Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hWuVmYsMpd4i19D974EMREL4tDw.roa
File: hWuVmYsMpd4i19D974EMREL4tDw.roa (raw, json)
Hash identifier: GD17dQ+dYUR0NSEnbg9/YMCTjS3M2Z0E5uoO9Yedy+Q=
Subject key identifier: 85:6B:95:99:8B:0C:A5:DE:22:D7:D0:FD:EF:81:0C:44:42:F8:B4:3C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018C880A8024AB4D1E0D6EFDD40566A2333F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hWuVmYsMpd4i19D974EMREL4tDw.roa
Signing time: Wed 20 Dec 2023 16:23:58 +0000
ROA not before: Wed 20 Dec 2023 16:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.180.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.208.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
84.32.236.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
84.32.249.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.83.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.25.0/24 maxlen: 24
84.32.26.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.178.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:88:0a:80:24:ab:4d:1e:0d:6e:fd:d4:05:66:a2:33:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 20 16:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=856b95998b0ca5de22d7d0fdef810c4442f8b43c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7a:e9:16:30:f4:81:e2:12:a1:25:ab:24:35:
1b:4f:b8:dd:bf:09:18:78:be:95:cf:ba:9c:4a:dc:
38:61:0f:98:5b:db:48:87:95:d9:00:75:27:a9:35:
e5:7b:f1:39:ab:d7:17:db:a1:ee:c7:dd:28:79:f2:
0d:c9:d6:48:1d:8a:5d:7b:c8:c8:78:4e:9e:18:2a:
88:32:28:77:a5:3f:d4:77:7b:ec:97:43:3c:1d:66:
d8:ba:eb:10:e9:47:83:af:1e:4e:3b:f2:f0:1d:4b:
cd:91:1f:68:ac:1c:98:0b:60:e2:1c:dd:01:94:25:
18:aa:87:30:c9:42:9b:45:33:63:de:b0:07:8f:c6:
92:65:e1:79:27:cd:21:5b:a0:ab:90:d0:15:11:9f:
f3:df:25:56:fa:68:26:4c:30:8c:23:3c:5f:d4:f1:
0e:e6:8e:d4:7b:95:f7:ce:25:01:8e:d5:2d:da:c9:
42:bf:f0:fc:6c:a5:27:3e:bc:32:e4:8a:59:8a:be:
0a:69:f1:e6:40:a5:d5:40:c1:90:10:85:41:04:78:
45:de:91:95:5a:60:6a:cc:e4:ea:ac:d3:70:a3:5a:
26:39:ec:11:f3:41:bb:13:f4:84:bb:25:d4:78:0e:
9c:b2:5f:be:38:96:73:b7:1f:20:96:f4:de:4c:11:
ae:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6B:95:99:8B:0C:A5:DE:22:D7:D0:FD:EF:81:0C:44:42:F8:B4:3C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hWuVmYsMpd4i19D974EMREL4tDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.66.0/24
84.32.83.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.210.0/24
84.32.214.0/23
84.32.236.0/24
84.32.244.0/22
84.32.249.0/24
88.216.22.0/23
88.216.44.0/23
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.180.0/24
