Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HHNOj0HvIHI9uQ9e2Hx1jeU_gbo.roa
File: HHNOj0HvIHI9uQ9e2Hx1jeU_gbo.roa (raw, json)
Hash identifier: CcPOSoTaKzBSS9G+zlBUO6uhkfm0cu/kerWe+8UmQqI=
Subject key identifier: 1C:73:4E:8F:41:EF:20:72:3D:B9:0F:5E:D8:7C:75:8D:E5:3F:81:BA
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018BA0CCC59280FAA262D20580007B329CB2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HHNOj0HvIHI9uQ9e2Hx1jeU_gbo.roa
Signing time: Sun 05 Nov 2023 18:44:16 +0000
ROA not before: Sun 05 Nov 2023 18:44:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.182.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.208.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
84.32.236.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
84.32.249.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
88.216.66.0/24 maxlen: 24
88.216.67.0/24 maxlen: 24
84.32.178.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Nov 2023 10:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a0:cc:c5:92:80:fa:a2:62:d2:05:80:00:7b:32:9c:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 5 18:44:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c734e8f41ef20723db90f5ed87c758de53f81ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d9:28:cc:d7:cb:b5:0e:95:1e:cd:05:71:52:
7a:17:8b:bb:74:d9:10:3e:61:0c:df:ed:df:03:64:
d2:a0:67:c6:c6:f9:2d:7f:44:fc:4b:39:73:53:3d:
31:55:98:e0:46:b8:fb:41:4d:17:38:9f:df:a8:b9:
fc:83:01:c3:32:48:7c:f0:e5:c7:f1:1f:cc:45:cb:
40:6e:37:a6:73:54:4e:39:e7:8a:c0:d1:21:bd:cf:
3b:5c:f9:40:47:0e:2c:7a:d7:d5:f6:50:4e:88:33:
a7:6e:98:c9:f1:66:27:bb:44:5a:39:92:4d:35:43:
81:a4:49:5c:ab:30:90:2e:57:fc:0b:f7:53:f6:17:
17:d9:93:e3:77:62:f6:c0:d2:98:0b:32:f1:33:2d:
35:09:ea:a3:3b:3d:1e:27:fd:0a:c8:a0:ac:9b:f3:
91:a5:f9:83:08:4d:3d:9b:c2:3d:07:3c:14:60:4b:
d9:98:19:15:94:d9:fb:0d:f7:d2:c8:aa:53:dc:4c:
6e:3f:64:bb:6b:fe:96:ca:37:cc:91:03:f4:4c:c2:
2e:dd:73:4d:83:fc:ae:da:35:cb:08:c1:b4:59:3e:
56:52:f3:6c:39:50:36:fb:09:8a:21:b8:c4:61:af:
31:7f:4b:70:90:bd:66:d6:a2:a3:8a:76:6b:7c:7f:
30:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:73:4E:8F:41:EF:20:72:3D:B9:0F:5E:D8:7C:75:8D:E5:3F:81:BA
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HHNOj0HvIHI9uQ9e2Hx1jeU_gbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.66.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.210.0/24
84.32.214.0/23
84.32.236.0/24
84.32.244.0/22
84.32.249.0/24
88.216.22.0/23
88.216.43.0-88.216.45.255
88.216.66.0/23
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.180.0/24
88.216.182.0/23
88.216.187.0-88.216.189.255
