Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NUHtN2Wb5Wo3MMt1KGPGFLfhKGs.roa
File: NUHtN2Wb5Wo3MMt1KGPGFLfhKGs.roa (raw, json)
Hash identifier: o52ghjRu8uDgDRuaPF6b7uA4A0AP2Im9FgcjoKC/v+0=
Subject key identifier: 35:41:ED:37:65:9B:E5:6A:37:30:CB:75:28:63:C6:14:B7:E1:28:6B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188A03C6540CA399CABCE3288571DF4B9C2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NUHtN2Wb5Wo3MMt1KGPGFLfhKGs.roa
Signing time: Fri 09 Jun 2023 12:58:12 +0000
ROA not before: Fri 09 Jun 2023 12:58:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.252.0/22 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Jun 2023 15:47:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:3c:65:40:ca:39:9c:ab:ce:32:88:57:1d:f4:b9:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 9 12:58:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3541ed37659be56a3730cb752863c614b7e1286b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:95:be:04:71:ba:8c:49:02:41:ab:ef:de:03:
9e:19:72:9e:f5:13:a4:35:61:68:ad:3b:18:35:d5:
b5:9f:a9:93:f8:46:b8:c9:2f:3e:63:7c:00:b5:24:
c1:26:a7:c8:5f:16:b1:5d:4d:3b:59:81:64:3e:31:
5c:41:65:36:2d:1e:75:36:19:d9:39:47:9b:11:87:
1f:45:a4:86:96:db:51:17:02:fc:22:62:1d:82:7c:
63:c9:5b:4f:d1:d7:0e:b2:27:cc:a2:a7:58:66:1b:
3c:d4:87:cc:c8:80:ae:99:69:8b:87:6c:0a:57:fb:
bd:43:90:fc:79:83:14:cc:3a:e0:50:d8:8c:dc:c9:
0d:91:56:57:1e:dc:45:c5:fd:0b:a9:02:ba:e2:ba:
da:25:e3:d7:3f:22:3e:b2:cb:70:8e:a8:b5:eb:f6:
d2:ef:01:e7:5c:47:7d:aa:a0:0e:cc:04:66:cc:96:
f6:78:72:08:63:53:da:9f:96:f9:04:7e:c7:43:8f:
43:5b:01:2c:ed:74:33:ab:1c:8b:55:cb:1e:20:64:
f9:6c:6b:a0:cb:f9:e0:d2:1f:ff:e7:34:9d:d6:4f:
f8:5e:0e:3c:35:6d:39:d6:b2:ed:50:21:10:52:94:
23:3b:f1:d2:fe:ec:c5:e5:35:a6:9c:c2:54:8b:54:
b8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:41:ED:37:65:9B:E5:6A:37:30:CB:75:28:63:C6:14:B7:E1:28:6B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NUHtN2Wb5Wo3MMt1KGPGFLfhKGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.42.0/24
84.32.52.0/22
88.216.20.0/23
88.216.40.0/24
88.216.43.0/24
88.216.98.0/24
88.216.103.0/24
88.216.185.0/24
88.216.212.0/23
88.216.215.0/24
88.216.240.0/22
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
67:a2:2f:85:dd:97:86:93:b3:b0:8b:8a:7a:05:52:80:b4:60:
e3:da:d5:76:85:b3:d9:cf:81:4d:d8:47:4c:49:08:e7:9a:0a:
db:4c:75:13:13:56:3a:f9:0c:39:94:b8:ec:a0:c2:d2:b3:37:
e7:ec:94:f0:33:a1:1d:7d:89:6e:62:e9:df:98:6e:86:0f:b8:
ea:5a:f0:1a:47:11:45:cf:34:7e:28:e8:7b:6d:b1:7d:e1:83:
5b:8b:9b:86:43:04:2f:6e:3a:13:98:d9:42:e3:75:5b:e5:93:
56:0d:9e:89:17:9c:c4:fc:8e:76:c1:a3:47:25:48:71:9b:5f:
1a:c1:d0:f4:c0:c2:a7:e5:06:28:68:50:0e:84:28:b3:71:0a:
c0:ef:98:9e:55:b4:12:39:09:98:27:76:93:c4:ed:e1:20:1a:
34:a3:2f:00:a7:30:36:85:6b:a6:4a:8a:bd:dc:59:90:dc:c6:
0e:84:73:f7:e8:65:df:91:1e:61:a5:0f:66:12:a9:9b:17:4b:
6c:fd:73:ad:dc:1a:59:e3:7d:ef:a5:b1:10:15:b0:71:2c:cc:
8a:b6:f3:92:eb:24:ff:7f:05:dd:a7:b0:34:7f:8b:96:a0:74:
07:2a:b6:8c:ee:ab:78:ce:ce:db:5a:d2:93:42:2f:f6:90:66:
81:74:2c:65
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYigPGVAyjmcq84yiFcd9LnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjA5MTI1ODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQxZWQzNzY1OWJlNTZhMzczMGNiNzUyODYzYzYxNGI3ZTEyODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupW+BHG6jEkCQavv3gOeGXKe9ROk
NWForTsYNdW1n6mT+Ea4yS8+Y3wAtSTBJqfIXxaxXU07WYFkPjFcQWU2LR51NhnZ
OUebEYcfRaSGlttRFwL8ImIdgnxjyVtP0dcOsifMoqdYZhs81IfMyICumWmLh2wK
V/u9Q5D8eYMUzDrgUNiM3MkNkVZXHtxFxf0LqQK64rraJePXPyI+sstwjqi16/bS
7wHnXEd9qqAOzARmzJb2eHIIY1Pan5b5BH7HQ49DWwEs7XQzqxyLVcseIGT5bGug
y/ng0h//5zSd1k/4Xg48NW051rLtUCEQUpQjO/HS/uzF5TWmnMJUi1S4IwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFDVB7Tdlm+VqNzDLdShjxhS34ShrMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTlVIdE4yV2I1V28zTU10MUtHUEdGTGZoS0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAVCAGAwQA
VCAqAwQCVCA0AwQBWNgUAwQAWNgoAwQAWNgrAwQAWNhiAwQAWNhnAwQAWNi5AwQB
WNjUAwQAWNjXAwQCWNjwAwQCWNj8MA0GCSqGSIb3DQEBCwUAA4IBAQBnoi+F3ZeG
k7Owi4p6BVKAtGDj2tV2hbPZz4FN2EdMSQjnmgrbTHUTE1Y6+Qw5lLjsoMLSszfn
7JTwM6EdfYluYunfmG6GD7jqWvAaRxFFzzR+KOh7bbF94YNbi5uGQwQvbjoTmNlC
43Vb5ZNWDZ6JF5zE/I52waNHJUhxm18awdD0wMKn5QYoaFAOhCizcQrA75ieVbQS
OQmYJ3aTxO3hIBo0oy8ApzA2hWumSoq93FmQ3MYOhHP36GXfkR5hpQ9mEqmbF0ts
/XOt3BpZ433vpbEQFbBxLMyKtvOS6yT/fwXdp7A0f4uWoHQHKraM7qt4zs7bWtKT
Qi/2kGaBdCxl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org