Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/HEq9dFY6HV84DIRJGXA_Cz9M2HE.roa
File: HEq9dFY6HV84DIRJGXA_Cz9M2HE.roa (raw, json)
Hash identifier: JMJ0INhvvABhNtu13/D4qUz1MZF+FMG74VWAyuWzODk=
Subject key identifier: 1C:4A:BD:74:56:3A:1D:5F:38:0C:84:49:19:70:3F:0B:3F:4C:D8:71
Certificate issuer: /CN=4e7cc8371ed24bacf67aca8b902cee706afc624b
Certificate serial: 01856E820A4888B9B56FAA648D0D74D0BA37
Authority key identifier: 4E:7C:C8:37:1E:D2:4B:AC:F6:7A:CA:8B:90:2C:EE:70:6A:FC:62:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TnzINx7SS6z2esqLkCzucGr8Yks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/HEq9dFY6HV84DIRJGXA_Cz9M2HE.roa
Signing time: Sun 01 Jan 2023 18:04:54 +0000
ROA not before: Sun 01 Jan 2023 18:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200272
IP address blocks: 84.39.199.0/24 maxlen: 24
84.39.198.0/24 maxlen: 24
84.39.196.0/23 maxlen: 23
2a09:ee00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:82:0a:48:88:b9:b5:6f:aa:64:8d:0d:74:d0:ba:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e7cc8371ed24bacf67aca8b902cee706afc624b
Validity
Not Before: Jan 1 18:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c4abd74563a1d5f380c844919703f0b3f4cd871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f8:ce:49:7a:1f:8b:b6:8f:9a:45:9b:ae:1e:
6b:a0:84:b0:c1:aa:e0:12:5f:fe:6e:76:77:53:ce:
3a:45:ce:ad:0d:a7:78:d5:ab:3d:c3:4f:86:3d:76:
a3:5c:0f:88:e1:35:58:59:f7:be:e5:c0:3a:56:ed:
66:2a:8c:6e:3a:20:41:bf:cf:6a:4b:f1:b7:d9:d1:
bc:91:12:7e:d0:ac:b1:82:ce:42:db:83:d8:fe:92:
8b:8d:57:6b:7c:6e:66:7c:92:46:05:da:5b:39:9e:
96:30:19:28:09:19:6f:44:fb:08:cf:a2:17:99:2e:
de:92:a3:4c:40:c9:48:c4:35:b8:ee:12:1b:51:55:
0d:a5:2d:7c:a8:16:f4:96:72:df:76:fd:a3:54:58:
1c:1a:32:90:72:6c:32:0e:c4:2c:12:bd:a5:a9:c2:
22:c0:53:a0:be:b9:7e:d6:1a:ab:29:86:45:10:6d:
5c:f8:89:97:7c:98:26:b4:fd:e5:c9:0e:6f:ef:7e:
46:3b:28:24:be:af:ee:30:a3:7d:20:98:a7:ff:14:
e6:e7:e7:3d:9f:5b:d2:c3:e7:d8:79:26:20:62:86:
b3:42:43:a5:88:d4:8d:59:f8:d4:8c:d1:0d:fb:30:
d1:4b:39:5a:4c:16:79:f5:dc:e9:57:86:d2:39:96:
ae:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:4A:BD:74:56:3A:1D:5F:38:0C:84:49:19:70:3F:0B:3F:4C:D8:71
X509v3 Authority Key Identifier:
keyid:4E:7C:C8:37:1E:D2:4B:AC:F6:7A:CA:8B:90:2C:EE:70:6A:FC:62:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TnzINx7SS6z2esqLkCzucGr8Yks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/HEq9dFY6HV84DIRJGXA_Cz9M2HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/0b4cdf-b486-4a58-800d-8ed5a79de835/1/TnzINx7SS6z2esqLkCzucGr8Yks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.196.0/22
