Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ltuK86IYzDQjcPdUAZfPunNV1MU.roa
File: ltuK86IYzDQjcPdUAZfPunNV1MU.roa (raw, json)
Hash identifier: PqQYHGlVAQEVfkbfyI0VEoyZnsMyat+7XJfZ6w6cdVc=
Subject key identifier: 96:DB:8A:F3:A2:18:CC:34:23:70:F7:54:01:97:CF:BA:73:55:D4:C5
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018D9EE19BEE54B674D36D8EAD2ECE6224FA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ltuK86IYzDQjcPdUAZfPunNV1MU.roa
Signing time: Mon 12 Feb 2024 19:53:21 +0000
ROA not before: Mon 12 Feb 2024 19:53:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47721
IP address blocks: 84.32.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 10:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9e:e1:9b:ee:54:b6:74:d3:6d:8e:ad:2e:ce:62:24:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 12 19:53:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96db8af3a218cc342370f7540197cfba7355d4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1d:19:23:b2:0c:fb:ff:97:4a:b3:ab:64:f0:
e9:76:71:fb:6c:f1:60:e5:fc:7c:7e:a9:2c:95:9d:
1e:e6:63:ec:9f:a2:c0:97:e8:c7:6c:29:99:7d:a6:
58:b3:ef:fe:e2:8b:8b:4f:8e:07:a1:f9:e4:db:fe:
a4:31:46:88:e7:73:88:92:da:ed:de:a8:9a:b3:12:
78:8b:c1:c2:01:bc:db:aa:3d:f9:87:6a:7e:8d:52:
a5:34:65:c6:df:34:30:df:13:db:cc:c6:aa:a4:78:
7f:61:12:2f:9d:da:5c:30:95:5b:be:37:6a:1f:b9:
b4:4a:95:96:2c:c3:f6:6b:d0:a2:27:e4:aa:80:f7:
bd:19:89:1f:81:29:4c:ea:3c:e9:e2:86:26:ec:fc:
01:ee:e8:02:58:d5:4f:da:9c:62:a6:f7:dc:0a:3c:
8b:e5:e3:7b:62:3f:50:eb:fa:33:dc:ec:a5:64:dd:
2b:88:06:c5:da:37:ab:98:0c:6b:38:66:fc:93:c9:
1f:88:02:cc:39:b4:dd:44:d8:0b:03:da:c2:ed:fa:
86:2c:86:64:4b:7b:b8:10:a4:e7:02:83:9e:44:11:
b2:14:68:22:b8:5d:d0:ab:db:4f:2c:ab:80:bc:3d:
33:1a:16:91:39:b6:e4:1f:9a:2a:06:bf:21:98:66:
a6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:DB:8A:F3:A2:18:CC:34:23:70:F7:54:01:97:CF:BA:73:55:D4:C5
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ltuK86IYzDQjcPdUAZfPunNV1MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.25.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:32:60:df:27:e8:e9:10:7c:b2:37:b1:a5:19:02:5d:a6:b6:
58:e6:b7:2c:3d:fc:81:9f:bf:dd:67:82:e2:4b:72:ef:15:8f:
80:a5:f6:7b:8b:5b:ff:81:2a:bc:78:40:e7:0c:20:f8:04:e7:
46:7c:36:0e:9c:95:51:83:dd:97:65:d1:3a:d9:31:34:bc:89:
1f:34:a8:3e:76:28:64:85:65:74:9c:95:2b:ef:29:49:eb:93:
aa:a5:7a:30:3c:a0:6a:74:61:aa:9c:ea:4b:6e:72:5f:b9:e6:
62:c2:95:e3:a3:0d:ce:aa:eb:14:20:3c:f0:cf:de:49:87:84:
62:54:46:68:cb:d7:9a:1c:37:9d:cf:54:d2:b0:69:c3:11:29:
ab:1a:0e:d6:34:2b:47:8d:7a:0b:fc:2b:54:fa:74:77:37:48:
5d:1a:44:4b:99:ad:07:97:17:43:ab:2b:45:2b:31:a2:b9:6e:
fd:6b:f0:ab:e5:13:a9:30:99:19:fb:27:37:ee:2a:bf:d1:80:
ce:ef:13:0d:c5:c1:cd:68:f8:66:c8:79:0f:ed:95:e8:a9:bb:
7e:2c:05:7b:34:2b:1f:1d:31:78:0c:73:e6:28:d7:49:57:bf:
c7:6f:8a:d5:e4:0b:79:ea:31:e8:5d:df:c6:9c:53:4d:36:0a:
bc:4d:ff:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2e4ZvuVLZ0022OrS7OYiT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMjEyMTk1MzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmRiOGFmM2EyMThjYzM0MjM3MGY3NTQwMTk3Y2ZiYTczNTVkNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR0ZI7IM+/+XSrOrZPDpdnH7bPFg
5fx8fqkslZ0e5mPsn6LAl+jHbCmZfaZYs+/+4ouLT44Hofnk2/6kMUaI53OIktrt
3qiasxJ4i8HCAbzbqj35h2p+jVKlNGXG3zQw3xPbzMaqpHh/YRIvndpcMJVbvjdq
H7m0SpWWLMP2a9CiJ+SqgPe9GYkfgSlM6jzp4oYm7PwB7ugCWNVP2pxipvfcCjyL
5eN7Yj9Q6/oz3OylZN0riAbF2jermAxrOGb8k8kfiALMObTdRNgLA9rC7fqGLIZk
S3u4EKTnAoOeRBGyFGgiuF3Qq9tPLKuAvD0zGhaRObbkH5oqBr8hmGamXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJbbivOiGMw0I3D3VAGXz7pzVdTFMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbHR1Szg2SVl6RFFqY1BkVUFaZlB1bk5WMU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCAZMA0G
CSqGSIb3DQEBCwUAA4IBAQAPMmDfJ+jpEHyyN7GlGQJdprZY5rcsPfyBn7/dZ4Li
S3LvFY+ApfZ7i1v/gSq8eEDnDCD4BOdGfDYOnJVRg92XZdE62TE0vIkfNKg+dihk
hWV0nJUr7ylJ65OqpXowPKBqdGGqnOpLbnJfueZiwpXjow3OqusUIDzwz95Jh4Ri
VEZoy9eaHDedz1TSsGnDESmrGg7WNCtHjXoL/CtU+nR3N0hdGkRLma0HlxdDqytF
KzGiuW79a/Cr5ROpMJkZ+yc37iq/0YDO7xMNxcHNaPhmyHkP7ZXoqbt+LAV7NCsf
HTF4DHPmKNdJV7/Hb4rV5At56jHoXd/GnFNNNgq8Tf+i
-----END CERTIFICATE-----
Generated at Wed Mar 13 13:51:13 2024 by rpki-client on console-fra.rpki-client.org