Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-a17GCNsY5uBIu45oMqFYJx0Hps.roa
File: 1-a17GCNsY5uBIu45oMqFYJx0Hps.roa (raw, json)
Hash identifier: hNgrQyP+MHfA00JqSQkDYzdBWRluEtVbyAk5BdgxClE=
Subject key identifier: F9:AD:7B:18:23:6C:63:9B:81:22:EE:39:A0:CA:85:60:9C:74:1E:9B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01875D42FFA0C61C03F8F2AC8C88B25EFDCF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-a17GCNsY5uBIu45oMqFYJx0Hps.roa
Signing time: Fri 07 Apr 2023 19:48:04 +0000
ROA not before: Fri 07 Apr 2023 19:48:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.106.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.157.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5d:42:ff:a0:c6:1c:03:f8:f2:ac:8c:88:b2:5e:fd:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 7 19:48:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9ad7b18236c639b8122ee39a0ca85609c741e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5c:01:67:44:04:03:87:e2:18:ea:b1:fd:aa:
f7:1d:ae:80:f9:60:f9:83:a2:f9:f5:e5:99:76:b8:
5e:61:2f:49:9c:1d:2c:4c:07:b8:6b:28:62:6d:6a:
ad:2e:ad:71:5e:c6:92:db:c7:28:37:42:9e:a7:2a:
e5:51:4c:36:c3:29:84:11:0c:83:f8:b4:ed:9c:da:
a1:47:1b:fb:db:56:b1:16:d9:e2:36:24:be:7f:bf:
59:f4:1c:80:1f:8f:8b:06:a7:8d:0d:50:73:1d:0f:
26:17:97:a9:64:22:20:66:3a:dd:e5:36:11:18:bd:
b1:67:0e:cb:ec:0a:dd:19:74:48:40:27:a2:61:62:
15:fa:ed:4f:2e:55:af:df:ae:4f:48:39:d3:aa:1d:
b2:7b:b8:1c:64:5c:15:c4:65:14:0d:0d:50:b1:11:
59:c3:c3:34:8f:d5:09:21:20:14:18:a3:1c:cb:76:
a5:cd:fd:1e:94:88:09:f5:09:52:6e:0f:27:cc:e2:
e1:34:41:8c:d3:1b:05:13:45:46:f3:fd:93:92:46:
c2:81:28:29:b5:69:0f:f3:5e:65:30:55:cf:90:db:
bf:65:eb:1e:35:63:8c:5e:49:17:d3:5a:1c:31:3c:
35:47:2e:1a:ee:81:4a:0b:15:a5:8e:98:90:1f:77:
ea:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AD:7B:18:23:6C:63:9B:81:22:EE:39:A0:CA:85:60:9C:74:1E:9B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-a17GCNsY5uBIu45oMqFYJx0Hps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.40.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.67.0/24
84.32.70.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.106.0/24
84.32.108.0/23
84.32.148.0/22
84.32.157.0/24
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.224.255
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0-84.32.253.255
88.216.1.0/24
88.216.3.0/24
88.216.21.0/24
88.216.32.0/24
88.216.93.0/24
88.216.111.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.189.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:7d:62:ba:bf:33:44:6e:57:95:ea:03:bf:3a:4d:3c:c8:4d:
