Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HRjUQMzZIN7Po2vm0UjYMrCmUgo.roa
File: HRjUQMzZIN7Po2vm0UjYMrCmUgo.roa (raw, json)
Hash identifier: qGMMBPclUwL+qQph7PO5lLRsn9Ub3ZwuKfSj8kRWrNI=
Subject key identifier: 1D:18:D4:40:CC:D9:20:DE:CF:A3:6B:E6:D1:48:D8:32:B0:A6:52:0A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0187F008CE58B1357D9A33BF960A4DFAD5F8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HRjUQMzZIN7Po2vm0UjYMrCmUgo.roa
Signing time: Sat 06 May 2023 07:48:41 +0000
ROA not before: Sat 06 May 2023 07:48:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.9.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.108.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 May 2023 05:53:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f0:08:ce:58:b1:35:7d:9a:33:bf:96:0a:4d:fa:d5:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 6 07:48:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d18d440ccd920decfa36be6d148d832b0a6520a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:75:d1:5e:7f:ed:e9:b8:ea:c5:cd:fb:d8:3f:
6a:10:24:ea:44:38:fd:2c:0f:74:ba:85:03:c2:97:
ad:5c:bf:6a:e8:a1:cd:02:8c:d0:9b:51:22:d1:01:
b4:a3:1c:39:43:83:54:8f:95:47:58:f8:a1:50:37:
ce:c6:4d:9e:fd:3e:0f:54:a1:9a:74:ec:19:73:41:
91:75:35:44:8d:b4:6e:4b:0b:ce:5c:39:71:08:4f:
79:3d:09:ba:90:a5:41:7b:55:70:eb:e8:c1:62:aa:
64:e2:a5:14:03:b9:50:59:6e:14:f7:48:b5:94:99:
92:c6:56:f0:63:c4:5b:da:c2:37:b8:f5:ec:9f:31:
98:6e:06:96:5e:04:45:ec:7b:a7:2d:88:30:d0:03:
97:4c:ea:75:0a:15:da:79:e0:b8:a9:d4:54:cd:74:
ec:bb:5c:76:e8:49:46:ac:3a:8b:43:d8:26:78:51:
ba:88:02:a1:8c:0b:45:d4:f6:4d:db:98:2a:c5:a0:
2f:90:1d:c0:8d:e3:bd:a8:c5:7d:00:79:3d:f3:5f:
dd:81:37:55:a9:ee:fb:18:16:e3:a8:3e:a1:ca:14:
cc:7c:30:b1:2f:43:47:18:9a:47:9e:da:09:84:c3:
6b:f0:8f:14:f3:ab:62:a0:f8:a8:40:24:02:68:3a:
70:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:18:D4:40:CC:D9:20:DE:CF:A3:6B:E6:D1:48:D8:32:B0:A6:52:0A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HRjUQMzZIN7Po2vm0UjYMrCmUgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/23
84.32.24.0/22
84.32.30.0/24
84.32.44.0/24
84.32.46.0/23
84.32.57.0/24
84.32.60.0/24
84.32.67.0-84.32.68.255
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.110.0/24
84.32.148.0-84.32.154.255
84.32.156.0/24
84.32.158.0/23
84.32.177.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.225.255
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.242.0/23
84.32.251.0-84.32.253.255
88.216.0.0/23
88.216.3.0/24
88.216.16.0/24
88.216.32.0/24
88.216.35.0/24
88.216.41.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.100.0/24
88.216.108.0/24
88.216.111.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.183.0/24
