Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/az7LHZR6CRf_RgKrg0fUkQRZT00.roa
File: az7LHZR6CRf_RgKrg0fUkQRZT00.roa (raw, json)
Hash identifier: U/CJsxKtELVuhyJL78SEsLVb1VF2A6NH/Cfa53oZfEM=
Subject key identifier: 6B:3E:CB:1D:94:7A:09:17:FF:46:02:AB:83:47:D4:91:04:59:4F:4D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188A037979EB384F30FE69B945FCB2B1719
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/az7LHZR6CRf_RgKrg0fUkQRZT00.roa
Signing time: Fri 09 Jun 2023 12:52:57 +0000
ROA not before: Fri 09 Jun 2023 12:52:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 84.32.91.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 20:25:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:37:97:9e:b3:84:f3:0f:e6:9b:94:5f:cb:2b:17:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 9 12:52:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b3ecb1d947a0917ff4602ab8347d49104594f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:25:bb:9b:6e:d7:1e:79:47:13:de:01:59:b5:
e9:d0:f4:82:99:c5:9a:51:d6:a2:57:96:51:f9:08:
2e:af:74:3e:55:7c:4a:5f:a2:61:84:b3:f1:50:62:
f9:bc:97:d8:a2:2a:fc:4a:cc:5d:cb:c8:35:1d:43:
c2:15:97:64:58:bb:a7:0c:24:fb:67:04:3e:60:18:
0a:94:30:52:23:29:e0:dc:3c:15:60:ec:7b:18:91:
30:fe:a0:cb:70:6b:39:aa:88:f2:df:70:b1:68:2d:
41:26:06:d6:6d:b3:46:a0:15:6b:7e:e7:66:2c:f8:
21:e2:14:67:94:d7:05:66:25:ab:d7:10:b5:7b:0d:
9a:5a:d6:27:70:22:48:66:b2:de:57:e5:57:fd:d5:
77:d7:69:de:a7:26:38:f3:f6:66:a2:26:3b:b0:bc:
2a:f1:bd:59:dd:20:a2:2d:47:9d:31:38:3e:62:ff:
62:83:f3:7d:d3:bd:ee:45:04:41:06:0d:9f:28:73:
cf:43:93:7f:7a:e3:68:1e:8b:6c:c2:84:3e:75:ef:
32:1e:3a:50:a5:fb:de:34:d9:e2:86:31:ee:9c:a3:
26:22:01:4e:63:51:e5:70:88:7a:cc:a9:fe:a5:fe:
81:12:9d:05:b9:28:36:cb:f8:b0:90:94:3a:ce:ae:
74:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:3E:CB:1D:94:7A:09:17:FF:46:02:AB:83:47:D4:91:04:59:4F:4D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/az7LHZR6CRf_RgKrg0fUkQRZT00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.91.0/24
88.216.131.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:f7:a9:3c:cd:7b:6e:b9:47:de:e3:f6:93:1d:1b:56:62:7c:
be:56:b9:cd:64:ce:9c:d4:b4:7f:7a:51:8f:f1:bf:9a:be:bf:
05:e9:30:de:2e:46:81:68:32:d2:95:51:6c:7a:4d:09:46:a2:
2f:00:8f:64:ab:49:ae:42:29:f5:8b:0d:58:50:2a:2d:9d:32:
7c:5a:48:22:67:6e:b1:5e:c3:4f:7a:ba:22:62:2b:4a:85:09:
1b:73:5d:d5:ce:11:79:6f:75:ed:3d:26:e6:62:a7:f0:f0:60:
ee:cf:23:09:e2:7f:0e:97:e5:f9:1c:22:66:33:f5:21:70:8f:
6e:18:2b:f2:57:db:f6:6a:32:42:9f:a8:a8:a4:3c:7a:30:62:
71:af:75:47:d0:4b:6f:47:38:b1:05:28:74:cd:4a:e7:c0:cc:
6e:ef:74:78:e1:6b:e2:79:88:40:85:f2:f0:5a:ae:60:cb:c0:
d2:12:83:0e:35:61:06:85:c4:0f:df:3f:49:75:a3:2f:3a:ef:
62:42:91:1f:5a:6d:77:5f:ab:c7:ea:f0:78:44:e1:e8:59:b3:
5a:59:7f:d3:4a:50:7b:9d:23:43:4d:09:de:b5:75:a6:c9:81:
43:f1:de:5e:05:0c:72:ea:8d:a5:bd:ae:3b:0b:a5:0a:2b:6e:
20:29:b9:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYigN5ees4TzD+ablF/LKxcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjA5MTI1MjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjNlY2IxZDk0N2EwOTE3ZmY0NjAyYWI4MzQ3ZDQ5MTA0NTk0ZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyW7m27XHnlHE94BWbXp0PSCmcWa
UdaiV5ZR+Qgur3Q+VXxKX6JhhLPxUGL5vJfYoir8Ssxdy8g1HUPCFZdkWLunDCT7
ZwQ+YBgKlDBSIyng3DwVYOx7GJEw/qDLcGs5qojy33CxaC1BJgbWbbNGoBVrfudm
LPgh4hRnlNcFZiWr1xC1ew2aWtYncCJIZrLeV+VX/dV312nepyY48/ZmoiY7sLwq
8b1Z3SCiLUedMTg+Yv9ig/N9073uRQRBBg2fKHPPQ5N/euNoHotswoQ+de8yHjpQ
pfveNNnihjHunKMmIgFOY1HlcIh6zKn+pf6BEp0FuSg2y/iwkJQ6zq50PwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGs+yx2UegkX/0YCq4NH1JEEWU9NMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYXo3TEhaUjZDUmZfUmdLcmcwZlVrUVJaVDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCBbAwQA
WNiDMA0GCSqGSIb3DQEBCwUAA4IBAQBu96k8zXtuuUfe4/aTHRtWYny+VrnNZM6c
1LR/elGP8b+avr8F6TDeLkaBaDLSlVFsek0JRqIvAI9kq0muQin1iw1YUCotnTJ8
WkgiZ26xXsNPeroiYitKhQkbc13VzhF5b3XtPSbmYqfw8GDuzyMJ4n8Ol+X5HCJm
M/UhcI9uGCvyV9v2ajJCn6iopDx6MGJxr3VH0EtvRzixBSh0zUrnwMxu73R44Wvi
eYhAhfLwWq5gy8DSEoMONWEGhcQP3z9JdaMvOu9iQpEfWm13X6vH6vB4ROHoWbNa
WX/TSlB7nSNDTQnetXWmyYFD8d5eBQxy6o2lva47C6UKK24gKbk7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org