Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/h38rbur3EeqKL1wXNyo4IywAfPY.roa
File: h38rbur3EeqKL1wXNyo4IywAfPY.roa (raw, json)
Hash identifier: ObwI35RTaIqcyOzpxlx+EA9rB9D+88AJMtC/I2zhr1U=
Subject key identifier: 87:7F:2B:6E:EA:F7:11:EA:8A:2F:5C:17:37:2A:38:23:2C:00:7C:F6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0187B1CA0E8539A1DE93D393C8762584321D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/h38rbur3EeqKL1wXNyo4IywAfPY.roa
Signing time: Mon 24 Apr 2023 05:43:41 +0000
ROA not before: Mon 24 Apr 2023 05:43:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16125
IP address blocks: 84.32.176.0/24 maxlen: 24
84.32.215.0/24 maxlen: 24
84.32.214.0/24 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.32.0/24 maxlen: 24
84.32.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 21:13:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b1:ca:0e:85:39:a1:de:93:d3:93:c8:76:25:84:32:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 24 05:43:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=877f2b6eeaf711ea8a2f5c17372a38232c007cf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d1:77:b6:1f:c2:b1:68:96:7c:ee:6d:16:1b:
ce:66:07:69:a5:b8:76:14:55:6f:1f:48:c1:26:50:
65:24:5c:d6:c2:37:ac:ae:62:be:04:f9:e5:e3:f1:
da:b5:b6:ef:b5:78:bf:f1:5e:52:d7:fd:48:39:12:
b5:f4:6e:26:13:d5:68:a7:78:08:fe:92:67:b2:14:
f7:cf:6d:4f:a5:90:8e:eb:6f:83:46:0b:29:75:ea:
e0:73:ab:33:f2:1f:fd:c1:13:39:6c:59:9f:1b:d0:
8f:0f:58:e2:13:41:24:e7:8d:51:9c:7a:fb:38:ac:
9d:4f:d8:b5:c3:8b:5f:00:cb:c6:1b:4c:75:af:3f:
e0:69:a5:39:ef:c8:79:68:ca:21:e0:e3:0c:5a:8c:
3a:87:06:55:9f:70:5d:dd:d4:9d:25:55:2a:0f:7e:
b0:a8:86:4d:4a:12:07:cf:1d:38:f1:30:74:f3:7a:
42:76:83:e5:d2:b9:d1:0b:f9:de:25:36:e0:5b:01:
69:8a:57:6a:57:8f:f8:ad:28:88:9c:ad:f2:33:1f:
07:2f:e8:7b:a0:d8:39:59:39:b1:8e:be:d9:a3:8c:
f2:0e:85:79:f2:dc:06:25:73:4b:ac:ec:2c:cb:e0:
95:ea:b9:e8:df:1c:7a:2a:0a:cf:9f:f0:05:5c:98:
5d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7F:2B:6E:EA:F7:11:EA:8A:2F:5C:17:37:2A:38:23:2C:00:7C:F6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/h38rbur3EeqKL1wXNyo4IywAfPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.176.0/24
84.32.214.0/23
84.32.248.0/24
88.216.32.0/24
88.216.129.0/24
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
94:ae:21:62:97:01:c3:0b:99:a5:4c:26:d2:ab:58:0a:29:58:
9f:34:ea:d2:37:dd:32:1e:ba:b6:aa:94:2b:b6:4d:20:c8:42:
cb:81:5e:82:7a:26:b7:34:4a:6e:57:9c:b7:34:8b:ab:6a:f5:
5a:50:a1:e0:cf:4b:1b:80:93:eb:69:d0:80:43:ce:86:0a:6c:
cb:49:d1:0e:e1:d7:2c:fc:bb:78:0a:8a:da:78:0c:cd:1e:ec:
f5:5f:11:37:ca:4e:95:7d:db:d5:4c:51:3f:97:d7:5b:78:72:
2a:7f:f6:60:84:f3:a5:50:37:03:bd:f6:e0:0b:6f:95:21:00:
83:48:11:65:8a:4e:95:f4:8e:3c:4c:c5:d3:77:29:18:fd:7b:
b1:3f:b8:9a:fd:ac:52:86:75:79:a1:5c:75:6d:02:07:a7:00:
c1:3b:13:aa:e4:94:2d:ac:88:9e:a4:44:8d:1a:04:37:ec:21:
38:2e:8a:58:33:03:6e:d1:1e:d2:25:ae:81:2c:26:6e:fa:85:
17:60:dc:99:57:9c:04:a8:12:3d:80:28:1a:c5:ca:fb:eb:a7:
06:f5:c7:bd:cd:bc:fc:ea:34:c2:9f:71:cb:cf:0b:57:4f:3b:
aa:1d:03:e5:fb:ce:ce:1c:98:d8:7f:e8:e1:c1:b9:e8:ce:36:
94:c5:55:74
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYexyg6FOaHek9OTyHYlhDIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDI0MDU0MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzdmMmI2ZWVhZjcxMWVhOGEyZjVjMTczNzJhMzgyMzJjMDA3Y2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNF3th/CsWiWfO5tFhvOZgdppbh2
FFVvH0jBJlBlJFzWwjesrmK+BPnl4/HatbbvtXi/8V5S1/1IORK19G4mE9Vop3gI
/pJnshT3z21PpZCO62+DRgspdergc6sz8h/9wRM5bFmfG9CPD1jiE0Ek541RnHr7
OKydT9i1w4tfAMvGG0x1rz/gaaU578h5aMoh4OMMWow6hwZVn3Bd3dSdJVUqD36w
qIZNShIHzx048TB083pCdoPl0rnRC/neJTbgWwFpildqV4/4rSiInK3yMx8HL+h7
oNg5WTmxjr7Zo4zyDoV58twGJXNLrOwsy+CV6rno3xx6KgrPn/AFXJhdGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFId/K27q9xHqii9cFzcqOCMsAHz2MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaDM4cmJ1cjNFZXFLTDF3WE55bzRJeXdBZlBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCCwAwQB
VCDWAwQAVCD4AwQAWNggAwQAWNiBAwQCWNjsMA0GCSqGSIb3DQEBCwUAA4IBAQCU
riFilwHDC5mlTCbSq1gKKVifNOrSN90yHrq2qpQrtk0gyELLgV6Ceia3NEpuV5y3
NIuravVaUKHgz0sbgJPradCAQ86GCmzLSdEO4dcs/Lt4CoraeAzNHuz1XxE3yk6V
fdvVTFE/l9dbeHIqf/ZghPOlUDcDvfbgC2+VIQCDSBFlik6V9I48TMXTdykY/Xux
P7ia/axShnV5oVx1bQIHpwDBOxOq5JQtrIiepESNGgQ37CE4LopYMwNu0R7SJa6B
LCZu+oUXYNyZV5wEqBI9gCgaxcr766cG9ce9zbz86jTCn3HLzwtXTzuqHQPl+87O
HJjYf+jhwbnozjaUxVV0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org