Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/h197-X7hSea4FwZUGCSXYgmCjHo.roa
File: h197-X7hSea4FwZUGCSXYgmCjHo.roa (raw, json)
Hash identifier: ObznZX+894vbjsr/c/I848mTRNcn1WI+dSEZjQfhK04=
Subject key identifier: 87:5F:7B:F9:7E:E1:49:E6:B8:17:06:54:18:24:97:62:09:82:8C:7A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018610F674933F8D587AEFCCB273210B6287
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/h197-X7hSea4FwZUGCSXYgmCjHo.roa
Signing time: Thu 02 Feb 2023 07:10:32 +0000
ROA not before: Thu 02 Feb 2023 07:10:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211975
IP address blocks: 84.32.58.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.216.0/24 maxlen: 24
84.32.219.0/24 maxlen: 24
88.216.109.0/24 maxlen: 24
88.216.110.0/24 maxlen: 24
88.216.106.0/24 maxlen: 24
88.216.107.0/24 maxlen: 24
84.32.226.0/24 maxlen: 24
84.32.234.0/24 maxlen: 24
84.32.25.0/24 maxlen: 24
84.32.49.0/24 maxlen: 24
84.32.51.0/24 maxlen: 24
88.216.67.0/24 maxlen: 24
88.216.66.0/24 maxlen: 24
84.32.213.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Feb 2023 07:21:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:10:f6:74:93:3f:8d:58:7a:ef:cc:b2:73:21:0b:62:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 2 07:10:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=875f7bf97ee149e6b81706541824976209828c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a4:22:79:db:11:10:bb:0a:46:ce:ff:11:c9:
f3:99:ff:b0:30:13:46:59:ba:44:5a:b6:58:d6:d7:
29:ad:50:c8:c1:9a:c2:08:96:0b:a8:4f:b7:61:1b:
e2:a0:c8:96:53:d1:5a:80:0b:98:93:95:e5:da:14:
b7:63:91:c0:ea:59:9e:20:e6:63:15:28:64:8f:a5:
5e:ed:d1:15:65:ae:ca:e6:da:3b:66:71:96:95:a8:
50:bb:08:48:a0:ea:06:9f:4f:7b:d2:f6:d9:db:22:
da:71:48:18:1c:a4:9e:d5:c5:f2:3c:3c:72:bf:0d:
d7:21:86:22:ef:08:5d:0d:49:84:fc:96:4a:75:9a:
80:7e:72:25:e9:1b:03:8e:6a:59:ab:ef:4b:f4:8c:
00:44:80:3f:7d:86:d2:6e:4f:df:8f:5e:e8:70:70:
bc:d7:ea:b0:60:4f:f4:e1:26:ef:70:2b:c5:db:16:
65:aa:09:4a:81:a4:6d:6d:fb:b1:71:70:f1:0b:4d:
b9:84:df:fb:cd:bd:ca:70:9a:b5:27:14:76:c9:37:
3e:a7:48:ed:c2:be:41:a3:c9:f9:8c:a9:79:82:73:
b4:9e:9c:de:49:85:ad:a6:e6:13:4d:cd:96:e2:09:
38:b6:2c:07:b2:3b:c0:c6:f3:fb:e7:78:31:fc:71:
9a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5F:7B:F9:7E:E1:49:E6:B8:17:06:54:18:24:97:62:09:82:8C:7A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/h197-X7hSea4FwZUGCSXYgmCjHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.25.0/24
84.32.49.0/24
