Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/znQuvtbBKBuvJBWID659YvQYuOo.roa
File: znQuvtbBKBuvJBWID659YvQYuOo.roa (raw, json)
Hash identifier: uYnDOjj4naV/ZcsSP3B/GDlnVdetHRoV+pw80kHNn1U=
Subject key identifier: CE:74:2E:BE:D6:C1:28:1B:AF:24:15:88:0F:AE:7D:62:F4:18:B8:EA
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01893EABBE9CF3D1DE912716E691652A8D64
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/znQuvtbBKBuvJBWID659YvQYuOo.roa
Signing time: Mon 10 Jul 2023 07:19:50 +0000
ROA not before: Mon 10 Jul 2023 07:19:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 84.32.105.0/24 maxlen: 24
84.32.104.0/24 maxlen: 24
84.32.252.0/24 maxlen: 24
84.32.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Aug 2023 08:13:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:ab:be:9c:f3:d1:de:91:27:16:e6:91:65:2a:8d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 10 07:19:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce742ebed6c1281baf2415880fae7d62f418b8ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c2:87:7c:d4:57:33:ff:75:04:9e:1e:41:a7:
42:90:e7:be:c2:de:0c:9c:5c:c2:85:85:c4:bc:4c:
99:a7:0f:99:0c:c2:a0:68:b2:0a:ca:b3:6c:e1:fc:
95:31:b8:f5:5e:af:bd:f1:5f:75:51:b4:c6:07:00:
8e:8d:00:26:8a:ab:d8:4c:ae:4e:1d:56:38:88:70:
55:b9:92:35:49:ce:cf:40:41:e2:cb:3b:29:b6:b5:
1a:77:da:86:a8:3a:0a:28:fa:ef:95:43:e0:00:a8:
94:e3:f2:f6:29:2a:db:0a:97:3d:8f:67:65:2e:c1:
ab:e4:e5:99:d1:31:a8:c5:d9:b4:e6:07:6d:b6:9f:
3f:5b:9f:6a:74:a9:75:42:72:ce:c7:47:30:a3:20:
6a:a6:c6:23:93:81:e3:6e:63:a8:2c:ad:96:9d:d8:
35:ae:87:1c:5d:e8:93:82:f1:1d:b1:a4:1e:f9:ff:
67:05:ce:30:a5:af:a1:f0:25:92:34:06:31:14:12:
66:52:13:c9:a4:8b:53:5a:b9:74:89:94:e8:fa:32:
87:73:55:a6:f6:96:35:c7:dd:d9:e7:dc:e3:04:e8:
73:e9:b9:c8:31:34:2c:e7:2c:80:07:65:c8:0e:00:
51:92:12:f5:5e:cb:53:1f:d5:6c:fd:86:ca:7e:71:
e2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:74:2E:BE:D6:C1:28:1B:AF:24:15:88:0F:AE:7D:62:F4:18:B8:EA
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/znQuvtbBKBuvJBWID659YvQYuOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.104.0/23
84.32.252.0/23
Signature Algorithm: sha256WithRSAEncryption
55:db:04:84:aa:ea:13:41:e6:0b:28:24:5d:fb:4b:35:dd:8b:
36:5a:02:2e:98:11:72:19:20:c4:82:e9:ba:ef:ed:1e:32:b9:
3f:8a:4c:97:6d:32:92:21:78:ba:3c:74:76:8a:17:d9:fd:2e:
f9:6d:23:fa:5c:0d:32:c9:20:81:a7:15:61:cb:72:d7:d7:9c:
2b:f6:1a:41:d3:70:c9:03:8e:78:2b:43:7d:9d:92:cd:8a:9a:
bc:73:ad:ee:e6:7b:38:6a:e5:8b:2c:a7:3b:be:ba:5a:d7:20:
ce:f8:aa:1e:ed:d3:4a:5b:23:62:42:6e:8a:3f:e1:19:fa:0a:
40:f9:44:91:96:44:a2:3e:10:06:fd:1f:4d:66:ff:fa:61:22:
9c:a6:88:d5:6b:21:1b:eb:90:bf:31:8a:3a:f8:43:a6:60:5f:
a9:8a:e9:2b:d8:ba:3e:dc:4a:af:43:b1:30:db:04:91:b8:20:
9a:ab:3e:ae:d2:bd:9a:49:d9:4c:fa:64:dd:71:14:3b:47:d8:
87:54:b9:35:fb:9d:be:18:39:26:37:6b:90:0e:45:f0:65:c0:
68:1f:2b:68:0a:ea:1b:b3:0c:1d:9f:43:f9:0b:cd:f4:6b:96:
2c:dd:09:47:26:cc:81:ed:9d:98:52:a1:72:b2:ac:7c:3b:4e:
bc:2b:8a:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYk+q76c89HekScW5pFlKo1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNzEwMDcxOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTc0MmViZWQ2YzEyODFiYWYyNDE1ODgwZmFlN2Q2MmY0MThiOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sKHfNRXM/91BJ4eQadCkOe+wt4M
nFzChYXEvEyZpw+ZDMKgaLIKyrNs4fyVMbj1Xq+98V91UbTGBwCOjQAmiqvYTK5O
HVY4iHBVuZI1Sc7PQEHiyzsptrUad9qGqDoKKPrvlUPgAKiU4/L2KSrbCpc9j2dl
LsGr5OWZ0TGoxdm05gdttp8/W59qdKl1QnLOx0cwoyBqpsYjk4HjbmOoLK2Wndg1
roccXeiTgvEdsaQe+f9nBc4wpa+h8CWSNAYxFBJmUhPJpItTWrl0iZTo+jKHc1Wm
9pY1x93Z59zjBOhz6bnIMTQs5yyAB2XIDgBRkhL1XstTH9Vs/YbKfnHihwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM50Lr7WwSgbryQViA+ufWL0GLjqMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvem5RdXZ0YkJLQnV2SkJXSUQ2NTlZdlFZdU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVCBoAwQB
VCD8MA0GCSqGSIb3DQEBCwUAA4IBAQBV2wSEquoTQeYLKCRd+0s13Ys2WgIumBFy
GSDEgum67+0eMrk/ikyXbTKSIXi6PHR2ihfZ/S75bSP6XA0yySCBpxVhy3LX15wr
9hpB03DJA454K0N9nZLNipq8c63u5ns4auWLLKc7vrpa1yDO+Koe7dNKWyNiQm6K
P+EZ+gpA+USRlkSiPhAG/R9NZv/6YSKcpojVayEb65C/MYo6+EOmYF+piukr2Lo+
3EqvQ7Ew2wSRuCCaqz6u0r2aSdlM+mTdcRQ7R9iHVLk1+52+GDkmN2uQDkXwZcBo
HytoCuobswwdn0P5C830a5Ys3QlHJsyB7Z2YUqFysqx8O068K4rY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:33 2024 by rpki-client on console-ams.rpki-client.org