Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fh66LcqX47PmR_p5aSFHIdVYo6A.roa
File: fh66LcqX47PmR_p5aSFHIdVYo6A.roa (raw, json)
Hash identifier: MJYyfYtCKaexTA5iHEcNdmrC5uzrORhs7J0U5fzXV3E=
Subject key identifier: 7E:1E:BA:2D:CA:97:E3:B3:E6:47:FA:79:69:21:47:21:D5:58:A3:A0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826AE357F0B0B420048C1F1F7AE8338
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fh66LcqX47PmR_p5aSFHIdVYo6A.roa
Signing time: Thu 02 Jan 2025 17:53:31 +0000
ROA not before: Thu 02 Jan 2025 17:53:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 84.32.59.0/24 maxlen: 24
84.32.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Mar 2025 19:16:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:ae:35:7f:0b:0b:42:00:48:c1:f1:f7:ae:83:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e1eba2dca97e3b3e647fa7969214721d558a3a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9b:4a:37:a0:75:76:43:dd:bd:68:a7:0e:eb:
d1:95:0a:e6:46:e8:c9:07:61:64:02:68:d6:1d:02:
fc:4f:97:86:2d:fe:3e:e5:61:fd:6f:24:bd:1f:ef:
f7:4d:5f:c5:a5:6f:10:04:d4:8b:7b:c8:76:03:5d:
57:7c:f9:94:82:37:94:b3:a0:ad:dd:f5:b0:ae:b0:
f7:8a:dc:a2:69:78:5d:29:64:50:00:a9:75:4b:db:
06:72:16:e3:f3:69:60:76:73:40:2d:2e:93:8c:1a:
ab:1a:da:78:18:3e:03:c3:bf:2e:aa:28:23:39:c2:
9f:1f:dc:0c:32:a2:45:d6:4e:b6:80:41:f8:a9:98:
0a:aa:6f:5b:b0:1c:cd:6c:a9:6e:34:d0:37:e2:ed:
14:53:80:2b:66:56:43:1b:43:9d:10:4f:02:16:73:
57:01:15:30:81:42:1d:12:1f:47:f9:ed:f8:3a:db:
0c:5a:49:34:ed:39:c5:70:22:78:f6:0d:5a:63:b3:
bf:bb:14:3b:4c:1a:3f:4e:22:66:bd:51:75:18:6d:
ee:02:68:f4:78:d8:dd:9f:17:e3:2a:91:35:91:26:
f9:72:0d:ed:d3:70:27:19:32:10:84:5b:b1:80:39:
9b:64:16:8a:c8:f9:56:a5:53:12:7d:b6:12:08:a0:
b2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1E:BA:2D:CA:97:E3:B3:E6:47:FA:79:69:21:47:21:D5:58:A3:A0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fh66LcqX47PmR_p5aSFHIdVYo6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.59.0/24
84.32.63.0/24
Signature Algorithm: sha256WithRSAEncryption
36:75:0f:6b:95:24:8f:bc:37:16:66:da:2b:87:9f:1c:90:34:
ce:c0:6e:4a:4e:58:da:e4:0b:30:6a:31:af:76:24:f4:b4:37:
bc:63:dd:7a:19:9c:4d:bd:81:5c:09:d7:12:6d:27:99:a9:6f:
bf:7d:bd:29:b5:f1:58:e9:4c:ca:84:a6:91:0a:b0:3a:82:34:
a0:8e:6a:2f:c9:89:09:66:f4:6a:c3:87:ec:d5:22:09:d4:b9:
80:e6:23:88:31:45:5d:21:c8:1c:14:bf:b6:bd:52:67:e8:b8:
83:4b:d1:0b:a0:13:6f:ba:e8:fa:91:f6:1c:22:35:1e:29:1c:
b2:f5:90:dc:52:67:78:fa:29:ec:55:21:8d:eb:42:e4:b5:27:
60:c8:8b:ee:f0:7b:4c:e6:7d:99:f9:9d:84:41:22:d7:bf:65:
61:49:ef:bc:3d:21:ad:56:ea:61:86:01:91:b7:46:0e:52:c3:
75:05:fc:d1:31:f3:b2:e6:61:80:4c:82:a0:37:cc:e1:eb:2d:
76:b1:e7:f1:54:27:5b:77:66:bb:cf:f2:27:30:04:fc:fb:d1:
45:8a:bb:81:ed:84:56:16:bf:40:7d:f2:a6:ed:58:0e:c3:1d:
f3:f4:c9:8a:ae:91:8b:48:3d:1b:86:5b:1c:c2:17:d0:ec:c1:
3e:31:11:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJq41fwsLQgBIwfH3roM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTFlYmEyZGNhOTdlM2IzZTY0N2ZhNzk2OTIxNDcyMWQ1NThhM2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5tKN6B1dkPdvWinDuvRlQrmRujJ
B2FkAmjWHQL8T5eGLf4+5WH9byS9H+/3TV/FpW8QBNSLe8h2A11XfPmUgjeUs6Ct
3fWwrrD3ityiaXhdKWRQAKl1S9sGchbj82lgdnNALS6TjBqrGtp4GD4Dw78uqigj
OcKfH9wMMqJF1k62gEH4qZgKqm9bsBzNbKluNNA34u0UU4ArZlZDG0OdEE8CFnNX
ARUwgUIdEh9H+e34OtsMWkk07TnFcCJ49g1aY7O/uxQ7TBo/TiJmvVF1GG3uAmj0
eNjdnxfjKpE1kSb5cg3t03AnGTIQhFuxgDmbZBaKyPlWpVMSfbYSCKCyXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH4eui3Kl+Oz5kf6eWkhRyHVWKOgMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZmg2NkxjcVg0N1BtUl9wNWFTRkhJZFZZbzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCA7AwQA
VCA/MA0GCSqGSIb3DQEBCwUAA4IBAQA2dQ9rlSSPvDcWZtorh58ckDTOwG5KTlja
5AswajGvdiT0tDe8Y916GZxNvYFcCdcSbSeZqW+/fb0ptfFY6UzKhKaRCrA6gjSg
jmovyYkJZvRqw4fs1SIJ1LmA5iOIMUVdIcgcFL+2vVJn6LiDS9ELoBNvuuj6kfYc
IjUeKRyy9ZDcUmd4+insVSGN60LktSdgyIvu8HtM5n2Z+Z2EQSLXv2VhSe+8PSGt
VuphhgGRt0YOUsN1BfzRMfOy5mGATIKgN8zh6y12sefxVCdbd2a7z/InMAT8+9FF
iruB7YRWFr9AffKm7VgOwx3z9MmKrpGLSD0bhlscwhfQ7ME+MRF1
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:08:12 2025 by rpki-client