Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oX-ZGU22tZeMaX7CPzSIPoLdF-g.roa
File: oX-ZGU22tZeMaX7CPzSIPoLdF-g.roa (raw, json)
Hash identifier: vMx76wICAbNZ4v0uw5dNa1z13jSJOFqv1UOo1ssVgNs=
Subject key identifier: A1:7F:99:19:4D:B6:B5:97:8C:69:7E:C2:3F:34:88:3E:82:DD:17:E8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018742D51B24D88332786D23F4523D70804B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oX-ZGU22tZeMaX7CPzSIPoLdF-g.roa
Signing time: Sun 02 Apr 2023 16:37:55 +0000
ROA not before: Sun 02 Apr 2023 16:37:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205570
IP address blocks: 84.32.59.0/24 maxlen: 24
84.32.90.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:42:d5:1b:24:d8:83:32:78:6d:23:f4:52:3d:70:80:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 2 16:37:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a17f99194db6b5978c697ec23f34883e82dd17e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:56:5b:e4:33:9e:a1:90:b7:3c:f5:49:db:31:
a2:d1:07:c8:e2:84:c5:35:a7:36:63:61:99:43:28:
a6:5a:30:b1:a3:2b:26:7b:0e:64:54:80:0c:a9:79:
16:b1:43:e9:b0:7c:7f:a8:24:50:50:a1:6b:4f:ef:
43:1f:5d:17:c0:2a:66:3c:a5:36:e6:5f:ae:7c:97:
ad:c0:cf:b5:ba:72:52:99:d3:27:fd:c0:16:3c:a5:
d9:21:68:e4:93:a1:ac:76:1e:96:8d:e5:41:ee:06:
f6:c1:77:9d:54:ff:6a:d8:a8:29:f3:74:57:f3:14:
00:e7:4d:45:3d:3f:35:16:c3:ee:de:7f:0f:70:7d:
1e:4a:68:bd:1a:dd:e5:75:dd:7c:f2:c2:1f:7d:88:
16:35:32:8a:54:4d:6a:52:4a:47:dc:2d:ae:af:3f:
08:cc:fd:12:f0:e2:21:3f:34:6f:1a:ee:ea:9a:8a:
1a:5f:26:f0:2d:f3:9d:26:2a:ee:06:eb:02:d6:0b:
bb:29:dc:06:39:90:75:00:9f:4f:5b:f3:a9:30:70:
ec:ee:0d:06:5c:f0:37:d4:00:a5:2c:f6:09:90:35:
45:20:2c:18:59:a5:dd:87:bc:42:77:4e:74:3c:3d:
4a:c9:c5:30:23:7f:ed:79:0c:3a:a5:c7:ee:2b:fb:
f3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7F:99:19:4D:B6:B5:97:8C:69:7E:C2:3F:34:88:3E:82:DD:17:E8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oX-ZGU22tZeMaX7CPzSIPoLdF-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.59.0/24
84.32.90.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:56:c1:9c:0b:3d:17:c8:98:27:c8:83:40:06:3e:c4:bf:d0:
97:d4:14:38:af:49:40:ce:15:9e:97:82:1e:75:7f:cf:46:99:
88:3c:5c:7f:3d:3b:52:fd:8f:b7:87:61:c4:be:99:c2:b5:14:
f2:3d:ed:26:6f:d9:2e:2f:81:5d:ea:33:00:56:90:5c:de:90:
d2:a2:48:82:4a:3c:a8:03:9b:91:e2:8b:6e:4f:65:35:9a:5e:
10:57:cb:d4:f0:40:93:82:23:39:8b:c7:c7:dc:e2:50:7c:39:
e7:1e:72:89:f9:c8:f7:78:fb:ce:27:42:57:51:a0:0c:13:18:
53:c0:d9:94:80:37:11:fb:37:05:d8:74:ac:fd:6e:9f:c2:19:
7e:7a:a4:13:5a:2b:1f:a8:2f:be:70:1f:3c:8f:3b:31:76:fd:
60:0c:31:0b:62:db:5c:82:d3:8f:23:30:55:a0:7f:63:1d:ff:
9d:25:63:fb:3b:09:9a:c0:19:5c:e3:26:e9:c9:fd:09:60:2b:
f5:c1:01:95:cb:a7:c4:29:35:c7:55:f3:50:0f:04:ae:30:32:
a5:97:9c:7e:47:06:aa:31:d3:aa:70:68:55:48:6f:6e:42:89:
16:f6:43:26:90:5c:f7:1f:83:b3:3d:8b:dd:4b:b6:e6:88:ab:
cc:1a:6f:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdC1Rsk2IMyeG0j9FI9cIBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDAyMTYzNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTdmOTkxOTRkYjZiNTk3OGM2OTdlYzIzZjM0ODgzZTgyZGQxN2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1Zb5DOeoZC3PPVJ2zGi0QfI4oTF
Nac2Y2GZQyimWjCxoysmew5kVIAMqXkWsUPpsHx/qCRQUKFrT+9DH10XwCpmPKU2
5l+ufJetwM+1unJSmdMn/cAWPKXZIWjkk6Gsdh6WjeVB7gb2wXedVP9q2Kgp83RX
8xQA501FPT81FsPu3n8PcH0eSmi9Gt3ldd188sIffYgWNTKKVE1qUkpH3C2urz8I
zP0S8OIhPzRvGu7qmooaXybwLfOdJiruBusC1gu7KdwGOZB1AJ9PW/OpMHDs7g0G
XPA31AClLPYJkDVFICwYWaXdh7xCd050PD1KycUwI3/teQw6pcfuK/vziQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKF/mRlNtrWXjGl+wj80iD6C3RfoMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvb1gtWkdVMjJ0WmVNYVg3Q1B6U0lQb0xkRi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCA7AwQB
VCBaMA0GCSqGSIb3DQEBCwUAA4IBAQAqVsGcCz0XyJgnyINABj7Ev9CX1BQ4r0lA
zhWel4IedX/PRpmIPFx/PTtS/Y+3h2HEvpnCtRTyPe0mb9kuL4Fd6jMAVpBc3pDS
okiCSjyoA5uR4otuT2U1ml4QV8vU8ECTgiM5i8fH3OJQfDnnHnKJ+cj3ePvOJ0JX
UaAMExhTwNmUgDcR+zcF2HSs/W6fwhl+eqQTWisfqC++cB88jzsxdv1gDDELYttc
gtOPIzBVoH9jHf+dJWP7OwmawBlc4ybpyf0JYCv1wQGVy6fEKTXHVfNQDwSuMDKl
l5x+RwaqMdOqcGhVSG9uQokW9kMmkFz3H4OzPYvdS7bmiKvMGm9M
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:33 2023 by rpki-client on console-ams.rpki-client.org