Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/caCoz6KX1V4hFpaRFrJksGM3AZ8.roa
File: caCoz6KX1V4hFpaRFrJksGM3AZ8.roa (raw, json)
Hash identifier: mgxSnVyLCBE25pPTyH+/hGVpE9j6if8tvXpXKhRy6eQ=
Subject key identifier: 71:A0:A8:CF:A2:97:D5:5E:21:16:96:91:16:B2:64:B0:63:37:01:9F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0189CF0F613D11A95A1EDD87375A867A7AAC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/caCoz6KX1V4hFpaRFrJksGM3AZ8.roa
Signing time: Mon 07 Aug 2023 08:13:58 +0000
ROA not before: Mon 07 Aug 2023 08:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 84.32.104.0/24 maxlen: 24
84.32.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Oct 2023 05:19:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:0f:61:3d:11:a9:5a:1e:dd:87:37:5a:86:7a:7a:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 7 08:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71a0a8cfa297d55e2116969116b264b06337019f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8b:18:26:04:9e:17:2c:39:57:0c:8f:23:49:
3c:87:a6:53:8c:7b:30:d8:81:3a:6a:d1:f6:11:23:
73:6e:29:80:4d:82:23:5d:35:60:40:63:0d:ef:a7:
ee:7c:49:18:e6:cb:5d:5c:27:58:d3:03:4e:55:ea:
18:43:14:89:18:43:62:f7:1f:5f:44:2f:90:22:b2:
af:70:ab:94:f9:47:2c:cf:ba:09:d7:45:00:8b:1a:
df:ce:ca:48:70:3a:bc:7c:a2:a2:01:4d:03:5b:43:
9d:45:4b:bc:85:4d:71:5a:e8:d8:c3:b7:56:af:9c:
18:14:95:df:c7:27:d6:ef:29:b0:c1:fc:9b:71:69:
4e:7a:db:45:76:44:94:dd:a5:ed:01:43:7d:40:80:
c8:44:98:ae:7e:23:08:54:d7:d7:65:24:31:3d:b7:
80:6a:ec:43:67:86:bf:f0:15:30:88:90:06:4f:bf:
b6:ea:86:9d:dd:2b:50:4c:b7:bc:2e:3e:6f:b1:32:
2d:0e:a6:c1:49:19:06:2a:3a:58:ce:0a:74:33:37:
fd:89:72:80:92:d7:31:f2:c1:75:9c:07:cb:a0:f6:
d2:aa:1f:ad:d5:9d:90:b2:64:ff:0a:ef:ca:94:e8:
b8:26:4f:86:61:39:74:14:f5:09:c1:b0:31:66:4c:
99:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A0:A8:CF:A2:97:D5:5E:21:16:96:91:16:B2:64:B0:63:37:01:9F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/caCoz6KX1V4hFpaRFrJksGM3AZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.104.0/24
84.32.253.0/24
Signature Algorithm: sha256WithRSAEncryption
73:0b:ad:cb:35:70:cc:da:7b:0a:77:46:2d:00:17:b0:56:46:
e4:59:a0:f3:72:c7:bf:61:f9:55:62:a4:24:15:67:bb:5e:32:
c3:5c:fe:78:53:63:a9:43:1a:67:6d:08:c6:74:df:99:3b:d9:
96:d4:e5:77:a6:9c:5b:38:b9:2e:cb:f4:9b:61:a7:b4:4b:59:
1e:41:04:cb:1f:29:ce:af:41:e1:81:93:ab:88:bf:0d:55:be:
b5:6e:04:46:40:be:18:04:42:ee:f3:9e:bb:ec:1f:78:2a:cd:
f3:f6:55:44:3e:76:3b:8b:9e:db:5c:a4:f9:37:1c:3d:38:3d:
aa:3c:8f:d7:cc:d5:ad:17:2e:fb:8e:36:4b:c4:ea:33:c2:68:
9a:1d:7c:99:68:dd:08:e6:fa:07:59:e7:89:8c:65:74:4f:b7:
48:d5:83:a0:3a:44:94:6a:88:2a:af:eb:21:40:7c:20:38:d0:
fc:98:c7:4d:bb:86:1a:d8:11:e9:d1:b4:3b:cf:20:04:43:a6:
b5:e7:a0:a0:70:4b:78:63:52:9f:37:21:79:40:5d:b1:96:f7:
b4:97:b1:45:58:06:27:3c:01:f1:f3:c0:a4:b4:a3:2f:87:f3:
48:8d:23:77:9e:2c:ac:d8:fe:1e:c4:cc:b8:c4:48:c4:c6:3d:
ee:b2:48:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnPD2E9EalaHt2HN1qGenqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwODA3MDgxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWEwYThjZmEyOTdkNTVlMjExNjk2OTExNmIyNjRiMDYzMzcwMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYsYJgSeFyw5VwyPI0k8h6ZTjHsw
2IE6atH2ESNzbimATYIjXTVgQGMN76fufEkY5stdXCdY0wNOVeoYQxSJGENi9x9f
RC+QIrKvcKuU+Ucsz7oJ10UAixrfzspIcDq8fKKiAU0DW0OdRUu8hU1xWujYw7dW
r5wYFJXfxyfW7ymwwfybcWlOettFdkSU3aXtAUN9QIDIRJiufiMIVNfXZSQxPbeA
auxDZ4a/8BUwiJAGT7+26oad3StQTLe8Lj5vsTItDqbBSRkGKjpYzgp0Mzf9iXKA
ktcx8sF1nAfLoPbSqh+t1Z2QsmT/Cu/KlOi4Jk+GYTl0FPUJwbAxZkyZ9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHGgqM+il9VeIRaWkRayZLBjNwGfMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvY2FDb3o2S1gxVjRoRnBhUkZySmtzR00zQVo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCBoAwQA
VCD9MA0GCSqGSIb3DQEBCwUAA4IBAQBzC63LNXDM2nsKd0YtABewVkbkWaDzcse/
YflVYqQkFWe7XjLDXP54U2OpQxpnbQjGdN+ZO9mW1OV3ppxbOLkuy/SbYae0S1ke
QQTLHynOr0HhgZOriL8NVb61bgRGQL4YBELu85677B94Ks3z9lVEPnY7i57bXKT5
Nxw9OD2qPI/XzNWtFy77jjZLxOozwmiaHXyZaN0I5voHWeeJjGV0T7dI1YOgOkSU
aogqr+shQHwgOND8mMdNu4Ya2BHp0bQ7zyAEQ6a156CgcEt4Y1KfNyF5QF2xlve0
l7FFWAYnPAHx88CktKMvh/NIjSN3niys2P4exMy4xEjExj3uskht
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:29 2024 by rpki-client on console-ams.rpki-client.org