Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0PfKsC4S75p2tU3Ob_L86Fvm10k.roa
File: 0PfKsC4S75p2tU3Ob_L86Fvm10k.roa (raw, json)
Hash identifier: kunPq2dqdQ0lDOQpcSIKgEoMosVasf0BgAAAV+wjXR0=
Subject key identifier: D0:F7:CA:B0:2E:12:EF:9A:76:B5:4D:CE:6F:F2:FC:E8:5B:E6:D7:49
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01870AB107D1D6CB8AA05401DB9EE8ABDDA9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0PfKsC4S75p2tU3Ob_L86Fvm10k.roa
Signing time: Wed 22 Mar 2023 18:59:46 +0000
ROA not before: Wed 22 Mar 2023 18:59:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Mar 2023 18:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0a:b1:07:d1:d6:cb:8a:a0:54:01:db:9e:e8:ab:dd:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 22 18:59:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0f7cab02e12ef9a76b54dce6ff2fce85be6d749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:46:e3:13:3f:52:0c:45:ee:09:f7:d5:c3:7b:
f2:d8:61:03:ad:ba:8a:86:e1:9b:ca:dc:4a:d9:a0:
13:47:7e:2e:55:cf:bf:39:4c:cf:05:e9:97:3d:00:
f3:36:cd:1d:d4:20:6d:7d:66:c7:4d:31:09:2a:11:
93:40:ca:5a:70:0b:c1:31:77:4c:9b:36:6f:65:d5:
95:d4:53:dd:db:55:21:3d:99:7b:9a:5d:ec:45:da:
31:c5:93:bc:52:83:ab:9c:3c:8d:ae:62:20:73:aa:
a2:f9:84:a5:06:6f:0e:8c:69:a4:0c:ac:77:8a:56:
06:5a:3f:1e:e2:75:df:46:a0:d2:fa:99:05:d5:59:
88:4c:06:41:ff:a0:7a:98:83:5b:c7:95:d0:3a:47:
dd:3f:10:30:1a:48:60:d7:7d:77:cb:bc:23:4c:03:
76:0b:61:13:ea:25:2c:cb:68:2a:b2:a0:4d:7c:3f:
8a:b4:60:d9:68:a4:5e:ab:6c:6f:20:57:53:75:19:
0e:9e:b2:45:2f:2c:2a:c0:58:f5:4a:f8:b4:6e:c2:
fd:54:3f:d5:40:85:e3:71:68:99:c6:77:b6:ee:5a:
b9:88:de:e6:18:90:b2:49:2d:5c:2e:c1:d0:32:14:
30:f6:75:0d:dc:4d:d8:36:bb:ee:b4:a9:c8:22:d8:
8d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F7:CA:B0:2E:12:EF:9A:76:B5:4D:CE:6F:F2:FC:E8:5B:E6:D7:49
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0PfKsC4S75p2tU3Ob_L86Fvm10k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.71.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.148.0/22
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.224.0/24
84.32.227.0/24
84.32.229.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.252.0/23
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.186.0/24
88.216.189.0/24
88.216.209.0/24
88.216.215.0/24
88.216.228.0-88.216.235.255
Signature Algorithm: sha256WithRSAEncryption
34:e4:43:14:8a:92:b3:d2:4e:6b:58:28:63:30:18:80:92:76:
