Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-DtyFJRPlXO-qPF8mevMYESQtY8.roa
File: 1-DtyFJRPlXO-qPF8mevMYESQtY8.roa (raw, json)
Hash identifier: bSWcVsobGm/5qo4qNMANtpympStac0CBI/EKpTshHRQ=
Subject key identifier: F8:3B:72:14:94:4F:95:73:BE:A8:F1:7C:99:EB:CC:60:44:90:B5:8F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018C38EC63AAC9C0A5F92F5708ACDEAB24AE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-DtyFJRPlXO-qPF8mevMYESQtY8.roa
Signing time: Tue 05 Dec 2023 07:41:05 +0000
ROA not before: Tue 05 Dec 2023 07:41:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.182.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.208.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
84.32.236.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
84.32.249.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.83.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.25.0/24 maxlen: 24
84.32.26.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.178.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Dec 2023 14:10:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:38:ec:63:aa:c9:c0:a5:f9:2f:57:08:ac:de:ab:24:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 5 07:41:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f83b7214944f9573bea8f17c99ebcc604490b58f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:5c:78:b2:ef:47:d8:9c:3c:45:1f:67:45:18:
f5:31:82:ae:fd:0c:f4:7b:67:ff:24:06:69:2e:42:
da:8c:68:44:a7:29:8b:bf:c8:c2:78:04:8e:52:90:
ac:9d:20:d3:7e:f1:f0:76:de:f3:59:0f:9b:2c:26:
a6:35:f7:97:6d:e4:1e:7b:23:41:20:62:6b:bf:5a:
0a:1b:43:a0:7e:1e:61:97:4d:12:b4:cd:f5:09:2b:
43:35:b4:c1:ca:13:24:f2:14:eb:7d:b4:99:83:78:
e4:77:a6:86:a6:ec:67:27:30:70:45:44:db:b6:42:
65:1d:a0:2e:ef:38:54:81:f7:bd:a7:04:ac:de:cb:
7d:79:bc:d4:60:23:00:7d:d6:5b:22:a7:4f:51:dc:
16:26:48:12:5a:c5:58:a7:d3:79:de:d6:03:25:71:
6a:69:00:47:2d:37:27:17:48:92:dd:98:76:2c:7c:
d1:d3:f0:83:8a:4e:e7:fc:76:71:2d:9c:0e:e7:64:
09:e3:8b:91:b5:e6:21:ad:4e:52:ed:45:88:7e:88:
b0:70:09:9a:f4:9b:d5:e7:b4:ba:3b:61:26:02:d4:
c3:45:63:42:1e:58:26:a7:eb:8f:0f:fb:a7:ac:57:
1c:2a:db:cf:fb:c4:79:ce:b3:ff:60:e6:0d:66:b8:
b6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:3B:72:14:94:4F:95:73:BE:A8:F1:7C:99:EB:CC:60:44:90:B5:8F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-DtyFJRPlXO-qPF8mevMYESQtY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.66.0/24
84.32.83.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.210.0/24
84.32.214.0/23
84.32.236.0/24
84.32.244.0/22
84.32.249.0/24
88.216.22.0/23
88.216.43.0-88.216.45.255
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.180.0/24