15:88:17:65:2f:f5:bf:bb:8d:76:72:28:d1:93:fa:2d:75:07:
75:26:3f:72:a2:76:5f:f7:c7:1f:18:71:0c:a3:56:97:2a:af:
c5:57:cc:ef:49:b5:8e:13:c5:0e:1d:84:09:03:ce:d6:81:4c:
1a:c6:b8:b8:12:f6:82:10:31:b7:fa:d2:7d:50:58:4f:0b:a5:
2b:3b:b5:ff:52:91:cc:c0:2b:53:72:ce:04:96:97:73:f8:87:
95:70:6b:ea:ee:37:32:5b:ab:a1:c1:8c:36:9d:5a:10:d0:36:
c3:46:18:5d:33:73:98:9e:01:79:14:b0:7a:ed:dc:06:fb:78:
6d:5d:98:5e:1b:bd:b2:ce:76:17:94:28:cd:bc:79:89:e4:93:
75:81:64:2f:d8:44:12:ff:0f:c2:44:7b:86:07:5b:d8:14:53:
aa:2a:ba:1c:04:5f:87:15:ad:6e:e5:7c:92:78:11:5a:36:ea:
51:82:ba:85:80:44:e5:80:4a:4a:74:58:66:21:c8:20:ed:d2:
40:d8:62:f2:ed:b2:15:b7:4c:4d:d7:1e:da:03:48:c4:88:08:
04:1c:92:53:8c:8c:5d:56:3b:57:bb:bc:5b:b4:3f:6c:51:41:
04:fd:7e:d2
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgISAYddQv+gxhwD+PKsjIiyXv3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDA3MTk0ODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFkN2IxODIzNmM2MzliODEyMmVlMzlhMGNhODU2MDljNzQxZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFwBZ0QEA4fiGOqx/ar3Ha6A+WD5
g6L59eWZdrheYS9JnB0sTAe4ayhibWqtLq1xXsaS28coN0KepyrlUUw2wymEEQyD
+LTtnNqhRxv721axFtniNiS+f79Z9ByAH4+LBqeNDVBzHQ8mF5epZCIgZjrd5TYR
GL2xZw7L7ArdGXRIQCeiYWIV+u1PLlWv365PSDnTqh2ye7gcZFwVxGUUDQ1QsRFZ
w8M0j9UJISAUGKMcy3alzf0elIgJ9QlSbg8nzOLhNEGM0xsFE0VG8/2TkkbCgSgp
tWkP815lMFXPkNu/ZeseNWOMXkkX01ocMTw1Ry4a7oFKCxWljpiQH3fqAQIDAQAB
o4IDJjCCAyIwHQYDVR0OBBYEFPmtexgjbGObgSLuOaDKhWCcdB6bMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS1hMTdHQ05zWTV1Qkl1NDVvTXFGWUp4MEhwcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCATkGCCsGAQUFBwEHAQH/BIIBKDCCASQwggEgBAIAATCC
ARgDBABUIAgDBAJUIBgDBABUIB4DBABUICgDBABUIC4DBABUIDkDBABUIDwDBABU
IEMDBABUIEYDBABUIE0DBABUIE8DBABUIFgDBABUIGoDBAFUIGwDBAJUIJQDBABU
IJ0DBAFUIK4DBABUILEDBABUILMDBABUINQDBAFUINYDBABUINoDBABUIN0wDAME
AFQg3wMEAFQg4AMEAFQg6DAMAwQAVCDvAwQAVCDwMAwDBAFUIPIDBAFUIPQwDAME
AVQg+gMEAVQg/AMEAFjYAQMEAFjYAwMEAFjYFQMEAFjYIAMEAFjYXQMEAFjYbwME
AFjYgDAMAwQBWNiCAwQAWNiEAwQAWNi9AwQCWNjUAwQAWNjcAwQCWNjoMA0GCSqG
SIb3DQEBCwUAA4IBAQAtfWK6vzNEbleV6gO/Ok08yE0ViBdlL/W/u412cijRk/ot
dQd1Jj9yonZf98cfGHEMo1aXKq/FV8zvSbWOE8UOHYQJA87WgUwaxri4EvaCEDG3
+tJ9UFhPC6UrO7X/UpHMwCtTcs4Elpdz+IeVcGvq7jcyW6uhwYw2nVoQ0DbDRhhd
M3OYngF5FLB67dwG+3htXZheG72yznYXlCjNvHmJ5JN1gWQv2EQS/w/CRHuGB1vY
FFOqKrocBF+HFa1u5XySeBFaNupRgrqFgETlgEpKdFhmIcgg7dJA2GLy7bIVt0xN
1x7aA0jEiAgEHJJTjIxdVjtXu7xbtD9sUUEE/X7S
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:44 2023 by rpki-client on console-fra.rpki-client.org