Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0RYy4q1sfgSnZm50RQZ3WfTE0eU.roa
File: 0RYy4q1sfgSnZm50RQZ3WfTE0eU.roa (raw, json)
Hash identifier: Sm2UjgDr7wRBi7wK99D9cEYyT1KfPLdWkoEK0UPysFc=
Subject key identifier: D1:16:32:E2:AD:6C:7E:04:A7:66:6E:74:45:06:77:59:F4:C4:D1:E5
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018745E3E1DE8A8B21AF843D5D289A2310B4
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0RYy4q1sfgSnZm50RQZ3WfTE0eU.roa
Signing time: Mon 03 Apr 2023 06:52:54 +0000
ROA not before: Mon 03 Apr 2023 06:52:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.106.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:45:e3:e1:de:8a:8b:21:af:84:3d:5d:28:9a:23:10:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 3 06:52:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d11632e2ad6c7e04a7666e7445067759f4c4d1e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:37:c6:27:7f:4a:80:9b:1f:45:93:3e:2e:cb:
37:7d:ed:ad:0f:6c:b3:05:ee:99:07:53:02:62:99:
54:7e:97:c6:cc:af:72:b4:a7:22:23:08:c7:d7:f7:
f7:06:db:f2:61:9a:05:15:66:70:d1:56:90:d3:c8:
92:d3:db:3e:d0:9c:34:b4:b2:72:24:92:12:67:ce:
6f:85:bc:30:03:90:1d:85:88:ef:e2:4b:0e:e9:0f:
fa:98:48:07:83:6d:dc:be:59:db:0b:35:cc:88:7b:
14:6c:e9:95:82:17:94:66:5f:c1:dd:0f:0e:0a:98:
66:5c:c5:4d:06:8a:db:9c:52:59:89:ab:bb:77:7c:
ba:b4:5f:45:da:3c:14:18:c2:2d:6c:8c:76:5e:93:
4c:cb:ca:cf:6d:66:21:5e:bc:a6:5b:5e:7c:1e:99:
90:fc:2f:f9:a2:fb:aa:ae:12:4b:bf:08:05:3c:78:
b3:fb:27:de:96:d6:b5:2d:94:c5:4b:da:43:be:85:
56:6d:fe:eb:e6:7b:cb:2f:69:d3:4e:e8:0a:33:88:
af:e7:5b:45:c1:22:c6:c4:21:55:7d:ba:67:44:28:
61:a6:a6:4f:bb:67:cf:4a:99:54:b7:47:73:7c:ad:
6c:22:d8:8b:6e:59:07:3e:4b:a9:2c:a7:ae:62:c2:
b9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:16:32:E2:AD:6C:7E:04:A7:66:6E:74:45:06:77:59:F4:C4:D1:E5
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0RYy4q1sfgSnZm50RQZ3WfTE0eU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.40.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.70.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.106.0/24
84.32.108.0/23
84.32.148.0/22
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.224.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0/24
84.32.252.0/23
88.216.1.0/24
88.216.3.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.186.0/24
88.216.189.0/24
88.216.215.0/24
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:cc:c5:71:f6:9f:5f:97:b9:ac:f6:0f:fc:91:ab:55:ab:d1:
