Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2HTZYl8eNMLdelBsU6O6MAElpzA.roa
File: 2HTZYl8eNMLdelBsU6O6MAElpzA.roa (raw, json)
Hash identifier: 7R8VPXpGkJBEOaWqFVRuAwKpRNq1HTxEwQrfLCDh8ms=
Subject key identifier: D8:74:D9:62:5F:1E:34:C2:DD:7A:50:6C:53:A3:BA:30:01:25:A7:30
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01894B5112468DF94CB7EFE48ED033F53A26
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2HTZYl8eNMLdelBsU6O6MAElpzA.roa
Signing time: Wed 12 Jul 2023 18:15:51 +0000
ROA not before: Wed 12 Jul 2023 18:15:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 84.32.76.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
84.32.211.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jul 2023 05:56:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4b:51:12:46:8d:f9:4c:b7:ef:e4:8e:d0:33:f5:3a:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 12 18:15:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d874d9625f1e34c2dd7a506c53a3ba300125a730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:97:d7:c9:26:81:80:f8:7f:fe:74:db:5b:0b:
04:23:13:67:08:4a:df:20:0a:15:50:fd:e5:73:45:
31:73:6b:c8:4e:84:3d:01:ce:21:0a:84:6b:1a:7e:
67:49:69:dc:cb:70:5c:92:1e:52:d6:b8:74:8d:1c:
69:5f:54:72:98:73:f1:61:76:37:b9:32:97:e6:b9:
0e:f9:a8:78:e8:36:d5:0a:2a:8e:b1:19:92:5f:b1:
05:80:e5:ad:06:91:d2:3e:21:6c:c2:a4:2e:68:bf:
7e:19:70:34:43:bc:76:7c:06:23:92:f0:a5:e5:d5:
ba:98:5f:e0:39:6e:fa:52:c0:86:25:17:59:b8:52:
f8:4a:3b:b9:f3:0a:9d:64:20:5c:80:a6:35:e0:85:
d2:a5:f8:56:24:7c:97:01:c3:da:d2:ab:1f:e2:aa:
95:e1:1d:58:26:04:a8:26:c2:ce:bc:a4:d1:d9:48:
10:47:0d:32:0f:60:90:aa:dc:a8:64:53:64:b1:a6:
88:04:32:ed:57:26:ce:ae:bf:71:9f:ce:e2:e8:9a:
10:38:f7:b1:fc:6d:58:a2:e7:f3:c1:ca:a0:b9:63:
e5:e4:28:91:44:7d:06:ce:2d:04:c5:b4:4f:12:7c:
61:82:99:9a:19:bc:e2:5e:c5:1c:af:7f:1c:f7:71:
ee:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:74:D9:62:5F:1E:34:C2:DD:7A:50:6C:53:A3:BA:30:01:25:A7:30
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2HTZYl8eNMLdelBsU6O6MAElpzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.76.0/24
84.32.79.0/24
84.32.210.0/23
84.32.243.0/24
88.216.190.0/23
88.216.198.0/24
88.216.211.0/24
Signature Algorithm: sha256WithRSAEncryption
50:53:b3:5c:a1:99:26:b4:5a:9e:55:e7:62:fd:97:66:f7:55:
a1:30:8b:7f:86:c1:3a:b1:9f:f4:cf:3a:6b:78:43:d1:8f:98:
a1:94:6b:c6:73:af:d1:dc:a7:2f:fe:1f:2f:49:8f:11:65:d6:
b8:74:e6:f4:a1:27:3a:42:7d:91:75:70:26:96:b7:18:d6:a0:
b0:95:67:17:e0:e9:e2:61:cf:21:70:47:65:8c:f9:b3:09:96:
1b:72:57:40:72:d6:b4:dc:7b:d8:be:fa:1c:49:1c:bd:56:ed:
9e:c5:24:de:b2:24:31:13:63:25:c1:6f:b7:e2:87:af:26:20:
db:36:cc:c8:34:d4:94:b8:bc:ed:69:41:2d:8d:1e:94:0a:0e:
8c:fc:af:55:4a:99:7a:d3:e2:d5:03:36:d9:7c:bf:a8:ee:2c:
1c:f4:9e:21:17:da:b4:ff:bb:02:86:cf:e4:c4:67:f3:6a:d9:
e8:f0:63:7a:14:fe:f9:95:1b:2d:2e:fc:03:bd:ee:84:f6:62:
3f:48:c2:86:21:7f:95:55:c8:36:05:25:a6:c7:ed:9b:67:9c:
34:79:6d:e2:9c:a9:c7:76:f1:bb:17:4d:f8:a0:1f:ec:47:cf:
c4:95:2a:63:d4:f8:71:c5:48:87:2b:02:c5:40:c7:43:62:6b:
18:20:0e:2b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYlLURJGjflMt+/kjtAz9TomMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNzEyMTgxNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODc0ZDk2MjVmMWUzNGMyZGQ3YTUwNmM1M2EzYmEzMDAxMjVhNzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpfXySaBgPh//nTbWwsEIxNnCErf
IAoVUP3lc0Uxc2vIToQ9Ac4hCoRrGn5nSWncy3Bckh5S1rh0jRxpX1RymHPxYXY3
uTKX5rkO+ah46DbVCiqOsRmSX7EFgOWtBpHSPiFswqQuaL9+GXA0Q7x2fAYjkvCl
5dW6mF/gOW76UsCGJRdZuFL4Sju58wqdZCBcgKY14IXSpfhWJHyXAcPa0qsf4qqV
4R1YJgSoJsLOvKTR2UgQRw0yD2CQqtyoZFNksaaIBDLtVybOrr9xn87i6JoQOPex
/G1YoufzwcqguWPl5CiRRH0Gzi0ExbRPEnxhgpmaGbziXsUcr38c93HuIQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNh02WJfHjTC3XpQbFOjujABJacwMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMkhUWllsOGVOTUxkZWxCc1U2TzZNQUVscHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVCBMAwQA
VCBPAwQBVCDSAwQAVCDzAwQBWNi+AwQAWNjGAwQAWNjTMA0GCSqGSIb3DQEBCwUA
A4IBAQBQU7NcoZkmtFqeVedi/Zdm91WhMIt/hsE6sZ/0zzpreEPRj5ihlGvGc6/R
3Kcv/h8vSY8RZda4dOb0oSc6Qn2RdXAmlrcY1qCwlWcX4OniYc8hcEdljPmzCZYb
cldActa03HvYvvocSRy9Vu2exSTesiQxE2MlwW+34oevJiDbNszINNSUuLztaUEt
jR6UCg6M/K9VSpl60+LVAzbZfL+o7iwc9J4hF9q0/7sChs/kxGfzatno8GN6FP75
lRstLvwDve6E9mI/SMKGIX+VVcg2BSWmx+2bZ5w0eW3inKnHdvG7F034oB/sR8/E
lSpj1PhxxUiHKwLFQMdDYmsYIA4r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org