Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3PaVjcjvfYRyodl77u9abrdEjIM.roa
File: 3PaVjcjvfYRyodl77u9abrdEjIM.roa (raw, json)
Hash identifier: g9WdElqdfMH9kmNyVsr4LypZ7+pGQVolI7J3eLWK7y8=
Subject key identifier: DC:F6:95:8D:C8:EF:7D:84:72:A1:D9:7B:EE:EF:5A:6E:B7:44:8C:83
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0189180E4E568223583164158DD483E27A95
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3PaVjcjvfYRyodl77u9abrdEjIM.roa
Signing time: Sun 02 Jul 2023 19:22:18 +0000
ROA not before: Sun 02 Jul 2023 19:22:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.23.0/24 maxlen: 24
84.32.20.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.178.0/23 maxlen: 24
84.32.213.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.110.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.107.0/24 maxlen: 24
88.216.109.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.104.0/24 maxlen: 24
88.216.105.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:18:0e:4e:56:82:23:58:31:64:15:8d:d4:83:e2:7a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 2 19:22:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcf6958dc8ef7d8472a1d97beeef5a6eb7448c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6c:88:17:65:97:f0:cc:65:9a:80:8c:ed:85:
84:b2:25:78:df:92:06:1f:02:73:d7:1e:19:a4:eb:
53:4f:2e:5a:3a:05:85:44:b1:eb:6f:10:71:1b:57:
9d:9e:7f:d4:1e:6a:1f:b2:70:d9:04:99:ee:90:37:
db:20:b5:31:f9:04:09:8c:1b:40:10:7e:a0:b7:23:
06:bc:fa:ba:65:2d:42:c9:9c:b1:3b:3f:68:ac:18:
f8:6a:7f:d5:cc:20:0b:07:b6:fa:98:f9:45:97:bb:
22:f5:c9:bb:30:6b:c7:08:af:8e:ad:10:4e:10:5a:
77:d4:b0:42:17:11:a7:4c:32:80:45:a3:45:88:c3:
39:c9:3f:22:ff:0b:3c:c3:ea:c8:d1:c8:23:1d:14:
6b:4a:44:21:cf:af:8f:ea:3d:17:81:1d:d9:4e:42:
68:69:9c:3a:b5:6c:64:b3:c7:b0:0d:69:62:a2:e2:
3b:02:1a:b3:3e:b3:c3:84:f5:66:1a:19:b3:2e:15:
63:76:cb:3a:e1:c7:ae:3b:91:bd:f4:cd:0c:95:2a:
20:30:7e:e3:45:36:8b:d9:e3:16:ab:a2:2b:44:c1:
59:90:c7:29:e9:ae:ab:a5:3f:d6:80:fa:b6:4e:36:
d4:8f:1f:6f:be:ea:62:30:a1:f4:32:10:eb:3c:79:
d6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F6:95:8D:C8:EF:7D:84:72:A1:D9:7B:EE:EF:5A:6E:B7:44:8C:83
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3PaVjcjvfYRyodl77u9abrdEjIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.14.0/24
84.32.20.0-84.32.27.255
84.32.31.0/24
84.32.46.0/24
84.32.67.0-84.32.68.255
84.32.79.0/24
84.32.92.0/24
84.32.108.0-84.32.110.255
84.32.148.0/22
84.32.153.0/24
84.32.156.0/24
84.32.158.0/23
84.32.178.0/23
84.32.213.0-84.32.215.255
84.32.221.0/24
84.32.224.0/24
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.243.0-84.32.247.255
84.32.250.0-84.32.253.255
88.216.0.0/24
88.216.2.0/23
88.216.16.0/24
88.216.22.0/23
88.216.32.0/24
88.216.35.0/24
88.216.40.0/24
88.216.44.0/23
88.216.58.0/24
88.216.61.0-88.216.65.255
88.216.93.0/24
88.216.100.0/23
88.216.104.0/23
88.216.107.0/24
