Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/seZwbp8AkKvk4geypswKXtPQzl4.roa
File: seZwbp8AkKvk4geypswKXtPQzl4.roa (raw, json)
Hash identifier: z9LLh+ptHQ8BrQ67SY8umOsCwtn65YPBOa4LKAT0HdM=
Subject key identifier: B1:E6:70:6E:9F:00:90:AB:E4:E2:07:B2:A6:CC:0A:5E:D3:D0:CE:5E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC5014EB66801E6742090379D92EDD9F8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/seZwbp8AkKvk4geypswKXtPQzl4.roa
Signing time: Mon 01 Jan 2024 12:30:46 +0000
ROA not before: Mon 01 Jan 2024 12:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212669
IP address blocks: 84.32.69.0/24 maxlen: 24
84.32.86.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4e:b6:68:01:e6:74:20:90:37:9d:92:ed:d9:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1e6706e9f0090abe4e207b2a6cc0a5ed3d0ce5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:12:72:97:49:14:15:e8:e3:6b:14:ef:34:b8:
71:73:5b:e5:f5:52:c9:b8:bc:eb:1a:10:47:5f:f8:
05:4a:4d:c1:24:b8:25:3c:39:d2:a5:0e:4f:ea:cc:
75:24:fc:52:cc:2c:8f:55:10:4d:27:66:ab:0d:7a:
c5:e4:01:27:e0:c8:c3:6e:f3:35:b2:e1:65:18:1e:
84:53:ae:e5:34:b1:cc:8b:50:74:99:74:a7:8a:d7:
12:78:ac:0d:86:12:50:e7:e5:6c:11:27:df:b2:2e:
45:78:24:f5:3f:db:2f:33:50:ef:d7:06:d2:4e:f9:
9a:4d:1c:24:1b:4f:09:c7:a5:dc:9d:4d:c5:2c:a0:
e6:ca:3f:22:99:81:e8:6d:ee:84:9d:17:50:b4:5f:
03:c4:6e:3d:ed:f3:fd:f2:87:e9:f0:67:51:e4:a3:
11:df:3d:ea:df:7e:f9:6f:33:9b:23:c0:90:7e:c7:
3d:3b:8b:d8:99:88:87:fe:0e:0b:f7:13:e5:60:ec:
e7:20:58:16:fd:0c:ed:34:8b:15:7e:35:1c:74:5b:
70:ad:a0:6a:da:b3:98:7b:17:00:f2:e8:65:d9:ed:
2f:f6:80:be:bc:b5:c9:3c:2b:6e:be:c7:03:fc:e2:
80:38:94:5b:93:c7:65:07:0f:40:aa:62:15:58:bd:
3a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E6:70:6E:9F:00:90:AB:E4:E2:07:B2:A6:CC:0A:5E:D3:D0:CE:5E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/seZwbp8AkKvk4geypswKXtPQzl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.69.0/24
84.32.86.0/24
84.32.227.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:d6:94:b0:c7:fd:e9:ae:2d:80:3e:a2:5e:ec:b2:72:c6:f2:
be:ca:29:4e:c1:01:03:ff:37:8a:51:db:18:c4:00:52:2a:7a:
3c:4e:43:8c:e3:29:de:d3:41:f7:74:09:cd:fa:4b:9b:cb:5c:
b9:68:d0:a0:c7:11:f2:53:3a:15:74:5a:33:ce:15:57:7a:bf:
46:b4:66:b0:9a:4b:81:c4:53:de:d4:ac:7e:45:7d:8c:c5:3e:
24:7b:a9:99:87:77:f7:db:9c:c9:5d:54:01:6f:1c:9c:f0:21:
ba:d3:fb:19:c6:72:6d:44:d9:e4:27:6f:1a:d0:00:c5:b8:f5:
ad:fe:c7:39:96:95:44:d8:3b:04:9d:58:cf:e8:60:4a:7c:bd:
a5:2d:2a:5d:c7:9a:a8:29:9b:ea:6f:c5:48:55:88:53:1d:fc:
a3:2b:9c:89:d8:0b:a6:74:a0:fe:cc:47:57:9e:07:0f:69:6b:
66:c2:c3:b5:19:cf:c5:97:fb:ea:b3:06:07:bf:78:e8:46:d7:
90:36:ae:5b:df:2d:c8:ca:6c:a5:32:13:24:4a:be:43:ab:c8:
ac:b0:20:ff:7f:ce:f9:09:79:5c:80:1d:03:08:31:ff:fb:58:
02:9b:6d:7e:9e:9f:90:c4:90:b0:2e:c7:15:0d:23:82:d2:1f:
13:3b:54:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFAU62aAHmdCCQN52S7dn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWU2NzA2ZTlmMDA5MGFiZTRlMjA3YjJhNmNjMGE1ZWQzZDBjZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxJyl0kUFejjaxTvNLhxc1vl9VLJ
uLzrGhBHX/gFSk3BJLglPDnSpQ5P6sx1JPxSzCyPVRBNJ2arDXrF5AEn4MjDbvM1
suFlGB6EU67lNLHMi1B0mXSnitcSeKwNhhJQ5+VsESffsi5FeCT1P9svM1Dv1wbS
TvmaTRwkG08Jx6XcnU3FLKDmyj8imYHobe6EnRdQtF8DxG497fP98ofp8GdR5KMR
3z3q3375bzObI8CQfsc9O4vYmYiH/g4L9xPlYOznIFgW/QztNIsVfjUcdFtwraBq
2rOYexcA8uhl2e0v9oC+vLXJPCtuvscD/OKAOJRbk8dlBw9AqmIVWL06LwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLHmcG6fAJCr5OIHsqbMCl7T0M5eMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvc2Vad2JwOEFrS3ZrNGdleXBzd0tYdFBRemw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCBFAwQA
VCBWAwQAVCDjMA0GCSqGSIb3DQEBCwUAA4IBAQAf1pSwx/3pri2APqJe7LJyxvK+
yilOwQED/zeKUdsYxABSKno8TkOM4yne00H3dAnN+kuby1y5aNCgxxHyUzoVdFoz
zhVXer9GtGawmkuBxFPe1Kx+RX2MxT4ke6mZh3f325zJXVQBbxyc8CG60/sZxnJt
RNnkJ28a0ADFuPWt/sc5lpVE2DsEnVjP6GBKfL2lLSpdx5qoKZvqb8VIVYhTHfyj
K5yJ2AumdKD+zEdXngcPaWtmwsO1Gc/Fl/vqswYHv3joRteQNq5b3y3IymylMhMk
Sr5Dq8issCD/f875CXlcgB0DCDH/+1gCm21+np+QxJCwLscVDSOC0h8TO1Sm
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:11 2025 by rpki-client