IPv6:
2a09:ee00::/29
Signature Algorithm: sha256WithRSAEncryption
73:0e:3e:27:48:20:d7:2a:40:67:68:4d:5b:ae:a3:0c:36:b7:
2a:b4:3a:31:d4:4d:a9:bc:0f:3d:78:c3:28:4e:28:dc:94:43:
07:df:fc:c5:47:ac:3c:cc:78:d8:6e:33:65:4b:0a:6d:ea:cc:
34:e3:79:8c:9d:ee:a5:33:9f:5e:2d:76:68:7d:30:a7:4a:70:
fd:5d:57:b6:cb:7b:9b:f2:b7:8b:e9:83:2b:9a:34:bb:a4:02:
da:83:4b:29:5b:52:a4:11:9e:62:f9:da:47:56:45:13:c2:bf:
67:ea:bf:4f:a3:53:67:2b:9f:0f:eb:5c:80:41:93:25:6a:94:
fc:c0:ca:32:e0:81:6a:a6:5f:e2:3e:7a:ca:1a:9f:4c:3a:48:
2c:3b:dc:a2:45:30:6f:19:f0:3a:b1:cc:b8:a9:75:ec:ab:42:
a3:84:b8:e3:d7:48:52:aa:02:71:dc:cd:71:07:4a:40:40:1c:
54:44:15:61:c1:91:aa:58:ca:bc:57:4d:b9:e1:08:dd:9f:40:
bd:f3:1c:27:16:8c:b2:94:ba:b1:44:61:a4:4d:a0:35:47:2e:
1d:c3:b5:73:cc:06:f9:65:16:5f:75:a3:a1:ca:f0:2b:56:55:
c0:ea:95:eb:0c:89:20:23:2c:dd:18:27:63:73:93:bd:c2:f2:
73:40:c8:9e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuggpIiLm1b6pkjQ100Lo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlN2NjODM3MWVkMjRiYWNmNjdhY2E4YjkwMmNlZTcwNmFm
YzYyNGIwHhcNMjMwMTAxMTgwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzRhYmQ3NDU2M2ExZDVmMzgwYzg0NDkxOTcwM2YwYjNmNGNkODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/jOSXofi7aPmkWbrh5roISwwarg
El/+bnZ3U846Rc6tDad41as9w0+GPXajXA+I4TVYWfe+5cA6Vu1mKoxuOiBBv89q
S/G32dG8kRJ+0Kyxgs5C24PY/pKLjVdrfG5mfJJGBdpbOZ6WMBkoCRlvRPsIz6IX
mS7ekqNMQMlIxDW47hIbUVUNpS18qBb0lnLfdv2jVFgcGjKQcmwyDsQsEr2lqcIi
wFOgvrl+1hqrKYZFEG1c+ImXfJgmtP3lyQ5v735GOygkvq/uMKN9IJin/xTm5+c9
n1vSw+fYeSYgYoazQkOliNSNWfjUjNEN+zDRSzlaTBZ59dzpV4bSOZauoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBxKvXRWOh1fOAyESRlwPws/TNhxMB8GA1UdIwQY
MBaAFE58yDce0kus9nrKi5As7nBq/GJLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG56SU54N1NTNnoyZXNxTGtDenVjR3I4WWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wYjRjZGYtYjQ4Ni00YTU4LTgwMGQt
OGVkNWE3OWRlODM1LzEvSEVxOWRGWTZIVjg0RElSSkdYQV9DejlNMkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wYjRjZGYtYjQ4Ni00YTU4LTgwMGQtOGVkNWE3OWRlODM1
LzEvVG56SU54N1NTNnoyZXNxTGtDenVjR3I4WWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVCfEMA0E
AgACMAcDBQMqCe4AMA0GCSqGSIb3DQEBCwUAA4IBAQBzDj4nSCDXKkBnaE1brqMM
NrcqtDox1E2pvA89eMMoTijclEMH3/zFR6w8zHjYbjNlSwpt6sw043mMne6lM59e
LXZofTCnSnD9XVe2y3ub8reL6YMrmjS7pALag0spW1KkEZ5i+dpHVkUTwr9n6r9P
o1NnK58P61yAQZMlapT8wMoy4IFqpl/iPnrKGp9MOkgsO9yiRTBvGfA6scy4qXXs
q0KjhLjj10hSqgJx3M1xB0pAQBxURBVhwZGqWMq8V0254Qjdn0C98xwnFoyylLqx
RGGkTaA1Ry4dw7VzzAb5ZRZfdaOhyvArVlXA6pXrDIkgIyzdGCdjc5O9wvJzQMie
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:57 2024 by rpki-client on console-ams.rpki-client.org