Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vfoUqqib-Ii55p1LkCAaBL6bl4M.roa
File: vfoUqqib-Ii55p1LkCAaBL6bl4M.roa (raw, json)
Hash identifier: ptzpT5DgrIVPtHYfNHyL2ll+GbEeA0ZEId8YWcchB1Q=
Subject key identifier: BD:FA:14:AA:A8:9B:F8:88:B9:E6:9D:4B:90:20:1A:04:BE:9B:97:83
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186BFF922296F3DF45F5A40E1871B616330
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vfoUqqib-Ii55p1LkCAaBL6bl4M.roa
Signing time: Wed 08 Mar 2023 06:47:00 +0000
ROA not before: Wed 08 Mar 2023 06:47:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49581
IP address blocks: 84.32.223.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Apr 2023 05:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bf:f9:22:29:6f:3d:f4:5f:5a:40:e1:87:1b:61:63:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 8 06:47:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdfa14aaa89bf888b9e69d4b90201a04be9b9783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:49:c2:21:e1:68:0a:1f:53:f9:39:88:68:99:
17:b5:81:b8:1e:ff:76:c6:d8:90:44:67:26:72:55:
45:5c:54:ae:8b:c5:73:d7:68:e3:d9:98:c0:10:6b:
a0:45:e8:fd:72:18:12:71:71:69:e0:44:c5:f7:28:
81:67:a2:ea:85:5a:bd:eb:a8:f2:57:4a:82:fb:75:
72:6e:35:f2:b4:3f:bd:fb:da:2a:c0:ec:05:28:9b:
d8:d1:2c:0c:cb:07:be:4c:44:7b:9f:cb:a8:b5:cd:
2a:bf:e2:0d:98:42:a0:ba:05:e1:0d:99:2d:41:36:
e6:a2:06:8e:40:ed:53:8f:d6:6a:ba:f1:75:c6:45:
6c:ef:73:eb:51:e3:f7:0b:71:5c:57:78:cb:2d:74:
7c:48:ac:bf:d8:bf:1a:4e:dc:18:ad:07:e0:07:ae:
96:35:6d:4c:e6:6a:05:e9:35:3c:68:5a:42:30:da:
b4:32:ab:2d:b9:ca:8f:3e:cf:2f:b5:06:56:a6:66:
ea:48:4f:12:48:e5:7c:23:2b:f5:3b:f0:0d:c6:96:
f2:8e:d4:9d:79:b2:2b:2b:97:00:83:65:88:19:ce:
85:59:2a:09:b1:66:b1:d5:4f:41:53:66:80:f4:ea:
12:2f:88:fd:1d:c0:e7:32:64:69:07:0e:ad:84:8e:
38:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:FA:14:AA:A8:9B:F8:88:B9:E6:9D:4B:90:20:1A:04:BE:9B:97:83
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vfoUqqib-Ii55p1LkCAaBL6bl4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.223.0/24
84.32.251.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:ee:c2:4d:ca:a5:c9:33:20:ac:47:18:3c:bf:28:cd:28:4a:
fa:c3:ed:ba:8a:a0:4e:56:7e:5a:19:1d:99:4f:bb:0c:bd:49:
6d:89:ab:34:69:87:91:d5:5e:5d:80:47:db:3a:66:0f:e5:56:
6d:88:6d:76:37:a2:44:aa:97:71:e7:20:7f:fa:27:af:7e:02:
6b:bd:a8:31:cc:93:47:7b:02:ac:8f:3f:54:be:5b:fb:32:bc:
91:a7:cd:10:0a:93:75:c4:2c:b0:d5:e8:07:b1:2a:93:69:81:
03:54:13:8c:4e:6e:48:49:d6:50:39:f3:34:2e:fd:aa:6f:26:
29:b1:b1:ff:a6:f7:f6:5b:31:9a:a7:d8:23:30:5a:0d:10:83:
14:2d:d5:a0:32:c5:47:87:50:df:37:8b:6a:de:8c:2e:38:8c:
2d:48:93:f8:65:8c:5c:7d:48:eb:36:d1:a6:1c:fe:61:fd:e6:
09:1e:9d:04:cb:40:83:25:5a:dd:5d:d7:47:1d:3b:5d:9d:03:
a1:00:62:6e:7f:c5:e6:82:16:dd:6c:da:9d:37:3d:78:a5:6a:
a1:65:97:6e:f1:09:53:ea:79:f7:e7:71:7c:42:65:0b:a7:5c:
59:8f:3d:19:8b:63:4d:2c:1e:21:36:63:2a:8f:fa:08:96:99:
34:29:b4:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYa/+SIpbz30X1pA4YcbYWMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzA4MDY0NzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGZhMTRhYWE4OWJmODg4YjllNjlkNGI5MDIwMWEwNGJlOWI5NzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUnCIeFoCh9T+TmIaJkXtYG4Hv92
xtiQRGcmclVFXFSui8Vz12jj2ZjAEGugRej9chgScXFp4ETF9yiBZ6LqhVq966jy
V0qC+3VybjXytD+9+9oqwOwFKJvY0SwMywe+TER7n8uotc0qv+INmEKgugXhDZkt
QTbmogaOQO1Tj9ZquvF1xkVs73PrUeP3C3FcV3jLLXR8SKy/2L8aTtwYrQfgB66W
NW1M5moF6TU8aFpCMNq0MqstucqPPs8vtQZWpmbqSE8SSOV8Iyv1O/ANxpbyjtSd
ebIrK5cAg2WIGc6FWSoJsWax1U9BU2aA9OoSL4j9HcDnMmRpBw6thI44JQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL36FKqom/iIueadS5AgGgS+m5eDMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdmZvVXFxaWItSWk1NXAxTGtDQWFCTDZibDRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCDfAwQA
VCD7MA0GCSqGSIb3DQEBCwUAA4IBAQAr7sJNyqXJMyCsRxg8vyjNKEr6w+26iqBO
Vn5aGR2ZT7sMvUltias0aYeR1V5dgEfbOmYP5VZtiG12N6JEqpdx5yB/+ievfgJr
vagxzJNHewKsjz9Uvlv7MryRp80QCpN1xCyw1egHsSqTaYEDVBOMTm5ISdZQOfM0
Lv2qbyYpsbH/pvf2WzGap9gjMFoNEIMULdWgMsVHh1DfN4tq3owuOIwtSJP4ZYxc
fUjrNtGmHP5h/eYJHp0Ey0CDJVrdXddHHTtdnQOhAGJuf8XmghbdbNqdNz14pWqh
ZZdu8QlT6nn353F8QmULp1xZjz0Zi2NNLB4hNmMqj/oIlpk0KbRf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org