Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lw9BxtjHIocpiTozlxbdmylkXhU.roa
File: lw9BxtjHIocpiTozlxbdmylkXhU.roa (raw, json)
Hash identifier: jO+yxYYfhnL/8fSIdeQlOLDn2SN04qNWxQlzjEdZNlk=
Subject key identifier: 97:0F:41:C6:D8:C7:22:87:29:89:3A:33:97:16:DD:9B:29:64:5E:15
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018856FBD67DD0BFBB702EC5E1AD6B2C9571
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lw9BxtjHIocpiTozlxbdmylkXhU.roa
Signing time: Fri 26 May 2023 07:35:24 +0000
ROA not before: Fri 26 May 2023 07:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 84.32.208.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.27.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:56:fb:d6:7d:d0:bf:bb:70:2e:c5:e1:ad:6b:2c:95:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 26 07:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=970f41c6d8c7228729893a339716dd9b29645e15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:26:86:c5:50:11:ba:42:62:c2:24:22:a7:c4:
72:f8:18:1f:0a:c5:ee:5f:00:22:45:d7:d0:d4:29:
fd:5d:f2:61:e3:ae:e2:37:8a:30:f2:5b:64:94:e6:
c2:a8:5b:ad:da:70:63:3d:bf:a6:22:c4:f7:c1:22:
53:30:1b:c3:d3:69:1e:48:bb:df:bd:59:c5:f8:37:
93:29:1a:99:7d:d2:3f:c0:d4:7a:ca:74:ab:88:bd:
a8:69:8b:35:3f:93:20:29:39:ac:64:4d:ab:c8:04:
27:ed:7a:20:f7:df:99:8c:33:39:cb:f1:db:ff:50:
f3:84:2f:78:89:c0:85:07:df:36:39:1f:b2:91:29:
6c:17:ef:6f:89:f9:1a:17:be:d2:ce:54:29:9f:e2:
32:c4:d9:63:8a:52:b9:44:c3:b5:5c:c5:e8:0c:d6:
5f:30:d6:a8:6d:5f:c6:2d:97:00:8d:5d:4f:28:cc:
e0:4d:e5:ab:a4:18:cf:46:37:20:8d:f2:d8:86:c2:
6e:1f:61:6a:29:08:4c:1e:49:84:a3:cb:cc:36:cb:
6b:c0:cc:f0:71:a3:88:6f:8a:c3:b7:2c:00:d7:89:
0f:4b:21:ed:c7:52:97:6f:55:e3:b7:d2:5e:2b:8f:
c5:98:e1:3e:ee:9d:27:0f:ce:96:96:53:96:03:9e:
ed:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:0F:41:C6:D8:C7:22:87:29:89:3A:33:97:16:DD:9B:29:64:5E:15
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lw9BxtjHIocpiTozlxbdmylkXhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.27.0/24
84.32.208.0/23
84.32.246.0/23
Signature Algorithm: sha256WithRSAEncryption
21:ce:a7:a3:e7:4d:7c:e0:c8:b6:1f:43:70:35:74:8a:e2:c3:
81:c0:68:e4:6f:0a:13:3e:38:b4:36:69:1b:eb:8f:59:f4:3e:
df:e6:e5:00:6c:9b:e7:c7:2a:07:9a:5b:4e:e1:1f:3d:d3:09:
e7:2c:c4:28:52:c0:e0:95:12:4f:96:cf:e9:47:f7:6d:7e:a7:
33:f7:0a:14:1a:06:62:2e:71:35:d1:de:a5:a4:2a:8f:4a:3f:
7a:ad:30:46:21:2e:30:ec:b5:ec:b7:00:e0:d2:d1:7f:f7:37:
3e:1b:a0:42:15:8a:3c:d3:89:0c:bb:5e:5c:18:d6:9a:d4:7d:
fe:ba:10:51:49:a5:39:08:07:7d:ed:5f:fb:60:f5:9b:f1:51:
49:ef:a0:ab:0f:c9:d2:0c:61:16:41:5b:9d:eb:7e:61:49:4a:
96:68:34:01:29:05:d9:d7:a5:4f:2c:e1:a6:c7:88:4f:99:1e:
50:89:8c:49:8d:b8:2f:b0:20:f4:df:f3:1a:8b:c6:43:7f:7d:
40:7e:e8:6d:08:c4:78:ab:12:55:5e:bc:fa:04:fe:5b:a9:df:
7b:e5:91:75:62:99:5d:04:b9:52:da:d6:fb:25:94:f1:9c:88:
67:42:94:1e:bf:e1:1e:f5:5f:63:8d:ce:26:bb:0d:84:35:0f:
b7:a3:30:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhW+9Z90L+7cC7F4a1rLJVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTI2MDczNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzBmNDFjNmQ4YzcyMjg3Mjk4OTNhMzM5NzE2ZGQ5YjI5NjQ1ZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriaGxVARukJiwiQip8Ry+BgfCsXu
XwAiRdfQ1Cn9XfJh467iN4ow8ltklObCqFut2nBjPb+mIsT3wSJTMBvD02keSLvf
vVnF+DeTKRqZfdI/wNR6ynSriL2oaYs1P5MgKTmsZE2ryAQn7Xog99+ZjDM5y/Hb
/1DzhC94icCFB982OR+ykSlsF+9vifkaF77SzlQpn+IyxNljilK5RMO1XMXoDNZf
MNaobV/GLZcAjV1PKMzgTeWrpBjPRjcgjfLYhsJuH2FqKQhMHkmEo8vMNstrwMzw
caOIb4rDtywA14kPSyHtx1KXb1Xjt9JeK4/FmOE+7p0nD86WllOWA57tbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJcPQcbYxyKHKYk6M5cW3ZspZF4VMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbHc5Qnh0akhJb2NwaVRvemx4YmRteWxrWGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAbAwQB
VCDQAwQBVCD2MA0GCSqGSIb3DQEBCwUAA4IBAQAhzqej50184Mi2H0NwNXSK4sOB
wGjkbwoTPji0Nmkb649Z9D7f5uUAbJvnxyoHmltO4R890wnnLMQoUsDglRJPls/p
R/dtfqcz9woUGgZiLnE10d6lpCqPSj96rTBGIS4w7LXstwDg0tF/9zc+G6BCFYo8
04kMu15cGNaa1H3+uhBRSaU5CAd97V/7YPWb8VFJ76CrD8nSDGEWQVud635hSUqW
aDQBKQXZ16VPLOGmx4hPmR5QiYxJjbgvsCD03/Mai8ZDf31AfuhtCMR4qxJVXrz6
BP5bqd975ZF1YpldBLlS2tb7JZTxnIhnQpQev+Ee9V9jjc4muw2ENQ+3ozAv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-fra.rpki-client.org