88.216.109.0-88.216.111.255
88.216.130.0/23
88.216.134.0/23
88.216.180.0/24
88.216.183.0/24
88.216.188.0/23
88.216.197.0/24
88.216.212.0/22
88.216.220.0/24
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
6d:09:ae:c1:ca:76:64:33:83:58:98:ce:8a:ca:e5:9d:45:c1:
da:b7:b8:e2:49:1a:09:dd:80:35:36:c5:f1:83:00:b0:03:35:
ca:8d:fd:cd:7e:d4:49:ab:51:64:0c:c1:2b:f0:59:d9:0c:65:
f7:af:e3:3f:17:a2:92:29:2b:1a:0f:31:db:01:98:3b:97:8f:
07:dd:b7:8f:ac:f7:13:96:bb:f6:f4:12:98:0f:da:a2:cd:4a:
4b:9f:5e:ed:1a:f4:57:e9:be:fe:3c:80:81:33:8d:bd:25:53:
ec:34:a8:66:eb:1a:ea:5a:92:83:47:b9:b9:a1:19:2a:22:d4:
e9:02:df:e1:df:dc:2e:e0:92:03:c3:d0:eb:05:64:f2:f1:2a:
2a:51:cc:7d:51:c1:48:4e:5f:f1:b8:7c:6f:38:4c:96:3c:eb:
ab:ea:91:eb:c3:b6:49:02:ab:14:dd:18:78:69:f9:aa:3e:da:
b7:1d:81:ef:59:bf:32:97:58:1f:4a:ec:51:ce:e3:51:32:43:
c7:3c:7d:a3:de:79:fd:ab:64:46:1b:eb:4e:7b:21:02:8a:3c:
01:26:6e:7f:a1:aa:f3:f9:0f:a9:23:ed:b9:50:cf:14:c3:22:
40:b0:c0:02:91:bd:ad:64:0e:72:42:42:d6:d5:55:2d:71:0d:
9a:43:f9:23
-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgISAYkYDk5WgiNYMWQVjdSD4nqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNzAyMTkyMjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Y2OTU4ZGM4ZWY3ZDg0NzJhMWQ5N2JlZWVmNWE2ZWI3NDQ4YzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmyIF2WX8MxlmoCM7YWEsiV435IG
HwJz1x4ZpOtTTy5aOgWFRLHrbxBxG1ednn/UHmofsnDZBJnukDfbILUx+QQJjBtA
EH6gtyMGvPq6ZS1CyZyxOz9orBj4an/VzCALB7b6mPlFl7si9cm7MGvHCK+OrRBO
EFp31LBCFxGnTDKARaNFiMM5yT8i/ws8w+rI0cgjHRRrSkQhz6+P6j0XgR3ZTkJo
aZw6tWxks8ewDWliouI7AhqzPrPDhPVmGhmzLhVjdss64ceuO5G99M0MlSogMH7j
RTaL2eMWq6IrRMFZkMcp6a6rpT/WgPq2TjbUjx9vvupiMKH0MhDrPHnWUQIDAQAB
o4IDeTCCA3UwHQYDVR0OBBYEFNz2lY3I732EcqHZe+7vWm63RIyDMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvM1BhVmpjanZmWVJ5b2RsNzd1OWFicmRFaklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjQYIKwYBBQUHAQcBAf8EggF8MIIBeDCCAXQEAgABMIIB
bAMEAFQgCAMEAFQgDjAMAwQCVCAUAwQCVCAYAwQAVCAfAwQAVCAuMAwDBABUIEMD
BABUIEQDBABUIE8DBABUIFwwDAMEAlQgbAMEAFQgbgMEAlQglAMEAFQgmQMEAFQg
nAMEAVQgngMEAVQgsjAMAwQAVCDVAwQDVCDQAwQAVCDdAwQAVCDgMAwDBABUIOcD
BABUIOgDBABUIOswDAMEAFQg7wMEAFQg8DAMAwQAVCDzAwQDVCDwMAwDBAFUIPoD
BAFUIPwDBABY2AADBAFY2AIDBABY2BADBAFY2BYDBABY2CADBABY2CMDBABY2CgD
BAFY2CwDBABY2DowDAMEAFjYPQMEAVjYQAMEAFjYXQMEAVjYZAMEAVjYaAMEAFjY
azAMAwQAWNhtAwQEWNhgAwQBWNiCAwQBWNiGAwQAWNi0AwQAWNi3AwQBWNi8AwQA
WNjFAwQCWNjUAwQAWNjcMAwDBAJY2OwDBANY2PAwDQYJKoZIhvcNAQELBQADggEB
AG0JrsHKdmQzg1iYzorK5Z1Fwdq3uOJJGgndgDU2xfGDALADNcqN/c1+1EmrUWQM
wSvwWdkMZfev4z8XopIpKxoPMdsBmDuXjwfdt4+s9xOWu/b0EpgP2qLNSkufXu0a
9Ffpvv48gIEzjb0lU+w0qGbrGupakoNHubmhGSoi1OkC3+Hf3C7gkgPD0OsFZPLx
KipRzH1RwUhOX/G4fG84TJY866vqkevDtkkCqxTdGHhp+ao+2rcdge9ZvzKXWB9K
7FHO41EyQ8c8faPeef2rZEYb6057IQKKPAEmbn+hqvP5D6kj7blQzxTDIkCwwAKR
va1kDnJCQtbVVS1xDZpD+SM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:26 2023 by rpki-client on console-ams.rpki-client.org