Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hSRMCTZYxliJvNalWpGkGDaSiCA.roa
File: hSRMCTZYxliJvNalWpGkGDaSiCA.roa (raw, json)
Hash identifier: cJzSJLIQqGnuG6Dr2V526vX3z9CFDsHw+Ekdj/tR6oc=
Subject key identifier: 85:24:4C:09:36:58:C6:58:89:BC:D6:A5:5A:91:A4:18:36:92:88:20
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018FFE8F306153372E49AF0E22A80193B796
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hSRMCTZYxliJvNalWpGkGDaSiCA.roa
Signing time: Sun 09 Jun 2024 19:52:27 +0000
ROA not before: Sun 09 Jun 2024 19:52:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.32.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.220.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 11:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:fe:8f:30:61:53:37:2e:49:af:0e:22:a8:01:93:b7:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 9 19:52:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85244c093658c65889bcd6a55a91a41836928820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bc:94:c1:43:a7:8a:d5:be:32:26:4d:28:f9:
3a:5f:8d:76:ca:3e:fd:11:b1:5b:f7:51:5e:ab:3c:
b6:92:06:9f:b8:f5:71:5e:49:2d:52:0d:d0:6e:f4:
f8:13:23:47:bb:70:c0:98:f3:7b:e2:ff:f7:3e:57:
30:4a:2d:2c:73:c0:e4:83:3b:38:44:90:d4:7a:14:
e5:ee:83:d1:30:84:01:a7:bb:0f:f5:0f:67:7d:99:
3c:59:8c:70:ac:8b:e0:38:33:d5:8e:3c:2a:01:2c:
97:a0:54:06:83:75:06:d9:c2:e6:11:ef:cd:9c:7b:
d1:0d:79:f6:6e:06:ba:59:3d:69:f7:da:75:56:af:
70:9a:60:80:b8:5b:ad:ab:ce:dd:2b:8c:33:af:a1:
5e:5c:ce:9c:02:e1:d5:57:98:90:42:04:62:5d:72:
19:6c:2d:84:29:0b:5f:05:e1:60:df:0d:98:55:5b:
b3:8c:f0:a6:3b:3d:64:16:02:ec:b0:0a:6d:35:dc:
d4:c7:c0:89:ff:a4:f0:41:2e:80:c9:28:8c:45:c0:
86:f2:b0:8f:6b:0d:5e:b6:9a:17:87:f8:fb:32:b1:
f6:95:62:2d:61:74:39:d4:24:1b:52:12:99:4b:54:
3a:27:7d:51:e7:c7:fa:26:7f:ce:f7:cd:9b:89:74:
26:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:24:4C:09:36:58:C6:58:89:BC:D6:A5:5A:91:A4:18:36:92:88:20
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hSRMCTZYxliJvNalWpGkGDaSiCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0-84.32.27.255
84.32.32.0/24
84.32.46.0/23
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.220.0/24
84.32.244.0/22
88.216.22.0/23
88.216.39.0/24
88.216.44.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.211.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
07:1f:83:56:3e:65:34:81:4e:ca:1e:49:f5:d3:af:e2:9a:3a:
63:6c:41:fe:66:1b:3d:45:33:19:a4:da:74:19:fe:b3:15:20:
98:88:2a:ef:40:b5:69:58:fb:87:34:a3:47:cd:34:7d:98:19:
83:fa:81:32:d5:81:c0:53:b3:d9:22:14:4b:69:59:da:08:74:
f4:0b:12:20:b6:cd:60:ab:1f:a6:05:96:ef:ad:49:83:d5:8e:
c1:c1:b8:97:2a:d6:af:26:32:a0:a2:f8:9a:22:5f:18:bd:09:
c1:d6:ee:dd:94:8e:41:c9:cb:51:40:fb:53:72:61:a4:b5:11:
07:ce:05:98:2f:30:f1:03:f5:c8:d6:17:a4:ce:96:86:0e:42:
d8:99:c7:3e:0d:ab:7f:cc:c1:20:07:fe:ab:a4:d7:56:2d:a0:
c2:36:f4:3a:0f:38:1c:06:3a:f2:62:a9:c0:9b:33:76:d8:bf:
2c:36:58:b6:1f:42:c9:4a:fe:6f:ca:a1:c6:44:82:cb:f6:1e:
36:8b:4e:8e:ea:c9:bf:35:67:e6:1a:ca:51:1d:cc:fa:d9:63:
a2:82:08:d2:3d:36:e9:8e:1c:89:d4:0e:d8:e5:68:d9:04:19:
8e:58:eb:79:bb:c0:64:d0:76:e6:d9:9a:d5:53:a3:ab:f5:ce:
e6:7f:53:8b
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY/+jzBhUzcuSa8OIqgBk7eWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNjA5MTk1MjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTI0NGMwOTM2NThjNjU4ODliY2Q2YTU1YTkxYTQxODM2OTI4ODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbyUwUOnitW+MiZNKPk6X412yj79
EbFb91Feqzy2kgafuPVxXkktUg3QbvT4EyNHu3DAmPN74v/3PlcwSi0sc8Dkgzs4
RJDUehTl7oPRMIQBp7sP9Q9nfZk8WYxwrIvgODPVjjwqASyXoFQGg3UG2cLmEe/N
nHvRDXn2bga6WT1p99p1Vq9wmmCAuFutq87dK4wzr6FeXM6cAuHVV5iQQgRiXXIZ
bC2EKQtfBeFg3w2YVVuzjPCmOz1kFgLssAptNdzUx8CJ/6TwQS6AySiMRcCG8rCP
aw1etpoXh/j7MrH2lWItYXQ51CQbUhKZS1Q6J31R58f6Jn/O982biXQmRQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFIUkTAk2WMZYibzWpVqRpBg2koggMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaFNSTUNUWll4bGlKdk5hbFdwR2tHRGFTaUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfjAMAwQA
VCAHAwQAVCAIMAwDBAJUIBQDBAJUIBgDBABUICADBAFUIC4DBABUIF8DBAJUIJQD
BAFUIK4DBAFUINYDBABUINwDBAJUIPQDBAFY2BYDBABY2CcDBAFY2CwDBABY2F0D
BAFY2IIDBAFY2IYwDAMEAFjY0wMEA1jY0DANBgkqhkiG9w0BAQsFAAOCAQEABx+D
Vj5lNIFOyh5J9dOv4po6Y2xB/mYbPUUzGaTadBn+sxUgmIgq70C1aVj7hzSjR800
fZgZg/qBMtWBwFOz2SIUS2lZ2gh09AsSILbNYKsfpgWW761Jg9WOwcG4lyrWryYy
oKL4miJfGL0Jwdbu3ZSOQcnLUUD7U3JhpLURB84FmC8w8QP1yNYXpM6Whg5C2JnH
Pg2rf8zBIAf+q6TXVi2gwjb0Og84HAY68mKpwJszdti/LDZYth9CyUr+b8qhxkSC
y/YeNotOjurJvzVn5hrKUR3M+tljooII0j026Y4cidQO2OVo2QQZjljrebvAZNB2
5tma1VOjq/XO5n9Tiw==
-----END CERTIFICATE-----
Generated at Tue Jun 11 13:12:49 2024 by rpki-client on console-fra.rpki-client.org