84.32.51.0/24
84.32.58.0/24
84.32.70.0/24
84.32.213.0/24
84.32.216.0/24
84.32.219.0/24
84.32.226.0/24
84.32.234.0/24
88.216.66.0/23
88.216.106.0/23
88.216.109.0-88.216.110.255
88.216.222.0/23
Signature Algorithm: sha256WithRSAEncryption
18:24:36:22:3e:c1:de:b7:66:ae:58:42:7f:f8:2f:06:41:67:
e6:b7:ad:87:75:26:be:01:01:35:4a:5b:ee:5b:99:09:23:b1:
c5:5c:2e:a6:68:3b:07:80:d5:a7:37:7b:ac:4d:c2:af:5b:c5:
42:30:04:45:1e:76:9c:84:48:6e:e0:52:14:ab:2f:4b:a4:bf:
a5:16:f2:b8:88:91:c8:5e:fd:55:0c:fd:8c:e7:5e:8d:ad:8a:
ee:ca:07:bc:41:3d:8a:81:ce:4d:d7:13:0f:26:b7:61:3e:cb:
e6:ae:4c:98:fc:e3:c5:07:be:b6:78:aa:7c:6d:61:2b:e5:d7:
d7:31:45:d2:46:8f:6a:2a:5c:a0:58:b7:85:e6:2c:ae:44:ca:
0d:07:11:c9:a8:05:72:a7:bb:05:6a:84:91:e8:f1:e5:55:3d:
87:39:8d:97:7c:d4:33:47:ab:8c:9f:43:ac:ad:9a:63:48:b5:
90:a3:5a:da:63:df:c2:b7:f0:22:29:5c:5c:32:47:8d:40:6a:
25:50:82:01:31:b1:53:d7:15:bc:79:73:e8:2e:2a:bf:6e:66:
58:28:e4:b4:73:71:09:58:49:1c:a3:40:ab:9a:6c:31:5a:f5:
46:54:e2:89:bb:2e:bc:58:17:b5:04:d8:7b:fe:c9:ba:e4:2e:
96:20:5e:92
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYYQ9nSTP41Yeu/MsnMhC2KHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjAyMDcxMDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzVmN2JmOTdlZTE0OWU2YjgxNzA2NTQxODI0OTc2MjA5ODI4YzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqQiedsRELsKRs7/Ecnzmf+wMBNG
WbpEWrZY1tcprVDIwZrCCJYLqE+3YRvioMiWU9FagAuYk5Xl2hS3Y5HA6lmeIOZj
FShkj6Ve7dEVZa7K5to7ZnGWlahQuwhIoOoGn0970vbZ2yLacUgYHKSe1cXyPDxy
vw3XIYYi7whdDUmE/JZKdZqAfnIl6RsDjmpZq+9L9IwARIA/fYbSbk/fj17ocHC8
1+qwYE/04SbvcCvF2xZlqglKgaRtbfuxcXDxC025hN/7zb3KcJq1JxR2yTc+p0jt
wr5Bo8n5jKl5gnO0npzeSYWtpuYTTc2W4gk4tiwHsjvAxvP753gx/HGahwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFIdfe/l+4UnmuBcGVBgkl2IJgox6MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaDE5Ny1YN2hTZWE0RndaVUdDU1hZZ21DakhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAVCAZAwQA
VCAxAwQAVCAzAwQAVCA6AwQAVCBGAwQAVCDVAwQAVCDYAwQAVCDbAwQAVCDiAwQA
VCDqAwQBWNhCAwQBWNhqMAwDBABY2G0DBABY2G4DBAFY2N4wDQYJKoZIhvcNAQEL
BQADggEBABgkNiI+wd63Zq5YQn/4LwZBZ+a3rYd1Jr4BATVKW+5bmQkjscVcLqZo
OweA1ac3e6xNwq9bxUIwBEUedpyESG7gUhSrL0ukv6UW8riIkche/VUM/YznXo2t
iu7KB7xBPYqBzk3XEw8mt2E+y+auTJj848UHvrZ4qnxtYSvl19cxRdJGj2oqXKBY
t4XmLK5Eyg0HEcmoBXKnuwVqhJHo8eVVPYc5jZd81DNHq4yfQ6ytmmNItZCjWtpj
38K38CIpXFwyR41AaiVQggExsVPXFbx5c+guKr9uZlgo5LRzcQlYSRyjQKuabDFa
9UZU4om7LrxYF7UE2Hv+ybrkLpYgXpI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org