Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dHDRH_hymlZtCc2PiGXo0u_VI9k.roa
File: dHDRH_hymlZtCc2PiGXo0u_VI9k.roa (raw, json)
Hash identifier: jDPe7umvqsfx6k9MlmY6v7dQwIH19kGdUlPFVAjwGEA=
Subject key identifier: 74:70:D1:1F:F8:72:9A:56:6D:09:CD:8F:88:65:E8:D2:EF:D5:23:D9
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01859B6DC033DB534D8DCF49A4782A5F4439
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dHDRH_hymlZtCc2PiGXo0u_VI9k.roa
Signing time: Tue 10 Jan 2023 11:25:39 +0000
ROA not before: Tue 10 Jan 2023 11:25:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 84.32.228.0/24 maxlen: 24
84.32.249.0/24 maxlen: 24
84.32.254.0/24 maxlen: 24
88.216.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Feb 2023 10:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9b:6d:c0:33:db:53:4d:8d:cf:49:a4:78:2a:5f:44:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 10 11:25:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7470d11ff8729a566d09cd8f8865e8d2efd523d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:58:e4:d1:22:11:13:a8:2d:f6:be:18:74:53:
42:e8:53:3e:2f:ff:db:cb:42:d1:9a:d8:b0:9d:af:
29:5e:5e:c0:c6:a6:aa:32:06:bf:08:50:19:03:6f:
21:c0:aa:cc:be:b5:c0:86:47:71:2d:9d:b7:ed:bf:
60:39:4e:0f:5c:ed:43:44:78:a6:31:81:da:87:f9:
50:b7:d3:57:dd:3f:b3:69:e5:a2:b4:85:aa:da:f3:
d9:90:41:66:a0:bc:ad:20:cc:12:b9:58:54:31:76:
12:84:54:4d:6d:53:75:dc:52:f9:f3:51:9d:ed:7e:
c1:8c:da:8f:98:aa:fb:06:65:0e:9a:d8:60:56:1f:
97:8b:c3:65:78:40:0e:d5:7d:f7:ca:c5:03:52:d2:
84:6a:43:49:1c:2c:73:e6:61:22:b1:1b:fb:98:82:
3b:08:d6:23:42:72:36:27:e6:05:e0:ee:8d:1b:5a:
be:87:e4:d0:59:22:79:a5:63:cf:88:c4:65:cd:a7:
6d:8a:ca:e4:ca:63:05:ca:64:05:e3:cb:eb:a4:03:
32:d9:0a:ee:90:28:cb:cd:e0:1c:dc:10:03:54:f0:
02:0a:ac:c2:d6:1a:93:51:d8:24:14:31:50:15:cc:
85:15:18:6a:cd:43:c2:19:ba:60:b8:a1:a5:b9:64:
b8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:70:D1:1F:F8:72:9A:56:6D:09:CD:8F:88:65:E8:D2:EF:D5:23:D9
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dHDRH_hymlZtCc2PiGXo0u_VI9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.228.0/24
84.32.249.0/24
84.32.254.0/24
88.216.42.0/24
Signature Algorithm: sha256WithRSAEncryption
77:87:19:8b:25:47:d0:3d:fa:28:39:2d:31:59:21:21:c0:3a:
76:f4:fb:31:b5:69:cd:c8:05:53:53:88:85:1e:c4:7e:66:a5:
e6:24:99:ed:b2:07:a0:0f:ef:45:b2:53:56:00:2e:64:84:10:
3c:24:18:9a:68:6b:41:7b:61:d1:1d:cb:3d:0c:c3:b4:28:95:
b1:43:37:a5:fd:23:00:fa:51:c9:1a:cd:94:46:41:77:39:c3:
61:03:e8:d4:2c:76:5e:81:fe:82:a4:c7:34:1c:a1:bf:47:bf:
a6:b4:86:fc:63:fd:33:a2:02:70:a8:90:0e:1a:d0:e7:73:c1:
ae:66:91:ac:c9:bc:2e:2f:ec:aa:3a:be:74:7a:ff:f9:d2:52:
b4:54:5f:d7:09:c4:13:a9:0a:e2:ea:64:51:8b:95:6d:52:4a:
5c:1e:f8:b1:0a:b1:6d:8e:30:c9:62:ee:38:ff:f3:f4:af:63:
e6:0c:41:12:0c:32:bd:b0:2a:c4:fe:91:e3:3b:c8:90:53:b0:
86:da:71:97:b0:e0:7d:64:66:37:a2:75:1d:b6:13:86:96:f3:
1b:44:d4:a0:8b:8f:31:40:ab:9c:7c:fa:58:f8:e1:39:61:55:
93:07:ad:75:9c:d8:0d:bf:82:74:2f:4a:f1:e3:6b:2c:e2:54:
1f:3b:c5:4e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWbbcAz21NNjc9JpHgqX0Q5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTEwMTEyNTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDcwZDExZmY4NzI5YTU2NmQwOWNkOGY4ODY1ZThkMmVmZDUyM2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiljk0SIRE6gt9r4YdFNC6FM+L//b
y0LRmtiwna8pXl7AxqaqMga/CFAZA28hwKrMvrXAhkdxLZ237b9gOU4PXO1DRHim
MYHah/lQt9NX3T+zaeWitIWq2vPZkEFmoLytIMwSuVhUMXYShFRNbVN13FL581Gd
7X7BjNqPmKr7BmUOmthgVh+Xi8NleEAO1X33ysUDUtKEakNJHCxz5mEisRv7mII7
CNYjQnI2J+YF4O6NG1q+h+TQWSJ5pWPPiMRlzadtisrkymMFymQF48vrpAMy2Qru
kCjLzeAc3BADVPACCqzC1hqTUdgkFDFQFcyFFRhqzUPCGbpguKGluWS4UQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHRw0R/4cppWbQnNj4hl6NLv1SPZMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZEhEUkhfaHltbFp0Q2MyUGlHWG8wdV9WSTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCDkAwQA
VCD5AwQAVCD+AwQAWNgqMA0GCSqGSIb3DQEBCwUAA4IBAQB3hxmLJUfQPfooOS0x
WSEhwDp29PsxtWnNyAVTU4iFHsR+ZqXmJJntsgegD+9FslNWAC5khBA8JBiaaGtB
e2HRHcs9DMO0KJWxQzel/SMA+lHJGs2URkF3OcNhA+jULHZegf6CpMc0HKG/R7+m
tIb8Y/0zogJwqJAOGtDnc8GuZpGsybwuL+yqOr50ev/50lK0VF/XCcQTqQri6mRR
i5VtUkpcHvixCrFtjjDJYu44//P0r2PmDEESDDK9sCrE/pHjO8iQU7CG2nGXsOB9
ZGY3onUdthOGlvMbRNSgi48xQKucfPpY+OE5YVWTB611nNgNv4J0L0rx42ss4lQf
O8VO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:29 2024 by rpki-client on console-ams.rpki-client.org