Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HNWMutltZkFrTu7p1UowYlHf7T4.roa
File: HNWMutltZkFrTu7p1UowYlHf7T4.roa (raw, json)
Hash identifier: 9m66G2PH6pPOhturB8PhkgRwRzrcqExmygBLI1yX0HY=
Subject key identifier: 1C:D5:8C:BA:D9:6D:66:41:6B:4E:EE:E9:D5:4A:30:62:51:DF:ED:3E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018793556C8B5262BD5205B14AEB577C3AFE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HNWMutltZkFrTu7p1UowYlHf7T4.roa
Signing time: Tue 18 Apr 2023 07:47:41 +0000
ROA not before: Tue 18 Apr 2023 07:47:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.63.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.32.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 May 2023 13:37:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:55:6c:8b:52:62:bd:52:05:b1:4a:eb:57:7c:3a:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 18 07:47:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cd58cbad96d66416b4eeee9d54a306251dfed3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d5:52:15:9d:97:ba:44:22:9b:50:15:f2:26:
7a:77:fb:52:6f:07:89:f5:51:87:17:a1:5c:44:66:
fb:b3:c5:3f:29:b1:bb:71:10:2e:aa:fa:15:a5:7d:
f2:57:7e:95:52:0a:92:3c:66:a1:00:36:77:38:38:
b9:82:0f:dc:62:2c:89:cf:f2:0e:d6:65:7b:e7:ad:
b4:af:37:07:ac:02:31:8d:34:0d:fc:27:c4:72:ed:
71:94:2f:8e:b9:07:dc:a1:32:78:aa:29:54:3f:a5:
3d:3f:c9:f8:47:42:13:d5:4f:2a:27:31:29:6c:00:
68:ab:93:9b:48:7e:4f:28:49:ad:b8:25:c2:8a:70:
6f:ab:43:8c:cd:d5:f3:85:34:7f:29:f2:28:7e:03:
15:6c:5d:5b:b3:51:fd:b1:da:c5:91:92:eb:87:94:
0f:5f:d1:fb:ea:79:48:4d:ed:96:f3:35:1e:1a:e6:
54:99:f3:8b:84:e1:22:b3:e5:5e:f9:e4:98:3b:36:
cf:8c:62:ba:db:f8:2f:15:6e:35:89:96:13:67:64:
79:17:95:d5:38:16:81:1f:95:1d:d7:12:ed:3e:e7:
16:d5:06:68:ee:ae:bd:1f:0f:1f:0a:a3:ff:35:f7:
cd:17:36:f6:47:51:e1:2d:20:49:a6:9a:86:b9:d3:
0e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D5:8C:BA:D9:6D:66:41:6B:4E:EE:E9:D5:4A:30:62:51:DF:ED:3E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HNWMutltZkFrTu7p1UowYlHf7T4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/24
84.32.32.0/24
84.32.63.0/24
84.32.95.0/24
88.216.2.0/24
88.216.34.0/24
88.216.181.0/24
88.216.186.0/24
Signature Algorithm: sha256WithRSAEncryption
89:38:c2:ca:d4:b9:db:0b:2d:d9:92:41:e2:08:0b:62:3d:0d:
7a:2a:e4:3a:d1:f3:0e:4c:4f:c2:ff:75:e0:cf:5e:dd:c9:0a:
20:fb:f0:d7:92:41:c3:d9:66:9b:93:4c:a1:f1:ef:5f:b7:63:
23:bd:f8:9e:8c:ec:e9:36:87:2d:34:70:b9:c3:0e:59:7d:1d:
fb:f3:7c:9b:a8:8e:09:ac:68:a7:f2:c9:11:8f:98:ee:3c:69:
d9:ec:25:86:12:4f:a0:d3:78:85:7d:02:95:5b:06:76:15:f7:
09:ad:12:b4:c6:1d:08:c4:4a:d3:5d:ea:7b:dc:0e:bc:27:8f:
15:33:68:35:69:b4:ee:dc:c2:5d:d9:9d:21:6a:77:c7:fc:6d:
4f:1d:14:9f:11:f7:7b:b3:4f:c5:1e:dc:fd:d8:e4:c3:33:c7:
75:26:1c:81:f7:90:aa:a5:19:75:5f:a9:5b:0e:f4:b8:db:f2:
19:c3:6e:d9:ef:e1:1d:9a:30:48:fb:4b:c3:55:0e:21:ac:29:
df:a9:29:dd:84:68:ce:53:04:9e:56:73:84:15:94:cd:73:1a:
48:ea:3f:6d:e1:86:0d:c1:29:dd:42:42:57:58:ce:0d:2d:b2:
ff:b0:4e:2d:0f:98:9d:b3:f9:25:3f:3e:d0:07:d9:77:ed:72:
4e:d9:c8:6f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYeTVWyLUmK9UgWxSutXfDr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDE4MDc0NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Q1OGNiYWQ5NmQ2NjQxNmI0ZWVlZTlkNTRhMzA2MjUxZGZlZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNVSFZ2XukQim1AV8iZ6d/tSbweJ
9VGHF6FcRGb7s8U/KbG7cRAuqvoVpX3yV36VUgqSPGahADZ3ODi5gg/cYiyJz/IO
1mV75620rzcHrAIxjTQN/CfEcu1xlC+OuQfcoTJ4qilUP6U9P8n4R0IT1U8qJzEp
bABoq5ObSH5PKEmtuCXCinBvq0OMzdXzhTR/KfIofgMVbF1bs1H9sdrFkZLrh5QP
X9H76nlITe2W8zUeGuZUmfOLhOEis+Ve+eSYOzbPjGK62/gvFW41iZYTZ2R5F5XV
OBaBH5Ud1xLtPucW1QZo7q69Hw8fCqP/NffNFzb2R1HhLSBJppqGudMO0wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBzVjLrZbWZBa07u6dVKMGJR3+0+MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSE5XTXV0bHRaa0ZyVHU3cDFVb3dZbEhmN1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVCAYAwQA
VCAgAwQAVCA/AwQAVCBfAwQAWNgCAwQAWNgiAwQAWNi1AwQAWNi6MA0GCSqGSIb3
DQEBCwUAA4IBAQCJOMLK1LnbCy3ZkkHiCAtiPQ16KuQ60fMOTE/C/3Xgz17dyQog
+/DXkkHD2Wabk0yh8e9ft2MjvfiejOzpNoctNHC5ww5ZfR3783ybqI4JrGin8skR
j5juPGnZ7CWGEk+g03iFfQKVWwZ2FfcJrRK0xh0IxErTXep73A68J48VM2g1abTu
3MJd2Z0hanfH/G1PHRSfEfd7s0/FHtz92OTDM8d1JhyB95CqpRl1X6lbDvS42/IZ
w27Z7+EdmjBI+0vDVQ4hrCnfqSndhGjOUwSeVnOEFZTNcxpI6j9t4YYNwSndQkJX
WM4NLbL/sE4tD5ids/klPz7QB9l37XJO2chv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org