Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mer0KBuLda4y2MBvD5Mcb-1p_fE.roa
File: mer0KBuLda4y2MBvD5Mcb-1p_fE.roa (raw, json)
Hash identifier: aUMwq+RRO8Msfm+4FrGy4xyVgQCWm06jeyG00rf+RTk=
Subject key identifier: 99:EA:F4:28:1B:8B:75:AE:32:D8:C0:6F:0F:93:1C:6F:ED:69:FD:F1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018B4E9C1F561568BEFD5F3A81031093E8FA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mer0KBuLda4y2MBvD5Mcb-1p_fE.roa
Signing time: Fri 20 Oct 2023 19:42:16 +0000
ROA not before: Fri 20 Oct 2023 19:42:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201364
IP address blocks: 84.32.220.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4e:9c:1f:56:15:68:be:fd:5f:3a:81:03:10:93:e8:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 20 19:42:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99eaf4281b8b75ae32d8c06f0f931c6fed69fdf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:09:ab:3f:6d:85:ba:e9:b4:35:86:93:41:0e:
65:8e:56:62:8f:19:8c:c4:24:9e:c3:fb:74:a7:58:
fb:04:f3:cc:b8:97:2a:cd:29:23:7b:9f:23:b4:b2:
64:7e:41:d7:06:a8:02:30:71:1b:c7:41:f6:5a:69:
fb:66:f6:d9:ce:f9:c7:52:97:25:84:65:0b:7e:41:
81:3b:f6:19:1a:e0:f5:fb:ff:b2:f0:27:8c:14:10:
d9:39:7b:8a:20:06:ba:cb:b3:9a:32:c5:4c:5e:65:
9d:50:40:96:98:cf:a5:fd:fb:fa:16:cc:ff:65:ae:
1c:eb:25:b2:c6:01:b8:7e:37:88:f3:1e:99:d5:a4:
e7:56:6e:76:12:5d:f4:65:e3:dd:fc:3e:6b:2e:19:
80:ba:37:3f:83:40:dd:26:46:ec:43:9b:93:95:42:
1c:6b:eb:91:2a:01:09:10:ab:5d:f6:ea:b1:96:fd:
43:8b:49:e7:db:45:ae:bd:c3:65:ad:86:00:b0:63:
f1:ba:ff:a8:b2:b8:36:00:2f:2f:3e:80:e0:c6:6b:
b6:a1:4f:ce:25:85:5a:5e:7a:bc:75:6c:52:be:8b:
b1:67:23:de:d2:8f:32:83:f7:16:13:37:93:0b:64:
a7:ed:da:cc:66:40:95:b3:57:29:e3:35:cb:0b:6a:
f1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:EA:F4:28:1B:8B:75:AE:32:D8:C0:6F:0F:93:1C:6F:ED:69:FD:F1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mer0KBuLda4y2MBvD5Mcb-1p_fE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.220.0/24
84.32.231.0/24
Signature Algorithm: sha256WithRSAEncryption
75:fe:75:92:2c:69:35:a1:c2:1a:d9:7f:37:27:f3:99:53:3f:
a6:58:e2:31:6b:5b:45:e0:ca:7b:6a:58:2b:ca:02:a7:87:74:
50:48:db:d1:9d:0b:a3:79:cd:7e:46:29:09:d0:b2:9d:20:e3:
e0:e3:12:b2:7e:5d:5f:47:2c:53:78:ae:52:ea:d0:ad:cc:53:
30:d0:65:09:6d:bf:d7:64:94:c6:02:bc:8b:54:2b:e4:ef:34:
f2:d3:e3:0f:2f:c6:8f:4d:92:78:e4:42:d5:5a:d7:06:ea:7c:
52:5a:e9:90:52:a3:92:2a:ee:6e:2a:73:dc:2a:26:a4:4d:00:
3b:85:d4:2a:90:54:f1:ad:2b:0f:09:8c:5f:57:83:54:99:72:
56:b4:95:be:2c:25:85:97:49:44:45:28:24:4f:3d:cd:c3:cd:
7a:91:4c:9a:3d:7e:07:fe:3f:28:87:4f:5c:2d:a8:ff:7c:8c:
ad:af:cf:94:2b:19:08:cc:c4:0c:21:57:38:ca:fe:c2:e6:64:
5e:23:c9:0e:23:df:29:3e:30:75:ab:c7:05:09:c5:f7:1f:02:
59:bf:dc:a6:b1:0e:69:29:e9:29:59:7a:53:58:58:7f:7a:f1:
88:b5:95:24:25:79:4f:d3:8f:77:9d:6a:c8:3f:a8:09:b1:bb:
f6:f3:bd:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtOnB9WFWi+/V86gQMQk+j6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDIwMTk0MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWVhZjQyODFiOGI3NWFlMzJkOGMwNmYwZjkzMWM2ZmVkNjlmZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgmrP22Fuum0NYaTQQ5ljlZijxmM
xCSew/t0p1j7BPPMuJcqzSkje58jtLJkfkHXBqgCMHEbx0H2Wmn7ZvbZzvnHUpcl
hGULfkGBO/YZGuD1+/+y8CeMFBDZOXuKIAa6y7OaMsVMXmWdUECWmM+l/fv6Fsz/
Za4c6yWyxgG4fjeI8x6Z1aTnVm52El30ZePd/D5rLhmAujc/g0DdJkbsQ5uTlUIc
a+uRKgEJEKtd9uqxlv1Di0nn20WuvcNlrYYAsGPxuv+osrg2AC8vPoDgxmu2oU/O
JYVaXnq8dWxSvouxZyPe0o8yg/cWEzeTC2Sn7drMZkCVs1cp4zXLC2rxIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJnq9Cgbi3WuMtjAbw+THG/taf3xMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbWVyMEtCdUxkYTR5Mk1CdkQ1TWNiLTFwX2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCDcAwQA
VCDnMA0GCSqGSIb3DQEBCwUAA4IBAQB1/nWSLGk1ocIa2X83J/OZUz+mWOIxa1tF
4Mp7algrygKnh3RQSNvRnQujec1+RikJ0LKdIOPg4xKyfl1fRyxTeK5S6tCtzFMw
0GUJbb/XZJTGAryLVCvk7zTy0+MPL8aPTZJ45ELVWtcG6nxSWumQUqOSKu5uKnPc
KiakTQA7hdQqkFTxrSsPCYxfV4NUmXJWtJW+LCWFl0lERSgkTz3Nw816kUyaPX4H
/j8oh09cLaj/fIytr8+UKxkIzMQMIVc4yv7C5mReI8kOI98pPjB1q8cFCcX3HwJZ
v9ymsQ5pKekpWXpTWFh/evGItZUkJXlP0493nWrIP6gJsbv28703
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org