b2:5a:36:c9:bd:7b:33:6f:62:62:9b:a4:1e:c2:14:33:8f:8d:
00:20:37:6a:31:45:01:54:cc:d2:55:70:a9:ed:3b:19:61:d3:
46:ed:05:6d:b3:dd:10:c8:15:d3:32:08:32:32:21:12:f8:0b:
05:bd:24:e9:0f:c1:34:67:06:64:ea:6e:d6:0e:6b:9c:2e:83:
90:6d:6d:d8:2b:af:a8:43:1f:8f:34:d2:9b:54:c3:86:71:6b:
45:8c:a8:02:42:a8:40:e5:02:3f:27:34:43:6c:da:46:8c:89:
e9:83:03:26:76:8f:92:af:cc:5f:af:ca:47:5a:a3:e6:12:dd:
92:3b:4e:c0:34:21:db:5d:5a:a1:c0:6f:76:30:bc:35:80:d6:
90:2d:60:b3:53:47:66:4d:74:ea:a1:a2:39:44:f9:9e:a8:a8:
83:68:fa:a8:aa:06:63:ee:24:9b:60:7a:1d:44:4b:df:b6:fb:
2c:48:7b:43:e3:f0:ef:6c:0c:31:20:8e:73:61:ac:ae:dc:0e:
d6:46:44:25:5d:d9:e0:45:ec:41:6d:47:d9:1f:98:9b:54:39:
99:8c:f2:64:46:29:b5:ad:e6:b0:0f:a0:39:46:db:7b:8f:5a:
87:ee:88:18
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAYcKsQfR1suKoFQB257oq92pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzIyMTg1OTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGY3Y2FiMDJlMTJlZjlhNzZiNTRkY2U2ZmYyZmNlODViZTZkNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEbjEz9SDEXuCffVw3vy2GEDrbqK
huGbytxK2aATR34uVc+/OUzPBemXPQDzNs0d1CBtfWbHTTEJKhGTQMpacAvBMXdM
mzZvZdWV1FPd21UhPZl7ml3sRdoxxZO8UoOrnDyNrmIgc6qi+YSlBm8OjGmkDKx3
ilYGWj8e4nXfRqDS+pkF1VmITAZB/6B6mINbx5XQOkfdPxAwGkhg1313y7wjTAN2
C2ET6iUsy2gqsqBNfD+KtGDZaKReq2xvIFdTdRkOnrJFLywqwFj1Svi0bsL9VD/V
QIXjcWiZxne27lq5iN7mGJCySS1cLsHQMhQw9nUN3E3YNrvutKnIItiNpQIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFND3yrAuEu+adrVNzm/y/Ohb5tdJMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMFBmS3NDNFM3NXAydFUzT2JfTDg2RnZtMTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCCAQUEAgABMIH+
AwQAVCAIAwQCVCAYAwQAVCAeAwQAVCAuAwQAVCBHAwQAVCBNAwQAVCBPAwQAVCBY
AwQCVCCUAwQBVCCuAwQAVCCxAwQAVCCzAwQAVCDUAwQBVCDWAwQAVCDaAwQAVCDd
AwQAVCDgAwQAVCDjAwQAVCDlAwQAVCDoMAwDBABUIO8DBABUIPAwDAMEAVQg8gME
AVQg9AMEAVQg/AMEAFjYAwMEAFjYEQMEAFjYFQMEAFjYIAMEAFjYJAMEAVjYXAME
AFjYbwMEAFjYgDAMAwQAWNiDAwQBWNiEAwQAWNi6AwQAWNi9AwQAWNjRAwQAWNjX
MAwDBAJY2OQDBAJY2OgwDQYJKoZIhvcNAQELBQADggEBADTkQxSKkrPSTmtYKGMw
GICSdrJaNsm9ezNvYmKbpB7CFDOPjQAgN2oxRQFUzNJVcKntOxlh00btBW2z3RDI
FdMyCDIyIRL4CwW9JOkPwTRnBmTqbtYOa5wug5Btbdgrr6hDH4800ptUw4Zxa0WM
qAJCqEDlAj8nNENs2kaMiemDAyZ2j5KvzF+vykdao+YS3ZI7TsA0IdtdWqHAb3Yw
vDWA1pAtYLNTR2ZNdOqhojlE+Z6oqINo+qiqBmPuJJtgeh1ES9+2+yxIe0Pj8O9s
DDEgjnNhrK7cDtZGRCVd2eBF7EFtR9kfmJtUOZmM8mRGKbWt5rAPoDlG23uPWofu
iBg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org