aa:94:e6:81:f2:06:c9:45:af:96:83:39:37:3a:0f:d7:37:ca:
aa:bf:90:47:98:ac:30:6f:0e:19:cb:a7:9d:fa:66:cd:62:92:
b4:77:d7:cb:fe:a3:2e:26:ab:6e:76:a0:92:06:c0:be:1f:b5:
0a:36:8a:39:64:dc:4a:c7:f9:5f:36:84:c7:5a:c0:39:d8:bd:
ed:f2:fc:fc:52:23:79:be:a6:53:df:2d:ce:83:e4:a4:04:7c:
94:aa:ef:c8:bf:28:4f:4d:1f:c9:5e:72:4b:18:7e:60:bb:f0:
72:a6:d3:da:e4:e7:18:b1:bf:19:8d:c6:08:bb:04:2d:fe:b5:
41:08:01:7e:08:57:d4:40:e4:c3:cd:4f:5f:53:c1:73:d1:ff:
63:43:0b:df:b1:e3:cc:eb:04:12:bc:b5:6d:34:73:1c:51:65:
aa:46:c0:97:f4:d1:d9:4e:e6:e4:1a:93:97:f8:9b:95:31:9e:
09:db:0a:db:10:67:d9:cd:f0:36:78:11:45:4b:eb:d1:a2:da:
e4:c2:d6:83:73:8d:b5:61:81:37:85:67:b5:0d:67:80:39:12:
00:0d:60:b4:30:7d:f2:c5:40:7c:6a:6b:4a:2f:04:d2:57:c0:
93:9e:ca:01
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYdF4+Heioshr4Q9XSiaIxC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDAzMDY1MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTE2MzJlMmFkNmM3ZTA0YTc2NjZlNzQ0NTA2Nzc1OWY0YzRkMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzfGJ39KgJsfRZM+Lss3fe2tD2yz
Be6ZB1MCYplUfpfGzK9ytKciIwjH1/f3BtvyYZoFFWZw0VaQ08iS09s+0Jw0tLJy
JJISZ85vhbwwA5AdhYjv4ksO6Q/6mEgHg23cvlnbCzXMiHsUbOmVgheUZl/B3Q8O
CphmXMVNBorbnFJZiau7d3y6tF9F2jwUGMItbIx2XpNMy8rPbWYhXrymW158HpmQ
/C/5ovuqrhJLvwgFPHiz+yfelta1LZTFS9pDvoVWbf7r5nvLL2nTTugKM4iv51tF
wSLGxCFVfbpnRChhpqZPu2fPSplUt0dzfK1sItiLblkHPkupLKeuYsK5wQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFNEWMuKtbH4Ep2ZudEUGd1n0xNHlMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMFJZeTRxMXNmZ1NuWm01MFJRWjNXZlRFMGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgKAMEAFQgLgMEAFQgOQMEAFQgPAMEAFQg
RgMEAFQgTQMEAFQgTwMEAFQgWAMEAFQgagMEAVQgbAMEAlQglAMEAVQgrgMEAFQg
sQMEAFQgswMEAFQg1AMEAVQg1gMEAFQg2gMEAFQg3QMEAFQg4AMEAFQg6DAMAwQA
VCDvAwQAVCDwMAwDBAFUIPIDBAFUIPQDBABUIPoDBAFUIPwDBABY2AEDBABY2AMD
BABY2BUDBABY2CADBABY2CQDBAFY2FwDBABY2G8DBABY2IAwDAMEAVjYggMEAFjY
hAMEAFjYugMEAFjYvQMEAFjY1wMEAFjY3AMEAljY6DANBgkqhkiG9w0BAQsFAAOC
AQEAn8zFcfafX5e5rPYP/JGrVavRqpTmgfIGyUWvloM5NzoP1zfKqr+QR5isMG8O
GcunnfpmzWKStHfXy/6jLiarbnagkgbAvh+1CjaKOWTcSsf5XzaEx1rAOdi97fL8
/FIjeb6mU98tzoPkpAR8lKrvyL8oT00fyV5ySxh+YLvwcqbT2uTnGLG/GY3GCLsE
Lf61QQgBfghX1EDkw81PX1PBc9H/Y0ML37HjzOsEEry1bTRzHFFlqkbAl/TR2U7m
5BqTl/iblTGeCdsK2xBn2c3wNngRRUvr0aLa5MLWg3ONtWGBN4VntQ1ngDkSAA1g
tDB98sVAfGprSi8E0lfAk57KAQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:44 2023 by rpki-client on console-fra.rpki-client.org