Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/j-d4cmLjbcMfioMXMNBwvRw_hrg.roa
File: j-d4cmLjbcMfioMXMNBwvRw_hrg.roa (raw, json)
Hash identifier: MStK4+jKDt8SA1Fe1SK/wv8/CdMpYa7zgFp0l6zp/VI=
Subject key identifier: 8F:E7:78:72:62:E3:6D:C3:1F:8A:83:17:30:D0:70:BD:1C:3F:86:B8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185F3EBB3CF62507B0DA63975056189798F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/j-d4cmLjbcMfioMXMNBwvRw_hrg.roa
Signing time: Fri 27 Jan 2023 15:49:48 +0000
ROA not before: Fri 27 Jan 2023 15:49:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 84.32.217.0/24 maxlen: 24
84.32.106.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Feb 2023 17:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:eb:b3:cf:62:50:7b:0d:a6:39:75:05:61:89:79:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 27 15:49:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fe7787262e36dc31f8a831730d070bd1c3f86b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c0:ca:a7:34:68:f5:c4:28:45:cf:89:71:a5:
92:c5:de:28:cd:ed:cd:1a:8b:81:14:70:08:3c:84:
31:8d:a0:5e:ad:c3:f0:af:cf:af:56:3e:c6:22:99:
cb:3f:3f:b1:3a:e9:75:87:79:cd:bf:44:7b:9e:e5:
78:da:ea:f9:9d:60:6f:79:3c:74:4c:5d:d5:d6:ae:
de:e7:37:c0:22:3d:23:a4:9f:3f:f0:54:9d:70:62:
64:1d:de:90:79:03:c9:60:da:62:eb:3a:37:72:ba:
4c:da:1a:ac:0c:0a:9b:47:2d:9b:b4:69:e1:9a:79:
0e:db:a2:c2:c5:ac:32:25:ea:5c:a3:36:6d:0b:11:
79:a2:09:a2:42:e6:21:9a:20:db:54:8a:cc:f0:6e:
a6:17:28:3d:60:5f:ff:d1:41:95:60:c2:fd:4f:f2:
46:05:c6:f1:9c:66:4c:c6:03:4a:2c:64:60:85:9a:
8a:8b:fc:2e:68:17:be:2f:7b:3b:08:76:a2:5e:10:
94:e5:4e:a7:9e:07:ae:6b:a7:09:f9:db:5e:38:8d:
47:39:8c:c4:2f:75:20:7f:7b:1e:da:f0:9d:21:33:
ad:95:82:e7:80:ac:46:1a:42:b3:6c:a0:3e:a0:1c:
15:a0:ae:34:60:7e:44:e3:ca:73:86:fe:0d:44:24:
37:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E7:78:72:62:E3:6D:C3:1F:8A:83:17:30:D0:70:BD:1C:3F:86:B8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/j-d4cmLjbcMfioMXMNBwvRw_hrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.106.0/24
84.32.217.0/24
84.32.240.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:99:19:c5:53:f3:6e:67:ef:7b:85:33:54:0a:c1:22:e3:5f:
f5:1d:e6:c1:5a:eb:83:b8:ab:54:31:0e:54:d8:0b:7c:8a:b8:
14:a9:fa:e5:0c:c6:f1:67:2f:87:4c:32:1d:f4:9c:01:7b:fe:
3d:8a:ad:03:f8:03:31:89:fb:f8:76:15:f0:f4:51:58:e0:ef:
75:5c:0a:28:eb:87:58:3a:06:a4:54:32:b9:04:cd:de:cc:d2:
6e:49:9a:15:1b:75:0c:9c:4e:39:6f:01:f1:c3:31:b5:91:47:
c5:c5:96:f6:00:f2:55:31:29:c0:41:2f:2e:98:b9:08:45:79:
55:11:57:c9:e1:b2:ff:39:bb:03:b5:f7:b6:be:bb:b4:c8:ba:
3a:1e:0e:ee:58:9e:23:7e:4f:f0:3f:43:f4:35:b3:a8:57:b9:
fb:14:18:53:ca:14:b9:3b:cb:0e:50:90:0c:0e:bc:41:b9:f1:
3c:6a:05:de:e8:51:e1:d9:97:91:21:5e:b5:c2:71:19:c7:60:
2c:fc:0b:9a:8f:80:e2:e2:d4:12:34:66:f8:5e:a0:11:35:52:
54:af:41:26:2a:e0:6d:03:c4:3e:a7:5b:78:05:b9:59:2e:ae:
56:12:98:d2:cd:3d:80:f2:2b:ad:69:1d:13:ec:3a:a9:5d:10:
c0:b0:d9:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXz67PPYlB7DaY5dQVhiXmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTI3MTU0OTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmU3Nzg3MjYyZTM2ZGMzMWY4YTgzMTczMGQwNzBiZDFjM2Y4NmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMDKpzRo9cQoRc+JcaWSxd4oze3N
GouBFHAIPIQxjaBercPwr8+vVj7GIpnLPz+xOul1h3nNv0R7nuV42ur5nWBveTx0
TF3V1q7e5zfAIj0jpJ8/8FSdcGJkHd6QeQPJYNpi6zo3crpM2hqsDAqbRy2btGnh
mnkO26LCxawyJepcozZtCxF5ogmiQuYhmiDbVIrM8G6mFyg9YF//0UGVYML9T/JG
BcbxnGZMxgNKLGRghZqKi/wuaBe+L3s7CHaiXhCU5U6nngeua6cJ+dteOI1HOYzE
L3Ugf3se2vCdITOtlYLngKxGGkKzbKA+oBwVoK40YH5E48pzhv4NRCQ3VQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI/neHJi423DH4qDFzDQcL0cP4a4MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvai1kNGNtTGpiY01maW9NWE1OQnd2UndfaHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCBqAwQA
VCDZAwQAVCDwMA0GCSqGSIb3DQEBCwUAA4IBAQA8mRnFU/NuZ+97hTNUCsEi41/1
HebBWuuDuKtUMQ5U2At8irgUqfrlDMbxZy+HTDId9JwBe/49iq0D+AMxifv4dhXw
9FFY4O91XAoo64dYOgakVDK5BM3ezNJuSZoVG3UMnE45bwHxwzG1kUfFxZb2APJV
MSnAQS8umLkIRXlVEVfJ4bL/ObsDtfe2vru0yLo6Hg7uWJ4jfk/wP0P0NbOoV7n7
FBhTyhS5O8sOUJAMDrxBufE8agXe6FHh2ZeRIV61wnEZx2As/Auaj4Di4tQSNGb4
XqARNVJUr0EmKuBtA8Q+p1t4BblZLq5WEpjSzT2A8iutaR0T7DqpXRDAsNmS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:35 2024 by rpki-client on console-fra.rpki-client.org