Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1BAcsz9OKS9zlOk72iKgNYHlnWI.roa
File: 1BAcsz9OKS9zlOk72iKgNYHlnWI.roa (raw, json)
Hash identifier: +yUXORxfn/qYXXtJ5A5OYn1qpd0wHZ12mvSaK3I2v0U=
Subject key identifier: D4:10:1C:B3:3F:4E:29:2F:73:94:E9:3B:DA:22:A0:35:81:E5:9D:62
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018742D6EEBE841E26321E2230361E930765
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1BAcsz9OKS9zlOk72iKgNYHlnWI.roa
Signing time: Sun 02 Apr 2023 16:39:54 +0000
ROA not before: Sun 02 Apr 2023 16:39:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.106.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Apr 2023 06:51:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:42:d6:ee:be:84:1e:26:32:1e:22:30:36:1e:93:07:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 2 16:39:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4101cb33f4e292f7394e93bda22a03581e59d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ac:df:a3:41:65:a0:76:26:25:77:ba:31:5c:
af:7e:57:46:15:2d:49:aa:88:aa:07:f3:8a:11:07:
a5:94:7d:01:d2:db:41:54:85:8c:65:f5:42:2a:3a:
86:03:13:16:ae:96:cb:34:55:ec:fe:8e:ae:1a:ff:
b5:4b:42:f3:58:94:db:07:1a:4f:f9:3c:44:ef:84:
47:90:6c:dc:90:32:23:d6:87:62:82:ee:2c:13:6a:
fa:a9:24:e8:a2:2c:07:ed:07:fc:f5:1d:a9:90:c5:
39:00:27:cd:d3:26:31:1e:52:02:6c:59:38:3c:90:
9b:79:89:d6:52:20:74:1d:e4:90:fb:3a:95:fd:67:
49:8a:92:85:97:c1:9a:2d:be:12:05:63:0f:09:19:
4d:3e:3a:87:d2:a8:1a:37:f8:e1:39:aa:17:d7:10:
d0:55:1e:24:82:ae:65:2b:e2:f7:01:b6:39:44:61:
3b:cf:f2:15:5d:a0:9d:82:25:31:31:bf:bf:dd:fc:
86:93:7e:66:e0:99:65:28:23:d2:d5:ea:10:b7:80:
39:51:aa:91:4d:34:a6:9d:fe:aa:1f:00:50:75:9c:
85:90:37:8b:8f:f7:29:ef:70:3f:6a:7b:d6:7f:9d:
5d:57:f9:ae:07:58:ce:58:d0:c0:3a:43:f6:1b:30:
53:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:10:1C:B3:3F:4E:29:2F:73:94:E9:3B:DA:22:A0:35:81:E5:9D:62
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1BAcsz9OKS9zlOk72iKgNYHlnWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.40.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.70.0/23
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.106.0/24
84.32.108.0/23
84.32.148.0/22
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.224.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0/24
84.32.252.0/23
88.216.1.0/24
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.186.0/24
88.216.189.0/24
88.216.215.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
33:e9:e7:5a:e3:12:59:3b:04:53:49:02:bd:82:b3:3e:77:09:
9a:b7:57:2b:0c:6c:7d:1b:1d:fb:be:10:9d:be:ea:15:d8:ba:
26:b3:c1:4e:0e:81:37:38:3e:de:80:d7:0a:d2:d5:a5:24:e0:
69:58:c9:89:b7:87:95:fe:44:7c:9c:da:65:f9:3a:4c:0a:5f:
c4:5a:17:de:3b:0c:27:08:7a:1b:fe:40:4d:d8:54:db:20:38:
a5:36:37:cc:6d:8c:d5:6c:a6:85:10:06:72:cd:8c:25:eb:70:
67:ae:ad:4f:33:d7:8c:44:86:30:9c:02:b9:52:57:7a:4e:2c:
f7:9d:69:78:74:1b:8b:4d:2c:dd:c8:61:95:a5:6a:b9:a2:94:
10:0f:c4:24:d4:8e:e7:3e:bc:22:e8:94:fb:60:8a:cc:9f:ff:
92:29:79:dc:ad:7f:c7:59:db:28:6c:b3:7c:b4:f5:a1:92:57:
42:8a:9c:95:78:ea:2e:89:ec:74:79:93:d2:8d:72:60:e7:43:
e1:ec:56:06:7b:0d:51:77:1b:d7:2b:6d:19:fe:80:36:09:8c:
c8:e1:31:9d:ff:c7:38:02:c8:7a:32:42:48:19:0f:86:16:04:
dd:5a:14:e8:f7:21:c1:09:80:5f:f5:2a:42:12:97:8e:73:5f:
55:9d:9c:6d
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYdC1u6+hB4mMh4iMDYekwdlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDAyMTYzOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDEwMWNiMzNmNGUyOTJmNzM5NGU5M2JkYTIyYTAzNTgxZTU5ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqzfo0FloHYmJXe6MVyvfldGFS1J
qoiqB/OKEQellH0B0ttBVIWMZfVCKjqGAxMWrpbLNFXs/o6uGv+1S0LzWJTbBxpP
+TxE74RHkGzckDIj1odigu4sE2r6qSTooiwH7Qf89R2pkMU5ACfN0yYxHlICbFk4
PJCbeYnWUiB0HeSQ+zqV/WdJipKFl8GaLb4SBWMPCRlNPjqH0qgaN/jhOaoX1xDQ
VR4kgq5lK+L3AbY5RGE7z/IVXaCdgiUxMb+/3fyGk35m4JllKCPS1eoQt4A5UaqR
TTSmnf6qHwBQdZyFkDeLj/cp73A/anvWf51dV/muB1jOWNDAOkP2GzBTKQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFNQQHLM/Tikvc5TpO9oioDWB5Z1iMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMUJBY3N6OU9LUzl6bE9rNzJpS2dOWUhsbldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgKAMEAFQgLgMEAFQgOQMEAFQgPAMEAVQg
RgMEAFQgTQMEAFQgTwMEAFQgWAMEAFQgagMEAVQgbAMEAlQglAMEAVQgrgMEAFQg
sQMEAFQgswMEAFQg1AMEAVQg1gMEAFQg2gMEAFQg3QMEAFQg4AMEAFQg6DAMAwQA
VCDvAwQAVCDwMAwDBAFUIPIDBAFUIPQDBABUIPoDBAFUIPwDBABY2AEDBABY2AMD
BABY2BEDBABY2BUDBABY2CADBABY2CQDBAFY2FwDBABY2G8DBABY2IAwDAMEAVjY
ggMEAFjYhAMEAFjYugMEAFjYvQMEAFjY1wMEAljY6DANBgkqhkiG9w0BAQsFAAOC
AQEAM+nnWuMSWTsEU0kCvYKzPncJmrdXKwxsfRsd+74Qnb7qFdi6JrPBTg6BNzg+
3oDXCtLVpSTgaVjJibeHlf5EfJzaZfk6TApfxFoX3jsMJwh6G/5ATdhU2yA4pTY3
zG2M1WymhRAGcs2MJetwZ66tTzPXjESGMJwCuVJXek4s951peHQbi00s3chhlaVq
uaKUEA/EJNSO5z68IuiU+2CKzJ//kil53K1/x1nbKGyzfLT1oZJXQoqclXjqLons
dHmT0o1yYOdD4exWBnsNUXcb1yttGf6ANgmMyOExnf/HOALIejJCSBkPhhYE3VoU
6PchwQmAX/UqQhKXjnNfVZ2cbQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org