Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2LZNDmdqlgBTjrkSJhxBEXeM9cw.roa
File: 2LZNDmdqlgBTjrkSJhxBEXeM9cw.roa (raw, json)
Hash identifier: oKLyvwIwjtmmQgLDmYwJYL7v1upJv9qGTNYeyY+bHps=
Subject key identifier: D8:B6:4D:0E:67:6A:96:00:53:8E:B9:12:26:1C:41:11:77:8C:F5:CC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01879845C2C914CB39CCE7E4C8DCC6ECB6C1
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2LZNDmdqlgBTjrkSJhxBEXeM9cw.roa
Signing time: Wed 19 Apr 2023 06:48:41 +0000
ROA not before: Wed 19 Apr 2023 06:48:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:45:c2:c9:14:cb:39:cc:e7:e4:c8:dc:c6:ec:b6:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 19 06:48:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8b64d0e676a9600538eb912261c4111778cf5cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:fb:2e:80:08:6b:28:60:aa:ea:bb:e0:aa:27:
54:fb:5e:be:bf:d0:77:1d:54:3f:9c:c1:87:bd:54:
da:85:99:57:d2:6a:7d:9e:50:b3:35:98:15:77:02:
31:cb:00:73:5e:60:69:f5:36:33:4f:5d:c4:f9:72:
01:59:95:df:b7:7f:02:8a:ac:29:96:4b:01:f1:ec:
56:6d:fa:49:9c:12:af:f8:00:57:a1:eb:f8:48:d7:
de:ad:fd:cc:a9:ef:f2:9b:db:c8:6b:74:e0:1e:1b:
35:7a:d0:96:97:5e:bf:10:91:5a:0e:4a:80:62:00:
83:e2:1f:3c:0b:4c:ae:ad:b2:48:8e:fa:c2:13:39:
51:72:bf:0c:bd:64:3e:1a:77:b8:a8:4c:ef:f1:d6:
fe:c8:e5:f2:42:67:e8:dc:50:04:03:14:1a:ab:34:
f9:98:0e:85:2b:36:d9:5d:33:99:49:64:c9:be:2d:
07:79:3a:e4:a1:6a:58:44:90:38:0f:2a:6b:f5:dc:
92:f6:3f:88:56:fd:e3:b1:5a:a1:0f:6d:22:60:77:
36:fd:c5:a4:0e:53:b1:07:dd:83:36:99:43:bd:c8:
da:66:56:7b:80:7f:95:c2:05:d0:33:1d:fa:c8:b4:
b3:71:37:92:8f:91:ea:fc:f9:15:4f:b2:23:e5:15:
cf:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B6:4D:0E:67:6A:96:00:53:8E:B9:12:26:1C:41:11:77:8C:F5:CC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2LZNDmdqlgBTjrkSJhxBEXeM9cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.67.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.90.0/24
84.32.108.0-84.32.110.255
84.32.148.0-84.32.154.255
84.32.156.0/24
84.32.158.0/23
84.32.174.0/23
84.32.177.0-84.32.178.255
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.224.255
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.251.0-84.32.253.255
88.216.1.0/24
88.216.3.0/24
88.216.16.0/24
88.216.21.0/24
88.216.32.0/24
88.216.35.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.93.0/24
88.216.103.0/24
88.216.111.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.183.0/24
88.216.185.0/24
88.216.189.0/24
88.216.197.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:92:a6:3c:c3:17:a5:b5:04:c4:6a:1a:62:f6:2d:cf:4f:f8:
91:bc:ae:94:fd:c8:5c:f0:4e:db:de:98:9f:ee:1b:db:b0:0f:
c7:cf:10:37:e2:b1:f4:d3:1c:a5:a6:c9:80:a9:05:93:cd:04:
33:01:86:82:19:f7:41:95:5a:7e:d9:83:5c:94:41:d3:e5:ab:
da:12:7a:cd:5c:94:9c:fa:45:17:5c:eb:d0:7b:ff:d4:7f:fe:
78:32:36:ce:09:b0:d8:78:ba:01:f9:38:b3:b7:15:96:9b:7f:
42:c0:55:ed:6b:39:cb:d7:7f:91:52:2b:67:9c:64:a6:55:bc:
55:ac:83:a6:e4:2c:f8:c0:21:98:48:93:78:c6:dc:b5:d0:7f:
ba:cc:bf:f2:85:c4:a6:47:94:14:b2:3b:c2:31:de:2b:b9:3a:
f8:5a:96:df:99:1e:c8:cb:da:13:0d:cf:36:14:5d:71:5d:21:
8f:b2:f3:38:90:c5:69:ef:bd:d4:93:f0:15:6d:3d:4b:ac:56:
ad:16:73:be:fc:c5:29:d5:db:00:a9:bd:38:19:ba:61:77:51:
26:36:11:b2:ec:ee:9d:a2:85:43:f9:11:48:a6:0b:14:db:56:
0c:5b:91:5e:61:46:34:84:2d:0b:4a:19:2f:2a:1e:15:2d:ec:
ec:7a:dd:24
-----BEGIN CERTIFICATE-----
MIIGcTCCBVmgAwIBAgISAYeYRcLJFMs5zOfkyNzG7LbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDE5MDY0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGI2NGQwZTY3NmE5NjAwNTM4ZWI5MTIyNjFjNDExMTc3OGNmNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6PsugAhrKGCq6rvgqidU+16+v9B3
HVQ/nMGHvVTahZlX0mp9nlCzNZgVdwIxywBzXmBp9TYzT13E+XIBWZXft38Ciqwp
lksB8exWbfpJnBKv+ABXoev4SNferf3Mqe/ym9vIa3TgHhs1etCWl16/EJFaDkqA
YgCD4h88C0yurbJIjvrCEzlRcr8MvWQ+Gne4qEzv8db+yOXyQmfo3FAEAxQaqzT5
mA6FKzbZXTOZSWTJvi0HeTrkoWpYRJA4Dypr9dyS9j+IVv3jsVqhD20iYHc2/cWk
DlOxB92DNplDvcjaZlZ7gH+VwgXQMx36yLSzcTeSj5Hq/PkVT7Ij5RXP+wIDAQAB
o4IDfTCCA3kwHQYDVR0OBBYEFNi2TQ5napYAU465EiYcQRF3jPXMMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMkxaTkRtZHFsZ0JUanJrU0poeEJFWGVNOWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBkQYIKwYBBQUHAQcBAf8EggGAMIIBfDCCAXgEAgABMIIB
cAMEAFQgCAMEAFQgCgMEAlQgGAMEAFQgHgMEAFQgLgMEAFQgOQMEAFQgPAMEAFQg
QwMEAFQgTQMEAFQgTwMEAFQgWAMEAFQgWjAMAwQCVCBsAwQAVCBuMAwDBAJUIJQD
BABUIJoDBABUIJwDBAFUIJ4DBAFUIK4wDAMEAFQgsQMEAFQgsgMEAFQg1AMEAVQg
1gMEAFQg2gMEAFQg3TAMAwQAVCDfAwQAVCDgMAwDBABUIOcDBABUIOgDBABUIOsw
DAMEAFQg7wMEAFQg8DAMAwQBVCDyAwQBVCD0MAwDBABUIPsDBAFUIPwDBABY2AED
BABY2AMDBABY2BADBABY2BUDBABY2CADBABY2CMDBAFY2CwwDAMEA1jYOAMEAVjY
QAMEAFjYXQMEAFjYZwMEAFjYbwMEAFjYgDAMAwQBWNiCAwQAWNiEAwQAWNi3AwQA
WNi5AwQAWNi9AwQAWNjFAwQCWNjUAwQAWNjcAwQCWNjoMA0GCSqGSIb3DQEBCwUA
A4IBAQBLkqY8wxeltQTEahpi9i3PT/iRvK6U/chc8E7b3pif7hvbsA/HzxA34rH0
0xylpsmAqQWTzQQzAYaCGfdBlVp+2YNclEHT5avaEnrNXJSc+kUXXOvQe//Uf/54
MjbOCbDYeLoB+TiztxWWm39CwFXtaznL13+RUitnnGSmVbxVrIOm5Cz4wCGYSJN4
xty10H+6zL/yhcSmR5QUsjvCMd4ruTr4WpbfmR7Iy9oTDc82FF1xXSGPsvM4kMVp
773Uk/AVbT1LrFatFnO+/MUp1dsAqb04Gbphd1EmNhGy7O6dooVD+RFIpgsU21YM
W5FeYUY0hC0LShkvKh4VLezset0k
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:44 2023 by rpki-client on console-fra.rpki-client.org