Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mCSKwH6324hFdkPQPrnqw2IK9d4.roa
File: mCSKwH6324hFdkPQPrnqw2IK9d4.roa (raw, json)
Hash identifier: maK0wC60u19D4gITaRGHeJ+NXbuAcOhFq1Xavd2Semk=
Subject key identifier: 98:24:8A:C0:7E:B7:DB:88:45:76:43:D0:3E:B9:EA:C3:62:0A:F5:DE
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01918DD9BD99649166524D72FEB3B25088FB
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mCSKwH6324hFdkPQPrnqw2IK9d4.roa
Signing time: Mon 26 Aug 2024 08:42:22 +0000
ROA not before: Mon 26 Aug 2024 08:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 84.32.9.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 05:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8d:d9:bd:99:64:91:66:52:4d:72:fe:b3:b2:50:88:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 26 08:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98248ac07eb7db88457643d03eb9eac3620af5de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:19:e8:b3:db:4e:5a:87:e3:b3:4d:a2:64:d8:
fc:2d:c5:d5:98:b1:61:33:61:ef:ea:ba:70:7b:79:
ba:16:0f:fe:b9:e1:47:64:52:3d:d4:ac:5f:fd:71:
a4:43:a6:e9:4b:39:01:d1:6a:71:44:8a:7e:71:3d:
38:60:bd:d2:12:78:c9:89:1b:fc:27:64:b0:83:7b:
1d:6c:84:79:42:02:05:97:de:6d:5e:72:d7:80:07:
49:11:3e:7d:56:bd:34:66:3d:81:45:c2:dd:55:49:
d8:ab:77:0a:05:7d:85:96:23:50:30:8c:e7:84:c2:
ae:84:42:c3:90:f5:48:8b:3d:93:11:4e:ac:a1:3e:
0c:77:7a:52:39:24:ee:88:e0:7c:1b:90:fe:10:82:
6b:0a:9e:81:3b:75:37:74:8f:ee:5f:e0:e8:38:5c:
9f:db:19:d3:cb:f7:3f:be:be:23:f6:e5:6d:bb:93:
b7:5a:93:a0:0a:52:89:8e:ec:42:d7:3f:0d:99:9d:
d9:fb:87:90:01:fb:ac:00:a6:54:83:87:91:88:f2:
27:de:b8:a2:5e:68:98:63:64:8d:d8:7d:01:c3:0f:
a9:37:d4:83:8f:e8:13:8a:47:2f:7d:c4:66:66:ab:
65:bf:d4:89:fa:a4:48:82:bd:d6:20:3a:ff:36:30:
8f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:24:8A:C0:7E:B7:DB:88:45:76:43:D0:3E:B9:EA:C3:62:0A:F5:DE
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mCSKwH6324hFdkPQPrnqw2IK9d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.9.0/24
84.32.39.0/24
Signature Algorithm: sha256WithRSAEncryption
23:bc:24:8f:f7:8e:f7:ea:96:52:cb:19:23:cc:1c:95:6c:2c:
da:ff:67:9a:51:86:29:c5:30:c0:3c:9f:5c:f0:c8:72:fc:01:
cb:dc:b2:50:0d:f8:2e:4a:a7:f5:36:c7:d1:79:a4:be:c7:89:
4b:18:f9:49:dd:3b:13:7f:0f:9b:43:e9:b4:27:ce:57:00:70:
16:3a:9b:7b:63:51:dd:9a:87:ec:2e:ca:a0:b0:ca:5d:bb:a5:
5a:09:f6:e1:20:0b:9b:de:0a:46:1a:05:2b:dd:da:8f:d6:de:
15:f5:2a:81:cd:21:ff:8f:be:5c:f0:3f:d6:07:80:65:23:cc:
d8:4f:26:c1:b8:c1:9e:7a:51:10:0a:2f:3e:ff:e1:83:8c:6f:
15:bf:03:1c:4c:1e:e6:82:f6:ea:05:19:f6:8e:41:4b:65:c2:
69:2f:7d:ef:d6:22:7e:f8:2e:f4:05:22:e5:44:f3:31:8c:dd:
ae:96:c0:a4:cb:81:25:92:ae:c1:59:8f:65:77:64:ee:c0:b5:
01:39:81:f6:52:29:86:e7:72:c5:29:1a:cb:72:68:8e:12:3a:
82:c6:83:38:54:3e:5f:84:0f:4a:c1:6e:45:ac:53:4d:f0:54:
20:78:ba:45:ef:92:1c:ae:8d:fc:cd:5b:38:a4:17:a3:61:0a:
cf:53:ff:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGN2b2ZZJFmUk1y/rOyUIj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwODI2MDg0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODI0OGFjMDdlYjdkYjg4NDU3NjQzZDAzZWI5ZWFjMzYyMGFmNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Bnos9tOWofjs02iZNj8LcXVmLFh
M2Hv6rpwe3m6Fg/+ueFHZFI91Kxf/XGkQ6bpSzkB0WpxRIp+cT04YL3SEnjJiRv8
J2Swg3sdbIR5QgIFl95tXnLXgAdJET59Vr00Zj2BRcLdVUnYq3cKBX2FliNQMIzn
hMKuhELDkPVIiz2TEU6soT4Md3pSOSTuiOB8G5D+EIJrCp6BO3U3dI/uX+DoOFyf
2xnTy/c/vr4j9uVtu5O3WpOgClKJjuxC1z8NmZ3Z+4eQAfusAKZUg4eRiPIn3rii
XmiYY2SN2H0Bww+pN9SDj+gTikcvfcRmZqtlv9SJ+qRIgr3WIDr/NjCP6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJgkisB+t9uIRXZD0D656sNiCvXeMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbUNTS3dINjMyNGhGZGtQUVBybnF3MklLOWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAJAwQA
VCAnMA0GCSqGSIb3DQEBCwUAA4IBAQAjvCSP94736pZSyxkjzByVbCza/2eaUYYp
xTDAPJ9c8Mhy/AHL3LJQDfguSqf1NsfReaS+x4lLGPlJ3TsTfw+bQ+m0J85XAHAW
Opt7Y1HdmofsLsqgsMpdu6VaCfbhIAub3gpGGgUr3dqP1t4V9SqBzSH/j75c8D/W
B4BlI8zYTybBuMGeelEQCi8+/+GDjG8VvwMcTB7mgvbqBRn2jkFLZcJpL33v1iJ+
+C70BSLlRPMxjN2ulsCky4Elkq7BWY9ld2TuwLUBOYH2UimG53LFKRrLcmiOEjqC
xoM4VD5fhA9KwW5FrFNN8FQgeLpF75Icro38zVs4pBejYQrPU/+2
-----END CERTIFICATE-----
Generated at Mon Sep 30 07:43:54 2024 by rpki-client on console-fra.rpki-client.org