Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dYWg6dlyM9COkR8WfpGJG4701cA.roa
File: dYWg6dlyM9COkR8WfpGJG4701cA.roa (raw, json)
Hash identifier: zxVvInFBLilzxfLwrswn4rFBUdas9aSEBa1/jUf7PCc=
Subject key identifier: 75:85:A0:E9:D9:72:33:D0:8E:91:1F:16:7E:91:89:1B:8E:F4:D5:C0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFD4546451E043886460D52D230FAA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dYWg6dlyM9COkR8WfpGJG4701cA.roa
Signing time: Sun 01 Jan 2023 18:54:54 +0000
ROA not before: Sun 01 Jan 2023 18:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 84.32.213.0/24 maxlen: 24
84.32.216.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
84.32.51.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:d4:54:64:51:e0:43:88:64:60:d5:2d:23:0f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7585a0e9d97233d08e911f167e91891b8ef4d5c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7a:cf:d4:8c:82:4b:bc:11:30:50:56:62:15:
48:38:e2:cd:5f:ad:58:aa:c6:f7:c0:5d:bf:0f:d6:
09:2f:63:91:7a:30:ef:77:32:9e:6a:7e:9a:74:fd:
c3:8b:7b:90:1b:cd:49:07:22:bf:eb:12:af:85:09:
64:cb:90:9c:6c:9b:de:b3:b6:f7:e6:1d:5d:9a:a4:
78:8e:0a:a6:5e:a5:17:71:2d:71:3c:05:45:35:3f:
21:e4:d3:fb:11:c6:b6:7d:c2:3d:6c:26:92:de:8a:
de:55:0b:17:4c:eb:8b:97:0e:d8:0a:17:04:46:d2:
79:49:77:45:ea:13:07:65:0f:7b:f4:36:aa:2a:11:
00:ef:1b:06:8e:51:24:78:a3:2d:6f:75:03:2c:3c:
db:fd:0b:20:d9:c2:5a:d9:cf:ec:59:bb:14:79:f5:
c2:40:b8:21:8b:3f:a7:3b:9c:4d:d8:97:08:fe:12:
04:c6:58:3c:35:94:1b:f7:d6:57:c0:fe:47:86:6d:
9f:88:b8:c5:c3:36:ba:2c:08:46:99:f8:cf:0d:a9:
f1:91:0a:67:98:8d:1d:46:74:9e:a2:9a:76:37:b3:
2e:c7:60:73:13:73:da:52:be:19:dc:d1:75:33:b3:
a9:3b:e8:8a:63:c7:1a:c9:1c:47:4e:70:37:6d:e8:
10:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:85:A0:E9:D9:72:33:D0:8E:91:1F:16:7E:91:89:1B:8E:F4:D5:C0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dYWg6dlyM9COkR8WfpGJG4701cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.51.0/24
84.32.213.0/24
84.32.216.0/24
88.216.222.0/24
Signature Algorithm: sha256WithRSAEncryption
73:64:31:fa:ca:30:cf:1d:b9:89:f7:18:48:d0:7b:cb:6c:3d:
69:11:bb:a1:7d:25:24:c7:1b:6a:ea:79:1b:b1:49:37:5e:b6:
77:c5:fd:ce:43:15:cc:c5:4f:64:d6:0d:42:19:7d:fd:c8:4a:
6b:66:80:b2:29:c6:c5:31:54:78:73:48:06:88:40:5a:6c:91:
dd:ae:22:68:7f:f3:bf:41:ff:69:54:3d:63:c2:f8:b8:75:d1:
86:03:38:c0:9c:f4:f4:74:81:50:c5:f7:a4:d9:6d:5c:30:00:
94:c8:54:09:9c:3d:21:ea:d9:a7:c3:bb:dd:46:3a:b9:ff:83:
05:73:64:4f:3a:81:59:5d:37:6f:7b:fb:91:1a:97:55:be:09:
b5:dd:5b:db:93:38:54:11:fb:b8:d2:d5:c9:7b:ea:bd:1a:85:
1b:a7:fa:80:a0:cc:6d:25:c6:6d:ca:6a:1b:f4:bb:31:dd:91:
e8:4c:8c:8c:bb:63:e8:a6:53:ef:5c:b5:62:94:d8:6d:e6:32:
ef:e6:e5:b2:82:c5:fd:30:0d:bc:37:9f:95:78:18:9e:01:af:
34:e6:e5:ac:f6:3e:b8:5c:9c:b1:27:fa:c4:83:2a:44:44:db:
ef:8b:73:e6:7e:65:85:57:3d:9d:97:ff:60:2d:bb:de:b7:01:
6e:d6:a9:7b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVur9RUZFHgQ4hkYNUtIw+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTg1YTBlOWQ5NzIzM2QwOGU5MTFmMTY3ZTkxODkxYjhlZjRkNWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHrP1IyCS7wRMFBWYhVIOOLNX61Y
qsb3wF2/D9YJL2ORejDvdzKean6adP3Di3uQG81JByK/6xKvhQlky5CcbJves7b3
5h1dmqR4jgqmXqUXcS1xPAVFNT8h5NP7Eca2fcI9bCaS3oreVQsXTOuLlw7YChcE
RtJ5SXdF6hMHZQ979DaqKhEA7xsGjlEkeKMtb3UDLDzb/Qsg2cJa2c/sWbsUefXC
QLghiz+nO5xN2JcI/hIExlg8NZQb99ZXwP5Hhm2fiLjFwza6LAhGmfjPDanxkQpn
mI0dRnSeopp2N7Mux2BzE3PaUr4Z3NF1M7OpO+iKY8cayRxHTnA3begQvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHWFoOnZcjPQjpEfFn6RiRuO9NXAMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZFlXZzZkbHlNOUNPa1I4V2ZwR0pHNDcwMWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCAzAwQA
VCDVAwQAVCDYAwQAWNjeMA0GCSqGSIb3DQEBCwUAA4IBAQBzZDH6yjDPHbmJ9xhI
0HvLbD1pEbuhfSUkxxtq6nkbsUk3XrZ3xf3OQxXMxU9k1g1CGX39yEprZoCyKcbF
MVR4c0gGiEBabJHdriJof/O/Qf9pVD1jwvi4ddGGAzjAnPT0dIFQxfek2W1cMACU
yFQJnD0h6tmnw7vdRjq5/4MFc2RPOoFZXTdve/uRGpdVvgm13VvbkzhUEfu40tXJ
e+q9GoUbp/qAoMxtJcZtymob9Lsx3ZHoTIyMu2PoplPvXLVilNht5jLv5uWygsX9
MA28N5+VeBieAa805uWs9j64XJyxJ/rEgypERNvvi3PmfmWFVz2dl/9gLbvetwFu
1ql7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:31 2023 by rpki-client on console-ams.rpki-client.org