Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qdNPoF4eYvhYe676izYVJJ6vD_4.roa
File: qdNPoF4eYvhYe676izYVJJ6vD_4.roa (raw, json)
Hash identifier: fOVHxSZJ4wPEg9ij73Hkn5PLbT1wKkXOsIqb/1DKlmM=
Subject key identifier: A9:D3:4F:A0:5E:1E:62:F8:58:7B:AE:FA:8B:36:15:24:9E:AF:0F:FE
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018A97828ED968896DA216B78DB0E787BF7F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qdNPoF4eYvhYe676izYVJJ6vD_4.roa
Signing time: Fri 15 Sep 2023 06:23:50 +0000
ROA not before: Fri 15 Sep 2023 06:23:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62068
IP address blocks: 84.32.177.0/24 maxlen: 24
84.32.9.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 04:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:97:82:8e:d9:68:89:6d:a2:16:b7:8d:b0:e7:87:bf:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 15 06:23:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9d34fa05e1e62f8587baefa8b3615249eaf0ffe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:92:46:d5:32:fb:d2:97:12:d3:35:29:1a:13:
f9:4b:1f:b9:ae:0a:29:f5:36:d3:99:34:f4:7a:e0:
79:40:98:42:28:43:7f:38:04:5f:10:38:bf:2d:87:
af:19:35:de:38:83:bc:17:27:0c:15:62:74:c2:0c:
16:02:86:26:15:65:97:17:69:77:f2:0a:2d:c2:04:
bf:75:2d:cb:00:c9:ed:1b:76:82:41:e5:44:ad:ab:
bd:ae:ab:2c:26:27:eb:e7:08:f0:7c:63:23:2b:e5:
7d:84:e8:fa:cf:67:c6:69:31:b9:ea:44:47:dd:63:
c1:76:3d:49:5c:4a:d0:fd:1d:66:40:1b:78:0c:29:
b5:04:06:99:4d:3f:51:e6:3c:f1:b2:7f:42:a5:59:
d9:49:31:e2:8a:56:82:50:61:8c:8d:45:46:9d:4a:
14:5f:eb:f4:ec:8f:84:98:71:cb:98:0f:28:d5:3d:
50:2f:2f:83:21:ce:3d:4b:f0:ab:0c:1b:1e:62:ae:
4d:ba:12:99:46:cf:2a:68:4b:2e:2e:59:a1:85:0e:
84:13:75:11:b2:02:0c:23:0e:37:a9:eb:56:c6:2c:
ac:91:1e:2a:1e:fd:a3:67:3d:4c:63:42:48:2f:20:
5b:2a:ee:4e:62:a3:61:46:71:77:f4:04:3e:e3:ee:
8f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D3:4F:A0:5E:1E:62:F8:58:7B:AE:FA:8B:36:15:24:9E:AF:0F:FE
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qdNPoF4eYvhYe676izYVJJ6vD_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.9.0/24
84.32.48.0/24
84.32.177.0/24
Signature Algorithm: sha256WithRSAEncryption
21:31:29:e5:82:b7:82:50:1c:78:8b:a6:20:86:81:e6:5b:81:
92:32:7d:9c:97:90:7b:b3:00:d3:b7:ee:c4:17:98:14:62:68:
cd:22:2b:30:52:ea:69:fe:8f:d0:c6:f9:f2:ca:a7:77:2e:5d:
d2:dc:cd:18:55:0b:b9:0f:0f:17:c4:c6:61:3e:62:ec:67:07:
e8:58:a4:f4:c1:ef:5b:7a:7a:6f:44:6c:0d:02:d2:d0:fd:e4:
59:3c:ed:8d:ae:c4:e8:df:7d:91:24:e4:32:54:ec:42:83:4f:
f5:1b:a0:4a:9f:18:6f:14:96:4e:10:73:b7:4d:53:a7:92:fe:
06:c2:db:7d:e5:49:bc:78:b1:c1:b5:d7:81:cb:ea:38:23:68:
21:95:a0:39:6c:e8:0d:aa:77:6a:b5:a1:66:ac:53:a9:9f:08:
3a:1b:9b:98:93:89:a4:b6:e2:22:d7:4b:d0:8b:28:6f:17:b1:
50:29:cb:64:70:6c:56:22:b4:1b:5b:1a:5c:5b:e7:f6:2c:8c:
0d:14:fc:ce:6f:36:a6:4f:48:0b:7a:03:f4:78:f5:ea:6b:e1:
3f:9c:d2:f0:42:da:a7:65:fd:cf:55:e3:a3:3e:5b:6f:d3:f1:
e4:9d:d4:1a:20:b9:5e:ac:3a:67:ab:5f:b5:78:ba:7c:74:b8:
a5:9b:00:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqXgo7ZaIltoha3jbDnh79/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwOTE1MDYyMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWQzNGZhMDVlMWU2MmY4NTg3YmFlZmE4YjM2MTUyNDllYWYwZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZJG1TL70pcS0zUpGhP5Sx+5rgop
9TbTmTT0euB5QJhCKEN/OARfEDi/LYevGTXeOIO8FycMFWJ0wgwWAoYmFWWXF2l3
8gotwgS/dS3LAMntG3aCQeVErau9rqssJifr5wjwfGMjK+V9hOj6z2fGaTG56kRH
3WPBdj1JXErQ/R1mQBt4DCm1BAaZTT9R5jzxsn9CpVnZSTHiilaCUGGMjUVGnUoU
X+v07I+EmHHLmA8o1T1QLy+DIc49S/CrDBseYq5NuhKZRs8qaEsuLlmhhQ6EE3UR
sgIMIw43qetWxiyskR4qHv2jZz1MY0JILyBbKu5OYqNhRnF39AQ+4+6PkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKnTT6BeHmL4WHuu+os2FSSerw/+MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcWROUG9GNGVZdmhZZTY3Nml6WVZKSjZ2RF80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAJAwQA
VCAwAwQAVCCxMA0GCSqGSIb3DQEBCwUAA4IBAQAhMSnlgreCUBx4i6YghoHmW4GS
Mn2cl5B7swDTt+7EF5gUYmjNIiswUupp/o/Qxvnyyqd3Ll3S3M0YVQu5Dw8XxMZh
PmLsZwfoWKT0we9benpvRGwNAtLQ/eRZPO2NrsTo332RJOQyVOxCg0/1G6BKnxhv
FJZOEHO3TVOnkv4Gwtt95Um8eLHBtdeBy+o4I2ghlaA5bOgNqndqtaFmrFOpnwg6
G5uYk4mktuIi10vQiyhvF7FQKctkcGxWIrQbWxpcW+f2LIwNFPzObzamT0gLegP0
ePXqa+E/nNLwQtqnZf3PVeOjPltv0/HkndQaILlerDpnq1+1eLp8dLilmwBV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:32 2024 by rpki-client on console-ams.rpki-client.org