Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HWuTlZewULw9krBTxBHKkmW05t8.roa
File: HWuTlZewULw9krBTxBHKkmW05t8.roa (raw, json)
Hash identifier: dsgjPZ0t/6UQX+8haRWsZ3ouBWhL+GgZn/5/wOCHY6k=
Subject key identifier: 1D:6B:93:95:97:B0:50:BC:3D:92:B0:53:C4:11:CA:92:65:B4:E6:DF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0187B1CCCE3FE8E90B1F6C9D7B34D03BF8B8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HWuTlZewULw9krBTxBHKkmW05t8.roa
Signing time: Mon 24 Apr 2023 05:46:42 +0000
ROA not before: Mon 24 Apr 2023 05:46:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 84.32.208.0/23 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.27.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b1:cc:ce:3f:e8:e9:0b:1f:6c:9d:7b:34:d0:3b:f8:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 24 05:46:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d6b939597b050bc3d92b053c411ca9265b4e6df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6c:3d:7e:f0:49:7a:a5:50:fe:99:19:29:5c:
6e:11:a6:7a:3a:46:85:9f:02:cf:1a:ad:ca:77:df:
0b:27:37:e4:93:65:b5:ba:5d:5f:84:74:43:ee:19:
03:51:a5:e8:31:51:cd:c6:79:27:9f:c2:c7:de:df:
2d:53:a4:e0:28:25:06:08:17:c6:48:9e:22:e3:c0:
aa:d9:e4:b0:e0:99:c3:66:2f:39:4e:3a:b8:56:f7:
a8:8f:46:cb:a3:82:58:f6:d4:7e:15:f4:80:f4:f2:
1c:ab:63:4e:ed:d1:0a:17:50:48:3d:79:ef:b4:1e:
2a:69:27:be:ba:3d:0f:88:4d:09:a3:eb:fd:31:0e:
ae:37:74:82:41:db:cc:19:e5:d5:22:d0:ea:9a:e8:
21:1e:cd:93:1c:58:29:3d:85:f0:a9:6c:f3:34:f6:
d2:0b:ec:b4:d3:a9:2d:17:28:24:90:45:2e:84:01:
ff:e9:9b:d1:d5:05:0f:23:57:7e:86:cc:6e:b4:7a:
d1:52:22:49:79:fc:bc:ef:77:67:7d:ff:07:16:32:
55:23:ca:d7:fa:d5:9d:2f:5a:5e:33:74:1b:0a:06:
0a:4b:d4:cd:f7:1e:00:df:bb:ba:f1:22:f6:17:b2:
71:68:b6:3f:82:35:46:0e:a7:4a:30:c6:d1:d4:f5:
85:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6B:93:95:97:B0:50:BC:3D:92:B0:53:C4:11:CA:92:65:B4:E6:DF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HWuTlZewULw9krBTxBHKkmW05t8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/22
84.32.27.0/24
84.32.208.0/23
84.32.246.0/23
Signature Algorithm: sha256WithRSAEncryption
10:7d:69:4b:ed:2a:5b:aa:22:08:15:0b:76:b7:9a:c5:35:c0:
45:7c:77:d3:e4:c9:c6:57:3f:ca:01:3a:ed:fa:7f:e0:d8:71:
d0:07:76:73:38:94:18:21:c3:23:91:24:26:3f:ff:59:e5:36:
97:e6:b0:3a:99:c7:80:18:3b:a9:58:ee:47:0d:c1:2d:a7:59:
af:2e:8f:07:9f:7e:51:98:97:bf:c7:cf:27:b0:89:ac:78:5d:
48:71:77:08:a2:70:c0:46:17:de:57:15:c0:0a:4b:77:13:29:
87:93:07:d6:24:f7:c4:30:a7:68:47:d8:a1:b8:a3:6c:32:bd:
3d:11:39:b8:9a:4a:fd:69:e7:ec:7f:45:92:26:1c:6c:cb:f3:
20:62:fd:39:5e:b7:70:97:06:01:3c:c7:bb:87:3b:72:00:34:
1b:79:17:28:10:a0:5f:a5:6d:a9:ce:df:57:56:ee:87:a7:13:
47:55:d4:43:bc:7f:63:73:26:71:fc:72:4f:ca:e6:21:f2:1e:
a4:d7:9b:72:33:54:e4:08:14:75:74:83:33:87:27:c6:06:0a:
04:2f:97:43:d0:2a:18:fa:5b:36:8d:c6:cd:95:fe:b4:75:36:
17:8a:50:98:9e:1a:ac:3b:3a:bf:01:76:85:e5:32:dc:89:03:
ea:a1:b1:ae
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYexzM4/6OkLH2ydezTQO/i4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDI0MDU0NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDZiOTM5NTk3YjA1MGJjM2Q5MmIwNTNjNDExY2E5MjY1YjRlNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWw9fvBJeqVQ/pkZKVxuEaZ6OkaF
nwLPGq3Kd98LJzfkk2W1ul1fhHRD7hkDUaXoMVHNxnknn8LH3t8tU6TgKCUGCBfG
SJ4i48Cq2eSw4JnDZi85Tjq4Vveoj0bLo4JY9tR+FfSA9PIcq2NO7dEKF1BIPXnv
tB4qaSe+uj0PiE0Jo+v9MQ6uN3SCQdvMGeXVItDqmughHs2THFgpPYXwqWzzNPbS
C+y006ktFygkkEUuhAH/6ZvR1QUPI1d+hsxutHrRUiJJefy873dnff8HFjJVI8rX
+tWdL1peM3QbCgYKS9TN9x4A37u68SL2F7JxaLY/gjVGDqdKMMbR1PWFYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB1rk5WXsFC8PZKwU8QRypJltObfMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSFd1VGxaZXdVTHc5a3JCVHhCSEtrbVcwNXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVCAUAwQA
VCAbAwQBVCDQAwQBVCD2MA0GCSqGSIb3DQEBCwUAA4IBAQAQfWlL7SpbqiIIFQt2
t5rFNcBFfHfT5MnGVz/KATrt+n/g2HHQB3ZzOJQYIcMjkSQmP/9Z5TaX5rA6mceA
GDupWO5HDcEtp1mvLo8Hn35RmJe/x88nsImseF1IcXcIonDARhfeVxXACkt3EymH
kwfWJPfEMKdoR9ihuKNsMr09ETm4mkr9aefsf0WSJhxsy/MgYv05XrdwlwYBPMe7
hztyADQbeRcoEKBfpW2pzt9XVu6HpxNHVdRDvH9jcyZx/HJPyuYh8h6k15tyM1Tk
CBR1dIMzhyfGBgoEL5dD0CoY+ls2jcbNlf60dTYXilCYnhqsOzq/AXaF5TLciQPq
obGu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org