Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vh_KPmgRPAcRM44AlEE4M_w8yEY.roa
File: vh_KPmgRPAcRM44AlEE4M_w8yEY.roa (raw, json)
Hash identifier: TB99uVbyEkGNEaluOJrkjbiUTlq9Zevr2l9GyjU4dDg=
Subject key identifier: BE:1F:CA:3E:68:11:3C:07:11:33:8E:00:94:41:38:33:FC:3C:C8:46
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01920FDD383B7746BA22DC73AF8C194964CF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vh_KPmgRPAcRM44AlEE4M_w8yEY.roa
Signing time: Fri 20 Sep 2024 14:36:49 +0000
ROA not before: Fri 20 Sep 2024 14:36:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215287
IP address blocks: 84.32.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 07:20:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0f:dd:38:3b:77:46:ba:22:dc:73:af:8c:19:49:64:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 20 14:36:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be1fca3e68113c0711338e0094413833fc3cc846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:15:96:07:1c:5a:cf:62:fd:65:cf:7a:d0:a4:
6e:8b:30:58:5d:86:d3:0b:4c:54:73:17:80:9c:dd:
87:f2:04:8a:8d:ae:d8:d4:6f:aa:fc:20:26:ea:c7:
6d:8a:8b:98:82:9e:9b:f7:da:27:4c:78:4a:c6:cd:
75:6c:0c:a8:49:e8:70:55:fe:bf:62:c5:bc:c2:b9:
e7:20:a1:67:97:21:5a:eb:a0:b4:3b:75:0e:45:9e:
15:20:10:a5:a3:1d:4d:9a:05:21:99:83:4d:99:09:
f2:a3:f3:95:1b:27:4b:2f:1b:90:17:a3:19:53:5a:
fc:c5:6b:10:13:c3:cd:ff:b9:91:b7:d5:9e:32:4e:
0f:9c:54:58:dc:9f:0c:5a:d3:cd:09:a2:2b:ba:6e:
e2:19:24:c6:52:d1:a3:52:4e:60:16:53:ca:fc:68:
7e:34:18:83:6e:ca:52:21:3e:e0:a3:32:52:5a:d1:
0e:24:b5:0c:9a:4d:b1:8d:ec:73:b4:c8:21:29:57:
aa:14:ec:ee:ca:78:f3:1f:e5:46:8b:b3:5f:8d:52:
db:be:93:d3:b8:67:9b:74:f6:db:a9:bd:70:1a:fe:
58:ad:ec:24:6a:4d:72:92:53:47:c9:60:da:c5:9b:
e6:56:f8:ce:07:8d:7a:27:cb:a4:e8:4c:4f:83:a3:
45:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1F:CA:3E:68:11:3C:07:11:33:8E:00:94:41:38:33:FC:3C:C8:46
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vh_KPmgRPAcRM44AlEE4M_w8yEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.59.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:eb:e8:08:37:58:ec:0f:d7:8d:a7:3d:e9:81:8c:11:fc:24:
e4:d2:5a:b2:c0:2d:6b:4d:4f:75:72:89:0c:8d:48:de:63:94:
d6:7f:06:f1:ab:3b:e9:b1:e8:e9:6d:11:0f:b0:c1:5a:ed:1f:
c2:68:6b:11:b8:4b:ec:09:39:07:2d:bd:d2:5c:a8:cf:a2:9b:
ae:5c:06:8c:7d:d5:9b:f0:f7:bb:51:07:91:b8:16:e6:df:5c:
61:e1:ca:04:ca:7f:14:a8:6e:f1:35:38:6d:34:fe:72:25:94:
a9:cf:6a:f3:01:6d:ef:a0:07:17:68:1f:c0:2c:c9:37:3e:27:
02:15:5a:d4:cd:4b:55:81:53:89:53:05:e0:36:8a:fb:e9:93:
95:f5:4d:53:d4:4a:3c:a0:e9:0f:5d:80:03:e7:f8:7a:18:75:
2b:82:53:66:6f:a3:6f:d2:7d:00:57:5f:f5:11:53:6f:b5:4d:
39:72:39:0e:0e:51:8b:1b:d1:49:12:ee:8c:f8:a3:ff:62:5d:
f5:37:20:00:46:0a:95:6f:b8:b6:9b:8d:eb:45:52:de:5d:90:
65:0a:83:2b:25:67:c4:66:e5:ad:a3:a0:eb:a6:72:9f:1e:af:
90:9f:ea:ff:08:31:ee:17:5f:50:c2:a0:24:db:b2:40:ca:3c:
d1:f6:ff:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIP3Tg7d0a6Itxzr4wZSWTPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwOTIwMTQzNjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFmY2EzZTY4MTEzYzA3MTEzMzhlMDA5NDQxMzgzM2ZjM2NjODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBWWBxxaz2L9Zc960KRuizBYXYbT
C0xUcxeAnN2H8gSKja7Y1G+q/CAm6sdtiouYgp6b99onTHhKxs11bAyoSehwVf6/
YsW8wrnnIKFnlyFa66C0O3UORZ4VIBClox1NmgUhmYNNmQnyo/OVGydLLxuQF6MZ
U1r8xWsQE8PN/7mRt9WeMk4PnFRY3J8MWtPNCaIrum7iGSTGUtGjUk5gFlPK/Gh+
NBiDbspSIT7gozJSWtEOJLUMmk2xjexztMghKVeqFOzuynjzH+VGi7NfjVLbvpPT
uGebdPbbqb1wGv5Yrewkak1yklNHyWDaxZvmVvjOB416J8uk6ExPg6NFCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL4fyj5oETwHETOOAJRBODP8PMhGMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdmhfS1BtZ1JQQWNSTTQ0QWxFRTRNX3c4eUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCA7MA0G
CSqGSIb3DQEBCwUAA4IBAQAt6+gIN1jsD9eNpz3pgYwR/CTk0lqywC1rTU91cokM
jUjeY5TWfwbxqzvpsejpbREPsMFa7R/CaGsRuEvsCTkHLb3SXKjPopuuXAaMfdWb
8Pe7UQeRuBbm31xh4coEyn8UqG7xNThtNP5yJZSpz2rzAW3voAcXaB/ALMk3PicC
FVrUzUtVgVOJUwXgNor76ZOV9U1T1Eo8oOkPXYAD5/h6GHUrglNmb6Nv0n0AV1/1
EVNvtU05cjkODlGLG9FJEu6M+KP/Yl31NyAARgqVb7i2m43rRVLeXZBlCoMrJWfE
ZuWto6DrpnKfHq+Qn+r/CDHuF19QwqAk27JAyjzR9v/l
-----END CERTIFICATE-----
Generated at Mon Oct 21 10:44:07 2024 by rpki-client on console-ams.rpki-client.org