Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/z2DxtdP0FHeeBdUtFYeStMiGrlM.roa
File: z2DxtdP0FHeeBdUtFYeStMiGrlM.roa (raw, json)
Hash identifier: LrW6DhK76+r8QhNnYUmQEAkmJJlnDOBZRy3653IyYL4=
Subject key identifier: CF:60:F1:B5:D3:F4:14:77:9E:05:D5:2D:15:87:92:B4:C8:86:AE:53
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018E0D5ADA19F9506A9DB49BAE550B006CDB
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/z2DxtdP0FHeeBdUtFYeStMiGrlM.roa
Signing time: Tue 05 Mar 2024 06:44:01 +0000
ROA not before: Tue 05 Mar 2024 06:44:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 84.32.39.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 31 Mar 2024 17:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:5a:da:19:f9:50:6a:9d:b4:9b:ae:55:0b:00:6c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 5 06:44:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf60f1b5d3f414779e05d52d158792b4c886ae53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:48:e9:ff:63:32:3d:5e:3c:a2:7f:75:e8:27:
12:6f:7f:82:5b:85:21:c3:04:65:bb:f2:ca:5b:00:
97:55:3b:80:bd:45:64:4b:0d:98:de:97:d5:5d:b0:
d1:45:2c:3c:8e:2a:60:ac:1f:ca:7f:b1:25:fe:04:
ad:5e:f8:f0:78:0c:a9:ff:1c:ac:cb:a5:b9:d7:87:
77:89:dc:4c:a9:c4:62:6f:d8:29:71:7d:1f:ce:99:
33:96:84:d1:16:c9:15:04:f7:a5:e1:4c:94:9c:c2:
e1:81:aa:74:02:36:8e:37:67:cf:53:97:21:04:c4:
17:59:dc:33:c5:55:11:a8:35:a4:71:65:15:97:8e:
a9:93:a9:4f:fb:85:c1:bf:05:21:b7:6d:b0:89:8a:
63:ac:3b:b8:a7:97:8c:7a:53:8c:ca:1e:da:52:9a:
6e:5f:1f:92:19:8e:61:32:4b:c1:9a:11:e4:36:5a:
28:60:55:d2:bc:8a:35:13:07:97:39:34:b8:ff:2f:
32:30:62:0f:35:67:1e:df:04:4f:3b:62:4d:75:90:
cf:55:6b:ef:6d:ab:3e:e6:8a:b4:f3:9e:fb:57:6e:
2f:88:60:cf:c7:e9:13:cd:dd:57:51:0f:8f:5d:cd:
61:4b:55:48:f4:bd:b5:43:b0:1f:94:91:45:05:a2:
f0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:60:F1:B5:D3:F4:14:77:9E:05:D5:2D:15:87:92:B4:C8:86:AE:53
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/z2DxtdP0FHeeBdUtFYeStMiGrlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.39.0/24
84.32.66.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:6a:d9:99:03:50:ba:84:22:8d:bd:84:2d:60:a7:9e:fb:00:
83:2d:fc:eb:26:e4:53:d5:e3:85:80:9e:70:20:dc:d3:a3:5c:
70:77:35:93:e2:cb:62:42:d5:c0:ce:28:4a:53:b5:9e:47:24:
14:68:14:bf:7b:6f:08:e8:29:4f:fc:61:64:cf:c3:8a:d3:d4:
65:55:82:af:c0:3b:5c:7b:10:f7:fb:24:6f:50:cc:10:9f:43:
0e:9d:fb:9c:43:df:77:8e:9f:75:ea:4d:c8:6f:59:98:cd:a7:
c4:29:09:80:71:71:f8:2d:1a:e8:40:e6:db:66:80:17:26:34:
23:6c:06:07:0a:e9:63:8c:c5:db:e8:5a:66:02:54:f3:d8:a9:
c8:72:d0:6f:0f:ac:f1:4a:b4:bc:03:3c:12:88:5c:7e:07:be:
a2:51:69:80:32:ab:ee:f6:1b:eb:a9:c0:03:9d:b0:97:4c:9c:
a3:35:04:42:f7:00:5f:31:83:19:bf:a1:62:c2:b4:f6:f5:c1:
a9:b8:4c:24:0c:5b:38:db:33:c0:4d:27:6b:5e:aa:99:15:36:
64:c2:bf:cc:54:3c:9c:94:6a:c7:19:d9:3c:18:b4:f7:fe:2c:
c6:4f:fc:e4:58:0c:98:c3:d3:bd:cd:03:8d:23:61:a0:bb:f2:
2c:e6:e0:82
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4NWtoZ+VBqnbSbrlULAGzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMzA1MDY0NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjYwZjFiNWQzZjQxNDc3OWUwNWQ1MmQxNTg3OTJiNGM4ODZhZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkjp/2MyPV48on916CcSb3+CW4Uh
wwRlu/LKWwCXVTuAvUVkSw2Y3pfVXbDRRSw8jipgrB/Kf7El/gStXvjweAyp/xys
y6W514d3idxMqcRib9gpcX0fzpkzloTRFskVBPel4UyUnMLhgap0AjaON2fPU5ch
BMQXWdwzxVURqDWkcWUVl46pk6lP+4XBvwUht22wiYpjrDu4p5eMelOMyh7aUppu
Xx+SGY5hMkvBmhHkNlooYFXSvIo1EweXOTS4/y8yMGIPNWce3wRPO2JNdZDPVWvv
bas+5oq08577V24viGDPx+kTzd1XUQ+PXc1hS1VI9L21Q7AflJFFBaLwowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM9g8bXT9BR3ngXVLRWHkrTIhq5TMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvejJEeHRkUDBGSGVlQmRVdEZZZVN0TWlHcmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAnAwQA
VCBCAwQAWNjFMA0GCSqGSIb3DQEBCwUAA4IBAQBLatmZA1C6hCKNvYQtYKee+wCD
LfzrJuRT1eOFgJ5wINzTo1xwdzWT4stiQtXAzihKU7WeRyQUaBS/e28I6ClP/GFk
z8OK09RlVYKvwDtcexD3+yRvUMwQn0MOnfucQ993jp916k3Ib1mYzafEKQmAcXH4
LRroQObbZoAXJjQjbAYHCuljjMXb6FpmAlTz2KnIctBvD6zxSrS8AzwSiFx+B76i
UWmAMqvu9hvrqcADnbCXTJyjNQRC9wBfMYMZv6FiwrT29cGpuEwkDFs42zPATSdr
XqqZFTZkwr/MVDyclGrHGdk8GLT3/izGT/zkWAyYw9O9zQONI2Ggu/Is5uCC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org