Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/kfrHrDoBM35wxI_vWkNcxnGYIz0.roa
File: kfrHrDoBM35wxI_vWkNcxnGYIz0.roa (raw, json)
Hash identifier: roy7Q5Kkq0CEqmjCyb04FsFYsqDlF/fMDKJpTwSShHw=
Subject key identifier: 91:FA:C7:AC:3A:01:33:7E:70:C4:8F:EF:5A:43:5C:C6:71:98:23:3D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0189867A43E9D366C1E114994DD40DEEAFA2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/kfrHrDoBM35wxI_vWkNcxnGYIz0.roa
Signing time: Mon 24 Jul 2023 05:58:26 +0000
ROA not before: Mon 24 Jul 2023 05:58:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 84.32.208.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:86:7a:43:e9:d3:66:c1:e1:14:99:4d:d4:0d:ee:af:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 24 05:58:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91fac7ac3a01337e70c48fef5a435cc67198233d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7e:e4:0f:a4:ba:6c:e6:bb:dc:0a:30:16:76:
a2:7f:4e:59:ef:44:b2:da:8f:e9:ac:ce:a8:d2:ec:
23:d3:a7:08:b0:d6:7a:3b:d6:34:48:02:e7:2d:88:
aa:ba:3f:ad:80:a9:38:64:91:3f:08:62:1e:16:cb:
51:68:73:58:4b:aa:cc:24:76:d6:f3:11:40:52:7d:
24:e9:d0:1c:8c:f8:e7:6e:f0:62:1c:43:75:38:6d:
bf:51:e5:75:12:7f:b5:ff:e6:7e:af:51:e9:11:d4:
3d:b5:65:6a:e4:a5:12:8a:20:51:b5:63:d8:b5:b2:
0c:26:ce:2e:4f:d3:4c:fd:ce:cf:1a:1a:17:dc:ae:
73:69:7d:ff:f7:9f:71:cb:0b:9c:26:7a:b3:e2:9b:
2f:f5:f2:38:18:26:8d:d1:64:bf:63:54:01:e0:b5:
14:06:cd:80:5f:6e:ae:c6:06:87:71:db:1b:14:92:
25:40:c7:90:3b:1b:df:81:78:b2:5d:0e:c4:75:19:
59:b1:bb:0d:03:6f:b4:1c:81:c6:21:3d:72:1b:f4:
46:a4:bf:15:92:e4:27:e2:7c:a3:59:38:ca:56:7a:
4c:ed:02:27:c2:33:00:57:64:83:65:43:fb:9a:a3:
b6:4c:78:14:af:86:07:7c:5a:31:48:b1:ff:c4:9e:
8f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FA:C7:AC:3A:01:33:7E:70:C4:8F:EF:5A:43:5C:C6:71:98:23:3D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/kfrHrDoBM35wxI_vWkNcxnGYIz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.208.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:67:c7:d5:87:fd:16:af:13:12:91:77:7c:93:bf:aa:ec:1c:
c6:55:1f:72:3b:53:b0:7b:17:14:6c:00:6e:03:7b:db:65:ad:
5f:75:e4:84:19:40:a7:15:df:c4:36:bc:64:bd:04:f4:c2:af:
d3:0a:6a:30:b0:c4:51:3a:b3:c8:e1:95:43:1a:fc:90:24:03:
e8:55:77:11:07:cd:6b:5d:bb:1c:67:51:af:64:21:52:e3:f8:
d0:f6:1c:f3:bb:a4:8a:18:d2:10:70:08:6b:e2:19:58:4f:5c:
4e:1e:b8:78:fd:fa:7d:ad:ad:75:97:e8:8c:e3:67:f5:a4:b3:
9c:a2:1c:39:3b:0c:b1:07:cc:21:37:49:b5:b5:81:6b:f3:ba:
d7:6c:d9:23:61:09:e3:bc:c9:7f:4a:f9:92:23:41:7f:de:7c:
42:7c:9a:e1:67:8d:09:63:98:84:52:6f:94:10:57:38:37:63:
25:ad:00:d8:83:f7:81:6f:a0:ad:62:26:cb:c7:cd:a6:81:2c:
ff:96:f1:68:db:bd:80:89:71:e3:a6:9b:82:a9:11:e7:6d:39:
24:06:61:f3:b9:67:4c:1a:b0:fb:be:20:c8:dd:75:f7:48:ba:
69:4d:62:a7:93:ad:fa:d1:6d:8d:ca:13:85:34:d8:d3:1b:97:
e5:89:76:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmGekPp02bB4RSZTdQN7q+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNzI0MDU1ODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWZhYzdhYzNhMDEzMzdlNzBjNDhmZWY1YTQzNWNjNjcxOTgyMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj37kD6S6bOa73AowFnaif05Z70Sy
2o/prM6o0uwj06cIsNZ6O9Y0SALnLYiquj+tgKk4ZJE/CGIeFstRaHNYS6rMJHbW
8xFAUn0k6dAcjPjnbvBiHEN1OG2/UeV1En+1/+Z+r1HpEdQ9tWVq5KUSiiBRtWPY
tbIMJs4uT9NM/c7PGhoX3K5zaX3/959xywucJnqz4psv9fI4GCaN0WS/Y1QB4LUU
Bs2AX26uxgaHcdsbFJIlQMeQOxvfgXiyXQ7EdRlZsbsNA2+0HIHGIT1yG/RGpL8V
kuQn4nyjWTjKVnpM7QInwjMAV2SDZUP7mqO2THgUr4YHfFoxSLH/xJ6PnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJH6x6w6ATN+cMSP71pDXMZxmCM9MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEva2ZySHJEb0JNMzV3eElfdldrTmN4bkdZSXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVCDQMA0G
CSqGSIb3DQEBCwUAA4IBAQBfZ8fVh/0WrxMSkXd8k7+q7BzGVR9yO1OwexcUbABu
A3vbZa1fdeSEGUCnFd/ENrxkvQT0wq/TCmowsMRROrPI4ZVDGvyQJAPoVXcRB81r
XbscZ1GvZCFS4/jQ9hzzu6SKGNIQcAhr4hlYT1xOHrh4/fp9ra11l+iM42f1pLOc
ohw5OwyxB8whN0m1tYFr87rXbNkjYQnjvMl/SvmSI0F/3nxCfJrhZ40JY5iEUm+U
EFc4N2MlrQDYg/eBb6CtYibLx82mgSz/lvFo272AiXHjppuCqRHnbTkkBmHzuWdM
GrD7viDI3XX3SLppTWKnk6360W2NyhOFNNjTG5fliXbZ
-----END CERTIFICATE-----
Generated at Mon Sep 18 05:33:48 2023 by rpki-client on console-fra.rpki-client.org