Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/u1Gs70nzeRr3aq3hAeTAWR6th84.roa
File: u1Gs70nzeRr3aq3hAeTAWR6th84.roa (raw, json)
Hash identifier: WBjJrtF97P9cO3jR/IsWPtSxRw4brBKxDoTWHYnwZqk=
Subject key identifier: BB:51:AC:EF:49:F3:79:1A:F7:6A:AD:E1:01:E4:C0:59:1E:AD:87:CE
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018EC43293482A20018A15732060E63C0798
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/u1Gs70nzeRr3aq3hAeTAWR6th84.roa
Signing time: Tue 09 Apr 2024 18:50:32 +0000
ROA not before: Tue 09 Apr 2024 18:50:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 84.32.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c4:32:93:48:2a:20:01:8a:15:73:20:60:e6:3c:07:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 9 18:50:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb51acef49f3791af76aade101e4c0591ead87ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:c5:09:c0:ba:a3:b8:9c:91:33:1d:c1:95:
69:04:05:dc:41:57:bf:54:d4:9f:ba:48:e1:b2:f6:
9c:c7:a2:c4:2a:0e:a1:ed:ce:9f:e4:68:c5:5a:97:
ad:80:8b:e4:5a:b7:2f:fb:0b:65:a5:a2:39:00:d8:
ff:c9:6f:97:ed:b3:f0:af:cd:e5:a8:03:52:20:8e:
b6:ba:f8:b0:5e:ee:16:24:3a:ec:68:d7:f8:df:6d:
33:9e:f1:68:57:35:8e:e0:ce:2b:23:12:a3:ba:cf:
8a:85:57:95:cb:98:db:1a:32:8c:7d:5b:0f:0e:8a:
70:08:0f:58:66:6e:36:9b:5e:1d:fb:37:bd:4c:ae:
3a:dd:06:d9:c0:24:fa:63:74:16:f0:e6:55:90:c1:
ef:65:e0:4a:d8:96:a9:b5:1f:cb:e2:29:94:b9:ef:
a4:66:3c:b9:c7:bb:be:f8:f6:19:3a:0e:30:15:57:
18:dd:76:18:42:0a:c2:f1:5e:40:2b:e5:55:a7:dc:
e8:4e:64:c5:22:13:99:3d:4e:fc:49:09:01:c6:be:
12:95:e7:b5:ed:bf:9d:4a:f1:0d:26:c5:a5:1f:60:
18:91:6d:96:8e:89:0f:25:18:e0:de:63:0a:40:cd:
1f:bf:e5:5c:90:31:eb:0e:5f:7e:55:f4:76:92:63:
7d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:51:AC:EF:49:F3:79:1A:F7:6A:AD:E1:01:E4:C0:59:1E:AD:87:CE
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/u1Gs70nzeRr3aq3hAeTAWR6th84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.82.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:c7:74:26:e3:3e:ab:41:7c:ca:8d:f5:96:45:4f:37:6b:74:
69:dc:30:ae:0d:69:fd:03:e1:34:af:b7:30:89:33:6a:31:c5:
1f:56:56:b7:89:08:2d:f7:46:ea:ef:4d:0e:f2:37:12:92:c3:
1b:21:6a:2a:2f:71:01:c4:cf:ab:59:27:0e:fe:d0:21:d6:aa:
84:4f:1d:d4:f8:87:6f:7d:d4:3d:cb:47:08:6f:c2:57:9a:43:
42:52:63:ee:f4:1f:98:e7:96:ac:1b:42:7a:19:3f:e3:4b:7f:
1f:dc:48:54:af:27:62:7b:84:90:5d:cf:3d:54:ea:13:06:c2:
42:5e:da:95:11:13:60:cd:33:45:11:bd:3d:1d:5d:08:8c:f4:
8c:39:59:5d:a7:c1:44:71:8b:f7:00:77:b5:a1:a8:6e:4d:47:
4b:b4:b5:bf:35:4e:8d:02:48:e2:ca:08:25:0e:8a:20:1e:ca:
63:29:98:52:84:48:39:8b:b9:4c:52:5a:65:1a:b7:a0:68:20:
18:94:82:fc:ca:72:48:10:94:b2:48:bb:0a:94:2c:85:6f:06:
5f:e6:e2:f4:a9:93:7b:8d:7f:10:ca:21:ba:b7:29:a3:de:84:
bc:11:1c:7a:b1:79:ec:1e:b0:d1:e4:46:a5:d6:3a:46:68:9e:
6e:2f:a8:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7EMpNIKiABihVzIGDmPAeYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNDA5MTg1MDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjUxYWNlZjQ5ZjM3OTFhZjc2YWFkZTEwMWU0YzA1OTFlYWQ4N2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKDFCcC6o7ickTMdwZVpBAXcQVe/
VNSfukjhsvacx6LEKg6h7c6f5GjFWpetgIvkWrcv+wtlpaI5ANj/yW+X7bPwr83l
qANSII62uviwXu4WJDrsaNf4320znvFoVzWO4M4rIxKjus+KhVeVy5jbGjKMfVsP
DopwCA9YZm42m14d+ze9TK463QbZwCT6Y3QW8OZVkMHvZeBK2JaptR/L4imUue+k
Zjy5x7u++PYZOg4wFVcY3XYYQgrC8V5AK+VVp9zoTmTFIhOZPU78SQkBxr4Slee1
7b+dSvENJsWlH2AYkW2WjokPJRjg3mMKQM0fv+VckDHrDl9+VfR2kmN9eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtRrO9J83ka92qt4QHkwFkerYfOMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdTFHczcwbnplUnIzYXEzaEFlVEFXUjZ0aDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVCBSMA0G
CSqGSIb3DQEBCwUAA4IBAQAfx3Qm4z6rQXzKjfWWRU83a3Rp3DCuDWn9A+E0r7cw
iTNqMcUfVla3iQgt90bq700O8jcSksMbIWoqL3EBxM+rWScO/tAh1qqETx3U+Idv
fdQ9y0cIb8JXmkNCUmPu9B+Y55asG0J6GT/jS38f3EhUrydie4SQXc89VOoTBsJC
XtqVERNgzTNFEb09HV0IjPSMOVldp8FEcYv3AHe1oahuTUdLtLW/NU6NAkjiyggl
DoogHspjKZhShEg5i7lMUlplGregaCAYlIL8ynJIEJSySLsKlCyFbwZf5uL0qZN7
jX8QyiG6tymj3oS8ERx6sXnsHrDR5Eal1jpGaJ5uL6if
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:39:08 2025 by rpki-client