88.216.187.0-88.216.191.255
88.216.197.0-88.216.198.255
88.216.208.0/24
88.216.211.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
52:c3:95:47:47:1c:69:98:68:31:fc:51:dc:04:e3:f7:53:2d:
8f:df:f0:bf:03:52:72:74:02:3f:d9:8d:d8:6d:07:57:31:3b:
00:71:96:8c:37:dc:c2:38:cb:6b:9a:d6:2b:c6:e8:45:47:d2:
38:20:60:c4:bb:bd:b2:0a:c1:45:51:9c:31:e2:94:f1:34:a8:
f9:0f:f7:15:f0:ac:84:b4:ff:1f:d9:fc:4d:64:b7:5a:02:38:
5c:cf:4a:d9:2d:55:1d:d3:a7:fa:ab:66:e1:25:59:03:bb:db:
be:2f:13:88:48:7e:83:a3:53:50:0c:da:fd:e7:cd:68:e8:68:
06:ff:3d:a9:96:f0:b8:c7:61:d5:c7:45:b7:5a:43:65:75:e1:
7a:e4:7b:cd:57:8c:dd:06:29:d0:35:0f:2b:95:9a:b8:47:a1:
09:d1:29:a2:54:78:ad:15:17:86:a4:7c:93:b5:ea:7b:8e:80:
cb:46:da:f8:02:b8:1f:0e:b0:24:32:ca:5c:1a:9d:cd:4b:20:
48:de:97:56:70:77:9c:b5:aa:10:2a:99:75:4f:b4:63:27:31:
cf:51:4d:a4:0c:b5:1d:eb:dc:bc:9f:8c:bb:18:b3:61:db:95:
61:fa:8b:ce:f4:95:76:b7:ed:cc:20:46:09:94:33:c8:22:b4:
a5:cc:21:d9
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAYyICoAkq00eDW791AVmojM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMjIwMTYyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTZiOTU5OThiMGNhNWRlMjJkN2QwZmRlZjgxMGM0NDQyZjhiNDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHrpFjD0geISoSWrJDUbT7jdvwkY
eL6Vz7qcStw4YQ+YW9tIh5XZAHUnqTXle/E5q9cX26Hux90oefINydZIHYpde8jI
eE6eGCqIMih3pT/Ud3vsl0M8HWbYuusQ6UeDrx5OO/LwHUvNkR9orByYC2DiHN0B
lCUYqocwyUKbRTNj3rAHj8aSZeF5J80hW6CrkNAVEZ/z3yVW+mgmTDCMIzxf1PEO
5o7Ue5X3ziUBjtUt2slCv/D8bKUnPrwy5IpZir4KafHmQKXVQMGQEIVBBHhF3pGV
WmBqzOTqrNNwo1omOewR80G7E/SEuyXUeA6csl++OJZztx8glvTeTBGu3QIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFIVrlZmLDKXeItfQ/e+BDERC+LQ8MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaFd1Vm1Zc01wZDRpMTlEOTc0RU1SRUw0dER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBABU
IAgwDAMEAlQgFAMEAlQgGAMEAVQgLgMEAFQgQgMEAFQgUwMEAFQgXwMEAlQglAME
AVQgrgMEAVQgsgMEAFQg0gMEAVQg1gMEAFQg7AMEAlQg9AMEAFQg+QMEAVjYFgME
AVjYLAMEAFjYXTAMAwQBWNiCAwQAWNiEAwQBWNiGAwQAWNi0MAwDBABY2LsDBAZY
2IAwDAMEAFjYxQMEAFjYxgMEAFjY0DAMAwQAWNjTAwQDWNjQMA0GCSqGSIb3DQEB
CwUAA4IBAQBSw5VHRxxpmGgx/FHcBOP3Uy2P3/C/A1JydAI/2Y3YbQdXMTsAcZaM
N9zCOMtrmtYrxuhFR9I4IGDEu72yCsFFUZwx4pTxNKj5D/cV8KyEtP8f2fxNZLda
Ajhcz0rZLVUd06f6q2bhJVkDu9u+LxOISH6Do1NQDNr9581o6GgG/z2plvC4x2HV
x0W3WkNldeF65HvNV4zdBinQNQ8rlZq4R6EJ0SmiVHitFReGpHyTtep7joDLRtr4
ArgfDrAkMspcGp3NSyBI3pdWcHectaoQKpl1T7RjJzHPUU2kDLUd69y8n4y7GLNh
25Vh+ovO9JV2t+3MIEYJlDPIIrSlzCHZ
-----END CERTIFICATE-----
Generated at Thu Dec 21 12:40:57 2023 by rpki-client on console-fra.rpki-client.org