:64:34:da:
3f:4e:54:75:fa:fa:ca:82:0d:77:ed:99:be:d9:61:
e4:db:a9:da:7e:86:ea:bf:78:e1:96:b6:73:d6:27:
61:f7:ca:66:f6:8e:7c:8a:33:21:23:fe:d8:7c:b6:
16:a4:81:fb:37:db:6a:d0:14:96:96:ab:d2:9e:35:
6d:57:2d:56:4a:d4:fc:23:60:89:dd:58:21:bd:d2:
e8:aa:f1:a0:25:6c:09:13:d1:34:f8:3f:1e:d7:f5:
96:da:f4:9f:2a:68:6a:67:2c:73:28:fd:53:a1:1d:
02:68:07:31:39:97:75:d5:a1:38:35:1e:9b:88:c3:
86:5c:ea:05:8b:da:df:6c:f8:2a:c9:85:62:77:f6:
30:c7:de:72:0c:2a:be:40:29:ca:c3:19:00:91:8d:
c5:46:3b:28:9e:d9:ef:2c:fa:1d:71:60:bd:23:5c:
ac:7e:6b:a5:3a:92:06:a9:b2:97:0a:3e:d0:0f:f5:
90:2c:5a:3a:94:23:8a:8f:5b:9d:f1:db:8a:d0:a1:
3a:45:09:99:6b:1b:7f:49:98:2b:cd:c6:3f:ce:85:
31:4b:de:3a:64:db:1e:5e:c0:47:1d:1b:8c:74:e5:
fa:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C4:A9:CC:2A:F7:78:3A:DD:16:F0:AD:5B:A6:5D:BA:9F:0E:D4:43
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/aMSpzCr3eDrdFvCtW6Zdup8O1EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.236.0/24
Signature Algorithm: sha256WithRSAEncryption
31:51:d0:ac:0d:99:3f:40:db:73:22:7d:4b:9b:12:7b:25:6c:
e9:b9:e3:26:1c:e7:7a:ab:bf:92:1a:6e:65:90:53:3e:06:bb:
72:56:97:ea:0a:93:06:68:cf:ab:19:af:c6:f3:d3:b0:c1:f2:
84:e8:d2:bb:2d:66:07:52:a7:79:69:7c:35:e2:cf:fb:e9:ed:
99:45:f6:24:d2:c2:3f:f1:24:9c:76:c9:ca:5e:8a:89:4f:fe:
82:46:9b:47:bc:b7:f2:f8:7d:e1:84:7e:6e:59:94:dc:99:e0:
5a:c8:e3:63:09:9a:77:28:51:b7:4f:f8:35:f9:c1:f0:9f:58:
44:20:17:8c:67:d1:d4:6a:11:77:79:5b:fe:db:83:3c:c9:79:
84:29:c5:c6:97:7f:bd:c4:22:10:c1:0c:dc:97:8c:ee:2f:92:
ab:c3:a9:11:24:cf:0e:b0:60:29:cd:62:e4:eb:fd:36:5a:8c:
99:60:90:f4:00:fc:20:92:94:51:70:ae:c7:5b:df:e5:67:f9:
a6:3a:73:17:9d:34:52:30:fa:d8:88:26:2b:a7:59:1c:ab:03:
35:22:a2:b4:2e:e8:58:42:9e:37:4d:03:e7:2e:b5:96:2a:29:
33:72:cd:b6:7f:39:6d:1b:54:70:75:58:3e:a0:e5:88:74:7b:
47:c7:ef:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrwdn3vZcyNymzUl7dfCZZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDAyMTI1NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGM0YTljYzJhZjc3ODNhZGQxNmYwYWQ1YmE2NWRiYTlmMGVkNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wYOnf981CL8Y/OC0i6xvD8Wzbwt
vnO4yiZkNNo/TlR1+vrKgg137Zm+2WHk26nafobqv3jhlrZz1idh98pm9o58ijMh
I/7YfLYWpIH7N9tq0BSWlqvSnjVtVy1WStT8I2CJ3VghvdLoqvGgJWwJE9E0+D8e
1/WW2vSfKmhqZyxzKP1ToR0CaAcxOZd11aE4NR6biMOGXOoFi9rfbPgqyYVid/Yw
x95yDCq+QCnKwxkAkY3FRjsontnvLPodcWC9I1ysfmulOpIGqbKXCj7QD/WQLFo6
lCOKj1ud8duK0KE6RQmZaxt/SZgrzcY/zoUxS946ZNseXsBHHRuMdOX6VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjEqcwq93g63RbwrVumXbqfDtRDMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYU1TcHpDcjNlRHJkRnZDdFc2WmR1cDhPMUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCDsMA0G
CSqGSIb3DQEBCwUAA4IBAQAxUdCsDZk/QNtzIn1LmxJ7JWzpueMmHOd6q7+SGm5l
kFM+BrtyVpfqCpMGaM+rGa/G89OwwfKE6NK7LWYHUqd5aXw14s/76e2ZRfYk0sI/
8SScdsnKXoqJT/6CRptHvLfy+H3hhH5uWZTcmeBayONjCZp3KFG3T/g1+cHwn1hE
IBeMZ9HUahF3eVv+24M8yXmEKcXGl3+9xCIQwQzcl4zuL5Krw6kRJM8OsGApzWLk
6/02WoyZYJD0APwgkpRRcK7HW9/lZ/mmOnMXnTRSMPrYiCYrp1kcqwM1IqK0LuhY
Qp43TQPnLrWWKikzcs22fzltG1RwdVg+oOWIdHtHx+9x
-----END CERTIFICATE-----
Generated at Fri Nov 3 09:00:49 2023 by rpki-client on console-ams.rpki-client.org