Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hhb7dCStpz_BJrgRlw6vKuQJGw0.roa
File: hhb7dCStpz_BJrgRlw6vKuQJGw0.roa (raw, json)
Hash identifier: PHfuYcrLrly07H94Dy1+X2Wd4jTj8iHk02qh+uKONxg=
Subject key identifier: 86:16:FB:74:24:AD:A7:3F:C1:26:B8:11:97:0E:AF:2A:E4:09:1B:0D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0187F9EBB0B6D88F86628BF7D13563D59102
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hhb7dCStpz_BJrgRlw6vKuQJGw0.roa
Signing time: Mon 08 May 2023 05:53:05 +0000
ROA not before: Mon 08 May 2023 05:53:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.63.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.32.0/24 maxlen: 24
84.32.178.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
88.216.2.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 May 2023 05:21:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f9:eb:b0:b6:d8:8f:86:62:8b:f7:d1:35:63:d5:91:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 8 05:53:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8616fb7424ada73fc126b811970eaf2ae4091b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:54:32:b3:a5:b2:7a:2d:cd:c6:06:3e:78:ed:
05:54:dc:11:57:25:4d:1f:f0:b4:a5:b7:02:a4:bd:
f8:5b:d1:8e:6d:54:52:7f:b2:5a:0d:d9:e1:1e:47:
2a:94:ca:7c:2d:ad:4f:63:7d:90:07:78:f1:cd:e3:
82:9f:ef:ff:2b:0c:c0:91:57:e7:1f:75:d0:99:ac:
15:4c:40:d7:08:31:8e:4e:9a:7a:e0:d7:20:c3:c5:
bb:87:f9:d3:e7:b1:c7:57:1f:ee:23:37:41:ea:e3:
33:2f:c4:4a:b7:7c:11:7c:76:c5:52:d1:07:c8:3b:
c4:05:0c:61:f3:49:fb:57:70:76:6f:e8:55:ed:e0:
fd:07:24:3f:d2:3a:bd:15:d7:e5:e5:29:40:37:39:
91:8a:f5:6b:09:b6:bf:42:82:52:a2:91:8a:da:50:
9d:79:6e:76:10:38:6e:c5:91:4e:90:12:d6:27:fc:
73:da:4e:10:bd:c4:e0:f6:02:5b:1e:19:47:b5:d8:
da:fd:8f:2d:b3:85:cd:2e:6a:53:20:8d:a8:4d:e8:
4c:56:68:e9:3f:22:5c:06:40:b5:5d:86:14:21:84:
9e:cf:90:f5:0c:66:f4:85:a1:31:e9:91:46:e1:cd:
93:1b:aa:25:f5:03:15:d8:e9:de:35:4e:ed:25:4f:
be:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:16:FB:74:24:AD:A7:3F:C1:26:B8:11:97:0E:AF:2A:E4:09:1B:0D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hhb7dCStpz_BJrgRlw6vKuQJGw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.15.0/24
84.32.24.0/24
84.32.32.0/24
84.32.63.0/24
84.32.95.0/24
84.32.149.0/24
84.32.151.0/24
84.32.174.0/23
84.32.178.0/23
88.216.2.0/24
88.216.34.0/24
88.216.181.0/24
88.216.186.0/24
Signature Algorithm: sha256WithRSAEncryption
56:09:c0:7a:7b:79:96:5d:aa:4d:3c:fc:22:d2:bd:7a:29:90:
fd:e0:b0:77:77:e0:cc:ab:c0:e4:15:45:1a:65:a9:e4:d4:0b:
9a:b4:87:c5:0f:f9:38:35:4d:27:b7:8d:94:57:b3:55:a5:20:
50:b7:dd:57:42:0c:d1:e8:88:40:a2:f9:46:ba:e0:ac:10:90:
1a:2b:0a:1d:5e:2b:e7:7c:02:f7:cb:31:6b:36:04:97:de:e6:
20:95:32:85:32:f7:36:d6:56:5f:f9:78:e6:5b:ad:97:c2:c1:
6d:b7:2d:ca:b0:3d:94:70:b5:e7:8b:4d:4f:35:20:4e:f4:e8:
d7:16:e3:85:86:be:b8:98:8a:60:90:26:70:b1:71:ec:4e:7d:
19:8b:36:33:ca:c3:ac:e6:1b:cd:69:99:de:36:4b:89:82:59:
16:45:97:34:cf:db:50:34:e4:20:dd:e3:15:34:d6:ac:5f:38:
66:d7:0b:4b:a5:a7:7d:2f:8f:92:cf:0d:e6:f1:c2:4f:11:a4:
9a:af:e2:09:e6:45:21:b0:71:30:1a:e6:97:0f:db:b3:2c:0d:
12:09:a3:6b:45:b8:4c:69:fa:d3:37:e0:8e:8c:d7:fb:bc:4a:
01:99:d5:fc:34:86:60:87:34:10:43:de:03:cc:bd:b5:98:4b:
d9:95:89:91
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYf567C22I+GYov30TVj1ZECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTA4MDU1MzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjE2ZmI3NDI0YWRhNzNmYzEyNmI4MTE5NzBlYWYyYWU0MDkxYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlQys6Wyei3NxgY+eO0FVNwRVyVN
H/C0pbcCpL34W9GObVRSf7JaDdnhHkcqlMp8La1PY32QB3jxzeOCn+//KwzAkVfn
H3XQmawVTEDXCDGOTpp64Ncgw8W7h/nT57HHVx/uIzdB6uMzL8RKt3wRfHbFUtEH
yDvEBQxh80n7V3B2b+hV7eD9ByQ/0jq9Fdfl5SlANzmRivVrCba/QoJSopGK2lCd
eW52EDhuxZFOkBLWJ/xz2k4QvcTg9gJbHhlHtdja/Y8ts4XNLmpTII2oTehMVmjp
PyJcBkC1XYYUIYSez5D1DGb0haEx6ZFG4c2TG6ol9QMV2OneNU7tJU++rwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFIYW+3Qkrac/wSa4EZcOryrkCRsNMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaGhiN2RDU3Rwel9CSnJnUmx3NnZLdVFKR3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAVCAPAwQA
VCAYAwQAVCAgAwQAVCA/AwQAVCBfAwQAVCCVAwQAVCCXAwQBVCCuAwQBVCCyAwQA
WNgCAwQAWNgiAwQAWNi1AwQAWNi6MA0GCSqGSIb3DQEBCwUAA4IBAQBWCcB6e3mW
XapNPPwi0r16KZD94LB3d+DMq8DkFUUaZank1AuatIfFD/k4NU0nt42UV7NVpSBQ
t91XQgzR6IhAovlGuuCsEJAaKwodXivnfAL3yzFrNgSX3uYglTKFMvc21lZf+Xjm
W62XwsFtty3KsD2UcLXni01PNSBO9OjXFuOFhr64mIpgkCZwsXHsTn0ZizYzysOs
5hvNaZneNkuJglkWRZc0z9tQNOQg3eMVNNasXzhm1wtLpad9L4+Szw3m8cJPEaSa
r+IJ5kUhsHEwGuaXD9uzLA0SCaNrRbhMafrTN+COjNf7vEoBmdX8NIZghzQQQ94D
zL21mEvZlYmR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org