88.216.182.0/23
88.216.187.0-88.216.191.255
88.216.197.0-88.216.198.255
88.216.208.0/24
88.216.211.0-88.216.215.255
88.216.228.0/22
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
36:f2:a1:96:62:94:7d:9a:54:75:d1:23:b4:3c:0f:02:80:3b:
99:59:fe:52:90:2a:60:ca:0f:04:91:b6:ab:f2:31:58:fd:2d:
c9:87:65:7a:e0:44:61:cb:b8:e1:96:5c:0e:7a:61:16:d0:5f:
e4:ac:3e:20:cc:c4:74:03:9e:18:4a:5f:f0:6b:f0:18:19:81:
7a:f5:43:56:3d:6c:3a:3b:f1:d1:11:00:a6:10:4b:86:cb:6b:
af:73:57:28:7c:4d:b9:ec:fd:de:e0:d2:40:1b:2e:24:fb:bf:
5d:27:34:d3:e6:cc:e8:37:c9:e0:7e:81:f1:b5:0e:2f:fc:af:
b5:a7:ec:ee:3d:f1:b8:f3:6e:e8:e5:40:37:7e:f8:85:af:ba:
83:75:e0:07:6d:d5:df:d8:39:9b:f6:f4:4a:2f:0e:14:e8:4d:
2c:35:57:bc:96:81:09:7a:49:45:05:a6:63:34:cc:6e:73:35:
17:0f:b7:fb:7e:fd:2c:4b:cc:8c:e1:20:a2:9b:05:76:b4:56:
0d:ff:41:65:62:1c:0f:eb:47:09:4b:4c:cd:36:87:0f:9b:26:
de:4c:a3:79:ae:5d:c9:46:1c:0d:6b:bb:c3:47:7f:56:ce:96:
e5:39:4d:03:3b:26:62:c5:df:5b:f7:40:07:1d:3f:58:63:04:
2d:90:df:c1
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgISAYw47GOqycCl+S9XCKzeqySuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMjA1MDc0MTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODNiNzIxNDk0NGY5NTczYmVhOGYxN2M5OWViY2M2MDQ0OTBiNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlx4su9H2Jw8RR9nRRj1MYKu/Qz0
e2f/JAZpLkLajGhEpymLv8jCeASOUpCsnSDTfvHwdt7zWQ+bLCamNfeXbeQeeyNB
IGJrv1oKG0Ogfh5hl00StM31CStDNbTByhMk8hTrfbSZg3jkd6aGpuxnJzBwRUTb
tkJlHaAu7zhUgfe9pwSs3st9ebzUYCMAfdZbIqdPUdwWJkgSWsVYp9N53tYDJXFq
aQBHLTcnF0iS3Zh2LHzR0/CDik7n/HZxLZwO52QJ44uRteYhrU5S7UWIfoiwcAma
9JvV57S6O2EmAtTDRWNCHlgmp+uPD/unrFccKtvP+8R5zrP/YOYNZri29QIDAQAB
o4IC2zCCAtcwHQYDVR0OBBYEFPg7chSUT5VzvqjxfJnrzGBEkLWPMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS1EdHlGSlJQbFhPLXFQRjhtZXZNWUVTUXRZOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB7wYIKwYBBQUHAQcBAf8Egd8wgdwwgdkEAgABMIHSAwQA
VCAIMAwDBAJUIBQDBAJUIBgDBAFUIC4DBABUIEIDBABUIFMDBABUIF8DBAJUIJQD
BAFUIK4DBAFUILIDBABUINIDBAFUINYDBABUIOwDBAJUIPQDBABUIPkDBAFY2BYw
DAMEAFjYKwMEAVjYLAMEAFjYXTAMAwQBWNiCAwQAWNiEAwQBWNiGAwQAWNi0AwQB
WNi2MAwDBABY2LsDBAZY2IAwDAMEAFjYxQMEAFjYxgMEAFjY0DAMAwQAWNjTAwQD
WNjQAwQCWNjkAwQCWNjsMA0GCSqGSIb3DQEBCwUAA4IBAQA28qGWYpR9mlR10SO0
PA8CgDuZWf5SkCpgyg8Ekbar8jFY/S3Jh2V64ERhy7jhllwOemEW0F/krD4gzMR0
A54YSl/wa/AYGYF69UNWPWw6O/HREQCmEEuGy2uvc1cofE257P3e4NJAGy4k+79d
JzTT5szoN8ngfoHxtQ4v/K+1p+zuPfG4827o5UA3fviFr7qDdeAHbdXf2Dmb9vRK
Lw4U6E0sNVe8loEJeklFBaZjNMxuczUXD7f7fv0sS8yM4SCimwV2tFYN/0FlYhwP
60cJS0zNNocPmybeTKN5rl3JRhwNa7vDR39WzpblOU0DOyZixd9b90AHHT9YYwQt
kN/B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org