88.216.191.0/24
88.216.197.0-88.216.198.255
88.216.208.0/24
88.216.211.0-88.216.215.255
88.216.220.0/24
88.216.223.0/24
88.216.228.0/22
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:da:be:39:94:52:3e:89:c6:c1:cc:73:4a:50:68:d5:4b:78:
b9:58:82:b8:0f:f9:10:08:01:84:44:21:9f:1f:d7:b0:c4:a4:
45:ac:0a:19:25:ff:f8:22:43:21:b4:ae:19:aa:7d:b9:22:d5:
9f:c1:cf:5b:2c:a4:55:56:39:39:ef:63:75:42:69:f5:e0:60:
da:c4:0f:24:05:e9:4f:9d:34:91:97:03:d7:82:a2:99:ab:cd:
91:51:20:0a:c6:a8:67:1b:47:5f:85:3b:93:22:c9:5a:67:1a:
3f:10:89:ec:01:7d:bf:b4:8c:09:d7:73:e0:07:54:ad:e5:93:
79:3a:20:3c:c3:0a:b7:20:03:24:8a:df:8d:b3:dd:d1:2d:a6:
a4:bc:87:59:72:8b:e9:4e:67:44:65:a0:5a:a0:9f:dc:02:d4:
48:9f:a7:67:24:fe:83:91:e7:6c:da:2b:6f:c8:2f:53:9b:59:
10:50:04:f5:af:e7:cb:2b:94:00:88:28:ee:f0:60:96:09:6f:
22:5a:7f:1a:01:69:c0:89:40:f9:55:d7:53:b2:58:de:08:ac:
8d:de:2f:b3:31:3a:15:7d:e1:45:10:21:bc:5a:c0:b4:c5:93:
70:88:f1:b9:a5:b1:e9:65:94:07:04:83:ac:f9:57:5e:cc:23:
c5:c9:fd:70
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYugzMWSgPqiYtIFgAB7MpyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMTA1MTg0NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzczNGU4ZjQxZWYyMDcyM2RiOTBmNWVkODdjNzU4ZGU1M2Y4MWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNkozNfLtQ6VHs0FcVJ6F4u7dNkQ
PmEM3+3fA2TSoGfGxvktf0T8SzlzUz0xVZjgRrj7QU0XOJ/fqLn8gwHDMkh88OXH
8R/MRctAbjemc1ROOeeKwNEhvc87XPlARw4setfV9lBOiDOnbpjJ8WYnu0RaOZJN
NUOBpElcqzCQLlf8C/dT9hcX2ZPjd2L2wNKYCzLxMy01CeqjOz0eJ/0KyKCsm/OR
pfmDCE09m8I9BzwUYEvZmBkVlNn7DffSyKpT3ExuP2S7a/6WyjfMkQP0TMIu3XNN
g/yu2jXLCMG0WT5WUvNsOVA2+wmKIbjEYa8xf0twkL1m1qKjinZrfH8wHwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFBxzTo9B7yByPbkPXth8dY3lP4G6MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSEhOT2owSHZJSEk5dVE5ZTJIeDFqZVVfZ2JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQA
VCAIMAwDBAJUIBQDBAJUIBgDBAFUIC4DBABUIEIDBABUIF8DBAJUIJQDBAFUIK4D
BAFUILIDBABUINIDBAFUINYDBABUIOwDBAJUIPQDBABUIPkDBAFY2BYwDAMEAFjY
KwMEAVjYLAMEAVjYQgMEAFjYXTAMAwQBWNiCAwQAWNiEAwQBWNiGAwQAWNi0AwQB
WNi2MAwDBABY2LsDBAFY2LwDBABY2L8wDAMEAFjYxQMEAFjYxgMEAFjY0DAMAwQA
WNjTAwQDWNjQAwQAWNjcAwQAWNjfAwQCWNjkAwQCWNjsMA0GCSqGSIb3DQEBCwUA
A4IBAQBP2r45lFI+icbBzHNKUGjVS3i5WIK4D/kQCAGERCGfH9ewxKRFrAoZJf/4
IkMhtK4Zqn25ItWfwc9bLKRVVjk572N1Qmn14GDaxA8kBelPnTSRlwPXgqKZq82R
USAKxqhnG0dfhTuTIslaZxo/EInsAX2/tIwJ13PgB1St5ZN5OiA8wwq3IAMkit+N
s93RLaakvIdZcovpTmdEZaBaoJ/cAtRIn6dnJP6Dkeds2itvyC9Tm1kQUAT1r+fL
K5QAiCju8GCWCW8iWn8aAWnAiUD5VddTsljeCKyN3i+zMToVfeFFECG8WsC0xZNw
iPG5pbHpZZQHBIOs+VdezCPFyf1w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org