88.216.188.0/23
88.216.197.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/21
Signature Algorithm: sha256WithRSAEncryption
61:59:69:6d:7d:16:84:19:cf:86:e0:d8:52:78:c4:fc:89:c6:
7b:db:fb:68:29:b1:9a:94:cd:fa:6d:10:77:f1:ab:c0:1d:b5:
1c:b6:d2:8f:a3:9d:43:40:6b:97:66:38:38:2a:68:59:1a:30:
88:e9:01:03:e0:43:8a:b1:3e:56:a7:51:17:88:29:c4:1b:ca:
6f:2b:45:e4:40:23:4a:d9:1c:0f:65:eb:75:b2:a6:c5:d0:ea:
dc:66:ce:20:f4:18:ce:f2:46:cc:c7:63:98:9c:d4:ca:1d:da:
1d:3e:84:56:dc:53:f5:fa:e1:dd:eb:f0:51:60:78:ef:c9:24:
54:eb:c3:0f:ad:db:4b:db:1b:fc:14:0a:77:08:d0:8f:e9:6d:
9d:39:5d:a5:44:5f:72:b2:b6:f0:6f:9f:14:99:7c:04:3d:1f:
98:58:d5:59:9f:42:ca:e7:1d:81:54:c7:22:ad:6d:6a:96:5d:
ae:f6:dc:18:23:4e:d9:bd:81:e7:76:04:1e:36:cc:28:20:4d:
a2:1c:23:ea:ff:db:a2:27:24:93:b0:75:16:fc:12:55:30:44:
ce:0e:7a:df:91:ce:9e:48:f3:47:65:e4:d2:23:bd:d2:1e:e2:
8e:2c:a7:56:58:07:56:e4:b8:cb:bb:7b:8f:f6:fb:6d:bd:cf:
a3:1e:a0:a0
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAYfwCM5YsTV9mjO/lgpN+tX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTA2MDc0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDE4ZDQ0MGNjZDkyMGRlY2ZhMzZiZTZkMTQ4ZDgzMmIwYTY1MjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nXRXn/t6bjqxc372D9qECTqRDj9
LA90uoUDwpetXL9q6KHNAozQm1Ei0QG0oxw5Q4NUj5VHWPihUDfOxk2e/T4PVKGa
dOwZc0GRdTVEjbRuSwvOXDlxCE95PQm6kKVBe1Vw6+jBYqpk4qUUA7lQWW4U90i1
lJmSxlbwY8Rb2sI3uPXsnzGYbgaWXgRF7HunLYgw0AOXTOp1ChXaeeC4qdRUzXTs
u1x26ElGrDqLQ9gmeFG6iAKhjAtF1PZN25gqxaAvkB3AjeO9qMV9AHk981/dgTdV
qe77GBbjqD6hyhTMfDCxL0NHGJpHntoJhMNr8I8U86tioPioQCQCaDpwiQIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFB0Y1EDM2SDez6Nr5tFI2DKwplIKMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSFJqVVFNelpJTjdQbzJ2bTBVallNckNtVWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCCAVYEAgABMIIB
TgMEAVQgCAMEAlQgGAMEAFQgHgMEAFQgLAMEAVQgLgMEAFQgOQMEAFQgPDAMAwQA
VCBDAwQAVCBEAwQAVCBNAwQAVCBPAwQAVCBYAwQAVCBuMAwDBAJUIJQDBABUIJoD
BABUIJwDBAFUIJ4DBABUILEDBABUINQDBAFUINYDBABUINoDBABUIN0wDAMEAFQg
3wMEAVQg4DAMAwQAVCDnAwQAVCDoAwQAVCDrMAwDBABUIO8DBABUIPADBAFUIPIw
DAMEAFQg+wMEAVQg/AMEAVjYAAMEAFjYAwMEAFjYEAMEAFjYIAMEAFjYIwMEAFjY
KQMEAVjYLDAMAwQDWNg4AwQBWNhAAwQAWNhkAwQAWNhsAwQAWNhvMAwDBAFY2IID
BABY2IQDBAFY2IYDBABY2LcDBAFY2LwDBABY2MUDBAJY2NQDBABY2NwDBANY2Ogw
DQYJKoZIhvcNAQELBQADggEBAGFZaW19FoQZz4bg2FJ4xPyJxnvb+2gpsZqUzfpt
EHfxq8AdtRy20o+jnUNAa5dmODgqaFkaMIjpAQPgQ4qxPlanUReIKcQbym8rReRA
I0rZHA9l63WypsXQ6txmziD0GM7yRszHY5ic1Mod2h0+hFbcU/X64d3r8FFgeO/J
JFTrww+t20vbG/wUCncI0I/pbZ05XaVEX3KytvBvnxSZfAQ9H5hY1VmfQsrnHYFU
xyKtbWqWXa723BgjTtm9ged2BB42zCggTaIcI+r/26InJJOwdRb8ElUwRM4Oet+R
zp5I80dl5NIjvdIe4o4sp1ZYB1bkuMu7e4/2+229z6MeoKA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org