Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ci-1ConJGOD78KHr4She9_AUrMg.roa
File: ci-1ConJGOD78KHr4She9_AUrMg.roa (raw, json)
Hash identifier: 4fcDkOFYL6GeTNny33dLVYSI2+K88L4555AsrLlkH2A=
Subject key identifier: 72:2F:B5:0A:89:C9:18:E0:FB:F0:A1:EB:E1:28:5E:F7:F0:14:AC:C8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188DC5DF4AD62AD0AF1AE83792F8B8C28FD
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ci-1ConJGOD78KHr4She9_AUrMg.roa
Signing time: Wed 21 Jun 2023 05:12:04 +0000
ROA not before: Wed 21 Jun 2023 05:12:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 84.32.212.0/24 maxlen: 24
84.32.20.0/24 maxlen: 24
84.32.23.0/24 maxlen: 24
84.32.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Jun 2023 14:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dc:5d:f4:ad:62:ad:0a:f1:ae:83:79:2f:8b:8c:28:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 21 05:12:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=722fb50a89c918e0fbf0a1ebe1285ef7f014acc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b6:d9:48:12:a2:97:a5:27:d8:2e:1f:39:f1:
cc:55:4b:60:a5:ca:83:dc:9e:b8:77:de:f2:eb:3b:
f8:79:02:98:cb:82:6d:ea:72:84:d1:df:c4:2a:ed:
53:7a:df:d8:d6:9c:63:e8:6a:55:a5:4b:74:9b:e7:
56:7c:68:56:cf:7e:d1:1a:74:86:43:7f:17:94:44:
05:aa:09:7a:70:e4:14:73:9b:3d:f1:e6:25:d0:6e:
77:0d:bc:fc:a5:70:6d:97:41:61:5b:50:d6:85:90:
89:d5:05:08:ea:3c:48:83:30:7b:b6:38:26:65:8b:
48:73:dc:13:1e:18:17:8e:3f:86:1b:aa:d7:c0:f0:
65:03:dc:e7:b7:c7:b6:02:89:a4:7f:fe:ed:ef:59:
51:9d:9d:80:a8:1f:bd:e9:a3:fe:68:72:0b:6d:4f:
8d:c9:ad:2e:00:d4:16:b0:c2:95:47:85:a7:a1:b7:
6a:0a:04:ac:e2:0a:93:f8:b0:08:07:e2:d2:e0:58:
c6:0a:3b:94:99:b6:a6:07:70:5a:e0:94:35:be:e1:
d4:9b:57:4c:94:82:ac:62:18:ba:3d:b2:41:46:be:
2b:4a:e0:f1:4b:8d:fc:d9:5b:76:07:b0:4e:0c:b8:
ee:b4:2f:c3:69:a6:86:11:2a:9c:2e:17:56:1e:2b:
38:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:2F:B5:0A:89:C9:18:E0:FB:F0:A1:EB:E1:28:5E:F7:F0:14:AC:C8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ci-1ConJGOD78KHr4She9_AUrMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/23
84.32.23.0/24
84.32.212.0/24
Signature Algorithm: sha256WithRSAEncryption
31:e4:18:68:62:00:10:88:8d:7f:38:3c:e6:ce:54:c6:e7:7b:
11:9e:83:f5:67:7b:86:9c:56:18:bd:08:3c:85:3b:60:d0:2f:
a2:27:74:66:9b:a8:9d:b6:e9:26:e2:b5:fd:00:b8:52:fc:7f:
4a:04:1d:c4:69:4c:87:4a:10:e2:43:da:26:cd:3a:ba:d4:89:
18:1e:7a:38:6b:e4:5e:06:be:69:1f:6f:94:b3:35:a9:1f:48:
2b:28:ad:bd:65:97:a6:29:8b:38:6e:35:47:6b:40:12:5f:db:
f6:34:ff:cc:90:12:78:b3:97:2b:38:fe:b3:5e:79:78:cc:ca:
e1:39:95:da:6a:d9:0f:7d:73:e4:62:07:28:d5:a1:4f:ef:cf:
f5:08:41:a5:27:09:0a:ca:c3:91:12:8e:80:21:4a:63:57:e3:
86:28:04:06:54:4c:a6:09:e6:49:64:f0:a1:8f:20:0b:b2:fc:
ae:63:dd:db:17:44:26:49:5e:6e:93:a1:a3:31:c1:ec:de:3f:
9f:25:eb:0d:bd:55:e0:7e:27:52:31:38:4f:30:c4:9b:aa:78:
d0:6a:1c:12:ba:7d:5b:e4:e6:fd:44:90:88:fb:04:b5:d0:50:
d6:7f:c0:78:e6:1c:09:d3:e6:bd:31:78:bf:cb:e2:88:ed:ac:
13:50:14:8e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjcXfStYq0K8a6DeS+LjCj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjIxMDUxMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjJmYjUwYTg5YzkxOGUwZmJmMGExZWJlMTI4NWVmN2YwMTRhY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibbZSBKil6Un2C4fOfHMVUtgpcqD
3J64d97y6zv4eQKYy4Jt6nKE0d/EKu1Tet/Y1pxj6GpVpUt0m+dWfGhWz37RGnSG
Q38XlEQFqgl6cOQUc5s98eYl0G53Dbz8pXBtl0FhW1DWhZCJ1QUI6jxIgzB7tjgm
ZYtIc9wTHhgXjj+GG6rXwPBlA9znt8e2Aomkf/7t71lRnZ2AqB+96aP+aHILbU+N
ya0uANQWsMKVR4WnobdqCgSs4gqT+LAIB+LS4FjGCjuUmbamB3Ba4JQ1vuHUm1dM
lIKsYhi6PbJBRr4rSuDxS4382Vt2B7BODLjutC/DaaaGESqcLhdWHis49QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHIvtQqJyRjg+/Ch6+EoXvfwFKzIMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvY2ktMUNvbkpHT0Q3OEtIcjRTaGU5X0FVck1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVCAUAwQA
VCAXAwQAVCDUMA0GCSqGSIb3DQEBCwUAA4IBAQAx5BhoYgAQiI1/ODzmzlTG53sR
noP1Z3uGnFYYvQg8hTtg0C+iJ3Rmm6idtukm4rX9ALhS/H9KBB3EaUyHShDiQ9om
zTq61IkYHno4a+ReBr5pH2+UszWpH0grKK29ZZemKYs4bjVHa0ASX9v2NP/MkBJ4
s5crOP6zXnl4zMrhOZXaatkPfXPkYgco1aFP78/1CEGlJwkKysOREo6AIUpjV+OG
KAQGVEymCeZJZPChjyALsvyuY93bF0QmSV5uk6GjMcHs3j+fJesNvVXgfidSMThP
MMSbqnjQahwSun1b5Ob9RJCI+wS10FDWf8B45hwJ0+a9MXi/y+KI7awTUBSO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:29 2024 by rpki-client on console-ams.rpki-client.org