Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uTDx1XBBd74iK4vwH1J05QykCTk.roa
File: uTDx1XBBd74iK4vwH1J05QykCTk.roa (raw, json)
Hash identifier: 8pA7TdE5Qt04FCA7Q9MHxTyiPbqDjw1HisVOq9a3GLA=
Subject key identifier: B9:30:F1:D5:70:41:77:BE:22:2B:8B:F0:1F:52:74:E5:0C:A4:09:39
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0187852CDF5D83B4DEE7E0E27BD73CDA4341
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uTDx1XBBd74iK4vwH1J05QykCTk.roa
Signing time: Sat 15 Apr 2023 13:48:43 +0000
ROA not before: Sat 15 Apr 2023 13:48:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 17:51:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:85:2c:df:5d:83:b4:de:e7:e0:e2:7b:d7:3c:da:43:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 15 13:48:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b930f1d5704177be222b8bf01f5274e50ca40939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fb:d3:0b:00:b7:a2:52:5a:37:1b:4a:5b:eb:
9c:54:16:fe:ec:03:4e:05:9d:8d:12:b9:fb:96:20:
68:af:2a:c9:37:dd:a1:6f:b9:27:92:fc:af:cb:01:
88:9f:5a:bc:19:92:2d:c4:8e:fc:89:46:2d:62:ea:
ab:46:35:c4:f0:f1:ad:b6:66:51:bb:c7:5f:76:44:
73:c4:e9:a9:bd:28:d8:24:68:3b:ab:d3:58:e4:32:
84:f1:b0:e2:ed:12:de:4d:ff:65:03:1f:16:e7:18:
c4:4e:c0:0e:dd:0e:a5:64:4e:7f:cb:b5:af:1d:cb:
6d:ac:2a:b3:48:e5:cc:c8:1e:4b:da:66:c1:1d:dc:
ea:ed:85:58:1b:3e:95:6b:82:4b:f6:0d:92:fd:9d:
c1:aa:94:23:bb:d6:31:5e:27:44:54:e4:03:60:6c:
fd:6e:77:44:24:80:49:cd:11:7c:2c:b1:51:dd:48:
29:4b:c8:bd:7d:4f:a7:6e:40:4c:1f:2f:d9:ac:b3:
21:b4:ea:c6:11:f1:1c:11:29:af:08:16:b4:71:b1:
ca:70:0d:46:92:df:9a:12:60:26:d3:2b:b5:ad:f3:
89:92:fe:45:c8:d3:8d:d9:dd:01:78:52:9e:4b:96:
b1:e2:7e:ea:69:99:72:a8:16:3d:8b:3c:a2:dd:16:
fd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:30:F1:D5:70:41:77:BE:22:2B:8B:F0:1F:52:74:E5:0C:A4:09:39
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uTDx1XBBd74iK4vwH1J05QykCTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.44.0/24
84.32.47.0/24
84.32.66.0/24
84.32.68.0/24
84.32.225.0/24
88.216.95.0/24
Signature Algorithm: sha256WithRSAEncryption
12:3a:15:a6:48:4f:ea:c0:b3:19:dd:d9:e5:54:89:0c:76:b1:
d0:43:81:1f:b7:db:6a:d4:1b:ec:ee:d6:9f:d8:72:0f:ce:27:
c8:ab:2d:32:1f:8d:df:5a:c8:8c:46:46:54:4c:fd:44:67:d8:
23:55:ec:7f:6d:d4:3a:12:ac:27:e1:67:26:af:05:06:dc:da:
1e:d5:de:7f:3e:0d:24:98:ac:36:03:6c:f2:00:2c:63:ed:06:
e5:30:ab:84:33:82:78:e9:b5:ad:68:4f:fb:8f:88:3b:dd:95:
f6:eb:f9:f4:6d:6a:02:d7:16:80:3a:de:72:a6:56:12:aa:1c:
4b:b7:cc:3e:68:32:65:4b:d9:34:6f:6f:2d:c6:e4:9f:82:9e:
f3:0b:db:33:34:a9:c0:5c:c9:aa:99:f5:bf:88:95:75:32:18:
60:08:e6:6d:7a:e4:71:26:e4:e0:11:cb:e9:3c:48:0f:08:18:
b5:fc:ba:5a:6d:57:5e:4f:5f:19:0f:b3:e4:b2:b0:7e:f4:70:
ec:79:34:8e:75:0b:7c:bf:77:4a:80:49:a8:e1:69:69:01:ab:
c8:f1:8f:d2:e6:be:97:7a:04:6d:fe:05:de:d8:02:78:d9:72:
93:89:e1:33:f4:dd:bf:28:e1:d4:f4:a9:8c:5f:bc:97:40:8a:
f6:6b:45:d4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYeFLN9dg7Te5+Die9c82kNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDE1MTM0ODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTMwZjFkNTcwNDE3N2JlMjIyYjhiZjAxZjUyNzRlNTBjYTQwOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfvTCwC3olJaNxtKW+ucVBb+7ANO
BZ2NErn7liBoryrJN92hb7knkvyvywGIn1q8GZItxI78iUYtYuqrRjXE8PGttmZR
u8dfdkRzxOmpvSjYJGg7q9NY5DKE8bDi7RLeTf9lAx8W5xjETsAO3Q6lZE5/y7Wv
HcttrCqzSOXMyB5L2mbBHdzq7YVYGz6Va4JL9g2S/Z3BqpQju9YxXidEVOQDYGz9
bndEJIBJzRF8LLFR3UgpS8i9fU+nbkBMHy/ZrLMhtOrGEfEcESmvCBa0cbHKcA1G
kt+aEmAm0yu1rfOJkv5FyNON2d0BeFKeS5ax4n7qaZlyqBY9izyi3Rb9IQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLkw8dVwQXe+IiuL8B9SdOUMpAk5MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdVREeDFYQkJkNzRpSzR2d0gxSjA1UXlrQ1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCAsAwQA
VCAvAwQAVCBCAwQAVCBEAwQAVCDhAwQAWNhfMA0GCSqGSIb3DQEBCwUAA4IBAQAS
OhWmSE/qwLMZ3dnlVIkMdrHQQ4Eft9tq1Bvs7taf2HIPzifIqy0yH43fWsiMRkZU
TP1EZ9gjVex/bdQ6Eqwn4WcmrwUG3Noe1d5/Pg0kmKw2A2zyACxj7QblMKuEM4J4
6bWtaE/7j4g73ZX26/n0bWoC1xaAOt5yplYSqhxLt8w+aDJlS9k0b28txuSfgp7z
C9szNKnAXMmqmfW/iJV1MhhgCOZteuRxJuTgEcvpPEgPCBi1/LpabVdeT18ZD7Pk
srB+9HDseTSOdQt8v3dKgEmo4WlpAavI8Y/S5r6XegRt/gXe2AJ42XKTieEz9N2/
KOHU9KmMX7yXQIr2a0XU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:32 2024 by rpki-client on console-ams.rpki-client.org