Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hLUog1oXAtnwp-HzNM_zHwmdEQI.roa
File: hLUog1oXAtnwp-HzNM_zHwmdEQI.roa (raw, json)
Hash identifier: 0ytsR2V5cNbZCLiiv9Wl4ottPE/Df+sOSHWVK/O9QKM=
Subject key identifier: 84:B5:28:83:5A:17:02:D9:F0:A7:E1:F3:34:CF:F3:1F:09:9D:11:02
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0192BE260B258FCF692DDFE7B9C7C5A3FB3B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hLUog1oXAtnwp-HzNM_zHwmdEQI.roa
Signing time: Thu 24 Oct 2024 10:50:17 +0000
ROA not before: Thu 24 Oct 2024 10:50:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.6.0/24 maxlen: 24
84.32.52.0/22 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
88.216.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 20:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:26:0b:25:8f:cf:69:2d:df:e7:b9:c7:c5:a3:fb:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 24 10:50:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84b528835a1702d9f0a7e1f334cff31f099d1102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7c:c4:74:48:46:b4:b3:91:68:c5:5d:ee:98:
e8:95:6a:9c:bf:76:b1:88:d1:ff:a4:59:71:05:23:
28:9f:cc:ef:78:23:a2:03:21:ea:04:e6:d7:dc:e9:
25:9d:01:39:2c:60:02:6e:55:81:d0:1d:b4:cc:c7:
1b:83:50:fc:dc:6b:bc:06:42:0c:e5:ad:24:5d:7b:
9a:eb:de:67:39:a0:32:04:ff:d1:94:cf:eb:1d:ea:
d5:d4:d6:cd:d3:a9:f2:69:d0:87:b2:8b:aa:a3:7c:
23:de:ec:21:44:76:0b:9d:f7:0d:d3:e2:4a:68:da:
f8:90:77:f7:b5:5d:5b:f0:99:52:32:c9:29:36:56:
6b:18:bc:bd:00:35:3a:30:a4:7f:eb:4e:a7:5c:bc:
59:59:b5:03:1d:7a:a0:c5:97:e5:05:ee:ea:4c:44:
5b:93:49:e0:f3:2b:bd:90:c2:48:76:f0:b2:5a:5d:
6e:52:d9:8e:fe:ae:5f:fe:df:54:fe:38:f6:08:e9:
ef:98:ae:6f:9b:ba:73:bc:63:8a:5a:f0:5b:bb:d8:
7b:a4:71:1d:7e:1a:ff:10:e5:a7:fc:34:0b:fc:bf:
6e:e1:a9:32:1c:dd:44:0a:64:1a:9b:79:3a:99:bd:
ec:d0:81:4c:92:b1:a8:25:99:bc:2a:c1:86:19:53:
ce:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B5:28:83:5A:17:02:D9:F0:A7:E1:F3:34:CF:F3:1F:09:9D:11:02
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hLUog1oXAtnwp-HzNM_zHwmdEQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.52.0/22
88.216.20.0/23
88.216.98.0/24
88.216.103.0/24
88.216.185.0/24
88.216.212.0/23
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
43:ac:cc:6f:a1:4c:3d:ac:a7:de:5b:85:14:21:d9:2c:a2:b3:
fb:1f:b5:20:0c:03:e9:0e:bf:fe:75:f2:b0:1c:2d:f2:86:69:
f8:b4:b3:68:ec:49:e0:cd:67:bd:a5:6c:79:3b:b7:f7:6c:98:
a3:4b:df:1e:35:1d:c4:1c:ce:12:f1:71:7b:d8:dc:39:94:a1:
77:64:2d:98:37:0a:f4:60:56:4b:ad:c9:2f:91:cf:cd:51:1d:
06:3f:21:4b:90:ee:a2:97:47:13:1c:03:69:e4:fc:67:ad:a2:
2f:28:44:37:42:d1:1e:e2:ec:4a:4f:4a:fb:67:c7:55:c3:cb:
c0:fd:8b:84:fd:db:d9:65:66:ad:b8:a8:b0:c5:1f:c2:a1:78:
23:55:58:8e:ec:ad:4c:ee:8d:ef:b2:c1:e4:e7:a7:4b:50:36:
dc:57:fa:8a:64:bf:65:99:96:03:7a:9a:39:e3:50:ab:21:93:
bf:24:f5:57:b6:87:36:17:9f:cc:90:5e:97:d0:d0:e7:29:71:
70:f8:f9:23:54:4a:f7:16:a1:a6:6b:08:80:63:dc:aa:b9:45:
8d:c5:a1:13:be:a0:7b:ac:ea:b4:d4:f9:d7:b7:67:f5:a2:a9:
09:8d:15:dd:6f:17:8a:27:e0:91:40:d2:e0:d4:fb:6f:4c:f0:
20:44:6d:1e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZK+Jgslj89pLd/nucfFo/s7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQxMDI0MTA1MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGI1Mjg4MzVhMTcwMmQ5ZjBhN2UxZjMzNGNmZjMxZjA5OWQxMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3zEdEhGtLORaMVd7pjolWqcv3ax
iNH/pFlxBSMon8zveCOiAyHqBObX3OklnQE5LGACblWB0B20zMcbg1D83Gu8BkIM
5a0kXXua695nOaAyBP/RlM/rHerV1NbN06nyadCHsouqo3wj3uwhRHYLnfcN0+JK
aNr4kHf3tV1b8JlSMskpNlZrGLy9ADU6MKR/606nXLxZWbUDHXqgxZflBe7qTERb
k0ng8yu9kMJIdvCyWl1uUtmO/q5f/t9U/jj2COnvmK5vm7pzvGOKWvBbu9h7pHEd
fhr/EOWn/DQL/L9u4akyHN1ECmQam3k6mb3s0IFMkrGoJZm8KsGGGVPOAQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIS1KINaFwLZ8Kfh8zTP8x8JnRECMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaExVb2cxb1hBdG53cC1Iek5NX3pId21kRVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVCAGAwQC
VCA0AwQBWNgUAwQAWNhiAwQAWNhnAwQAWNi5AwQBWNjUAwQCWNj8MA0GCSqGSIb3
DQEBCwUAA4IBAQBDrMxvoUw9rKfeW4UUIdksorP7H7UgDAPpDr/+dfKwHC3yhmn4
tLNo7EngzWe9pWx5O7f3bJijS98eNR3EHM4S8XF72Nw5lKF3ZC2YNwr0YFZLrckv
kc/NUR0GPyFLkO6il0cTHANp5PxnraIvKEQ3QtEe4uxKT0r7Z8dVw8vA/YuE/dvZ
ZWatuKiwxR/CoXgjVViO7K1M7o3vssHk56dLUDbcV/qKZL9lmZYDepo541CrIZO/
JPVXtoc2F5/MkF6X0NDnKXFw+PkjVEr3FqGmawiAY9yquUWNxaETvqB7rOq01PnX
t2f1oqkJjRXdbxeKJ+CRQNLg1PtvTPAgRG0e
-----END CERTIFICATE-----
Generated at Tue Nov 12 23:40:51 2024 by rpki-client on console-ams.rpki-client.org