Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oalW8G_bJHM8gmvd1bmc4PyhrJw.roa
File: oalW8G_bJHM8gmvd1bmc4PyhrJw.roa (raw, json)
Hash identifier: ajDfH7ih4r++Yn3XAVlRU7Jt2II635yKS3qZQYFYX4g=
Subject key identifier: A1:A9:56:F0:6F:DB:24:73:3C:82:6B:DD:D5:B9:9C:E0:FC:A1:AC:9C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC5013D791EB54F1B2C195906D839DE46
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oalW8G_bJHM8gmvd1bmc4PyhrJw.roa
Signing time: Mon 01 Jan 2024 12:30:41 +0000
ROA not before: Mon 01 Jan 2024 12:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 84.32.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3d:79:1e:b5:4f:1b:2c:19:59:06:d8:39:de:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1a956f06fdb24733c826bddd5b99ce0fca1ac9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1e:af:e1:fd:b8:13:fd:54:5e:72:34:9d:24:
f5:8b:6e:86:6e:b9:f2:33:ad:34:df:65:f4:c6:b6:
af:b0:6d:58:08:c0:90:c0:65:11:5e:b8:1c:95:56:
77:c3:7e:24:66:a8:4f:ef:24:0e:4b:f2:f2:14:30:
69:2f:ae:70:12:ae:e5:f2:9b:51:24:aa:ad:19:ec:
d6:8c:aa:e7:e7:58:69:52:d3:8c:5e:05:74:2c:24:
68:5e:08:b9:66:25:20:29:76:9e:66:0b:57:af:55:
2c:36:43:27:80:d9:dc:5c:89:b9:b5:a2:7c:77:dc:
35:03:65:3b:c5:cf:e2:d2:dd:6f:57:47:3e:26:11:
bb:1a:59:4f:21:ce:93:9c:60:61:5e:de:5f:fa:6d:
44:eb:3e:a5:49:5e:60:a0:53:e7:10:85:73:c5:96:
90:2c:68:2c:f0:09:c7:c7:31:75:48:ea:bd:a2:1b:
66:92:72:43:30:87:77:91:17:f8:88:38:10:7b:cf:
20:6e:94:f1:c6:0d:69:09:c9:b0:34:d3:3c:f9:bd:
89:2a:67:75:73:af:5c:54:8d:4e:0c:22:9f:62:b9:
d0:fd:c8:cd:29:6d:80:fa:ad:d2:bf:4e:45:72:03:
d4:35:97:12:9f:1f:a8:1b:38:83:de:49:1f:1a:e3:
92:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A9:56:F0:6F:DB:24:73:3C:82:6B:DD:D5:B9:9C:E0:FC:A1:AC:9C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oalW8G_bJHM8gmvd1bmc4PyhrJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.39.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:52:d3:91:c8:86:31:c9:b2:96:71:8f:7a:93:27:88:30:3c:
3b:0a:ed:f6:db:68:a1:df:46:7c:73:9a:c8:df:2a:63:87:13:
da:d9:11:f1:7f:05:06:32:29:41:f1:ab:f8:04:86:d0:5c:e1:
b6:11:f9:8a:28:70:5f:2f:ea:f3:46:ab:41:3c:05:42:1e:70:
e0:de:ce:a1:ca:e5:b4:30:86:4b:1b:15:a1:06:ea:e9:24:83:
f6:56:3b:dc:a0:6b:15:c9:86:2e:45:45:c9:87:44:74:50:43:
ca:94:27:c6:fe:0b:6f:ee:9f:b7:4a:6c:2a:ac:41:39:a8:49:
cc:31:2a:fe:14:0e:60:45:e1:2b:12:46:74:6d:77:f3:92:bd:
12:bf:10:1f:57:e5:4d:c3:13:ee:21:a9:24:4e:64:c9:ea:66:
6a:6e:78:78:01:d9:b7:70:70:ae:a4:d5:0d:47:30:8c:c7:a9:
d4:08:8d:02:9f:4b:f2:d9:c8:6e:af:8d:8e:0a:5b:62:d3:19:
02:50:00:1f:6d:b5:a4:22:25:fc:f3:53:5f:b0:2a:46:2b:22:
44:e6:c6:7a:37:46:26:7f:ca:c9:6d:de:28:d9:2c:79:c8:e8:
fa:4c:5c:22:1f:6b:59:da:8c:79:ed:23:80:73:4e:f7:ec:20:
c1:01:3b:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAT15HrVPGywZWQbYOd5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWE5NTZmMDZmZGIyNDczM2M4MjZiZGRkNWI5OWNlMGZjYTFhYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAih6v4f24E/1UXnI0nST1i26Gbrny
M60032X0xravsG1YCMCQwGURXrgclVZ3w34kZqhP7yQOS/LyFDBpL65wEq7l8ptR
JKqtGezWjKrn51hpUtOMXgV0LCRoXgi5ZiUgKXaeZgtXr1UsNkMngNncXIm5taJ8
d9w1A2U7xc/i0t1vV0c+JhG7GllPIc6TnGBhXt5f+m1E6z6lSV5goFPnEIVzxZaQ
LGgs8AnHxzF1SOq9ohtmknJDMId3kRf4iDgQe88gbpTxxg1pCcmwNNM8+b2JKmd1
c69cVI1ODCKfYrnQ/cjNKW2A+q3Sv05FcgPUNZcSnx+oGziD3kkfGuOS/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGpVvBv2yRzPIJr3dW5nOD8oaycMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvb2FsVzhHX2JKSE04Z212ZDFibWM0UHlockp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCAnMA0G
CSqGSIb3DQEBCwUAA4IBAQCNUtORyIYxybKWcY96kyeIMDw7Cu3222ih30Z8c5rI
3ypjhxPa2RHxfwUGMilB8av4BIbQXOG2EfmKKHBfL+rzRqtBPAVCHnDg3s6hyuW0
MIZLGxWhBurpJIP2VjvcoGsVyYYuRUXJh0R0UEPKlCfG/gtv7p+3SmwqrEE5qEnM
MSr+FA5gReErEkZ0bXfzkr0SvxAfV+VNwxPuIakkTmTJ6mZqbnh4Adm3cHCupNUN
RzCMx6nUCI0Cn0vy2chur42OClti0xkCUAAfbbWkIiX881NfsCpGKyJE5sZ6N0Ym
f8rJbd4o2Sx5yOj6TFwiH2tZ2ox57SOAc0737CDBATv8
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:47 2024 by rpki-client on console-ams.rpki-client.org