Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5woHZkzTkaUu742hYrdRjVRbhpk.roa
File: 5woHZkzTkaUu742hYrdRjVRbhpk.roa (raw, json)
Hash identifier: bBChA6ZJsupFsargx9hjwNLuqA1b3tk7XZRpAzhqJ/c=
Subject key identifier: E7:0A:07:66:4C:D3:91:A5:2E:EF:8D:A1:62:B7:51:8D:54:5B:86:99
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018673BB42644F7E14E617C9BB0029937963
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5woHZkzTkaUu742hYrdRjVRbhpk.roa
Signing time: Tue 21 Feb 2023 11:28:17 +0000
ROA not before: Tue 21 Feb 2023 11:28:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.186.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.108.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.32.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.109.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Feb 2023 13:51:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:73:bb:42:64:4f:7e:14:e6:17:c9:bb:00:29:93:79:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 21 11:28:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e70a07664cd391a52eef8da162b7518d545b8699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3d:dc:ef:c0:e4:03:fb:37:01:03:c0:c3:cb:
5b:b9:b6:c6:92:75:8e:bc:0b:e2:23:2e:e5:a8:6f:
c0:39:da:4d:30:b7:b6:2c:88:7f:94:05:fe:02:8f:
76:3b:0c:03:f3:21:04:f2:4f:ed:7c:31:71:93:0e:
4e:4e:ec:3d:9f:60:79:86:4a:1a:12:45:52:b3:43:
9c:d2:96:7b:60:aa:fe:e2:88:ae:fa:c0:43:b6:48:
bb:81:7a:54:07:d9:64:f5:e6:79:87:97:18:cc:34:
49:05:77:89:17:5f:72:95:0a:3a:b3:77:45:83:c4:
ae:4d:3f:c2:80:fa:8c:87:44:29:45:78:e6:1d:04:
c2:10:d0:00:79:8c:8b:0c:39:89:9a:d0:9a:ce:e3:
c1:87:f8:be:69:08:da:cb:0f:c3:08:95:47:95:b7:
8e:ae:2a:d7:c6:83:e2:68:fe:e7:4e:6f:3d:0a:73:
63:5d:c5:78:4f:6e:47:85:bb:89:0f:f4:e9:77:f1:
ce:ff:1f:37:01:d9:d8:36:d7:56:96:d4:6e:c2:15:
cc:b3:f7:cb:f0:c7:74:2d:bf:a3:ea:85:bc:c4:34:
15:19:2d:41:6f:2c:a6:1d:d6:52:de:9a:8b:3e:67:
76:72:5e:e1:c1:ad:fe:82:7e:44:a7:e5:2f:10:12:
d7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:0A:07:66:4C:D3:91:A5:2E:EF:8D:A1:62:B7:51:8D:54:5B:86:99
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5woHZkzTkaUu742hYrdRjVRbhpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.30.0/24
84.32.32.0/24
84.32.46.0/24
84.32.76.0/23
84.32.79.0/24
84.32.109.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.220.0-84.32.222.255
84.32.229.0/24
84.32.240.0/24
84.32.242.0/23
84.32.252.0/23
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.93.0/24
88.216.108.0/24
88.216.128.0/24
88.216.132.0-88.216.134.255
88.216.186.0/24
88.216.189.0-88.216.190.255
88.216.215.0/24
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:91:8e:8a:b9:5c:49:b6:14:66:82:69:7a:1b:34:b4:0d:d8:
9c:71:cb:6d:ec:22:0d:ff:ef:d7:ff:cc:c0:3b:8b:cd:0e:51:
9f:2c:06:3d:82:90:66:b4:3c:49:23:63:1d:12:3a:41:3f:bd:
94:b9:d4:26:69:b9:5f:69:4d:ac:ae:a5:0d:83:bc:bc:02:10:
b5:a4:ca:f8:69:90:d4:d6:98:e6:1f:51:e1:d5:97:ed:1e:62:
f0:c1:d0:61:d0:88:25:b4:54:6f:f8:5a:46:fa:e4:2e:44:f9:
c8:19:45:ab:cb:4d:3e:42:d5:10:93:6d:79:36:69:c6:8b:0f:
70:05:0f:00:a0:af:a6:50:83:c6:0f:e8:02:6c:ed:b4:08:81:
ab:56:ca:73:0b:9b:19:06:4a:28:4a:62:73:a2:f8:60:47:49:
ed:4d:f6:64:c8:96:39:b3:da:ea:58:8f:97:dd:dd:f9:42:a3:
d7:c4:eb:30:70:e3:8a:5b:8c:a0:13:33:37:77:ed:22:af:30:
89:d7:6a:f9:ee:af:53:ac:c2:4e:46:c8:d0:dc:24:59:1f:7d:
6a:3f:db:3d:8e:3f:7d:6e:82:88:0e:13:1f:06:44:e5:b9:71:
0e:d4:b1:e2:d5:f1:f6:2c:af:34:6e:79:dc:db:91:33:1f:d2:
06:48:e4:08
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYZzu0JkT34U5hfJuwApk3ljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIxMTEyODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzBhMDc2NjRjZDM5MWE1MmVlZjhkYTE2MmI3NTE4ZDU0NWI4Njk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT3c78DkA/s3AQPAw8tbubbGknWO
vAviIy7lqG/AOdpNMLe2LIh/lAX+Ao92OwwD8yEE8k/tfDFxkw5OTuw9n2B5hkoa
EkVSs0Oc0pZ7YKr+4oiu+sBDtki7gXpUB9lk9eZ5h5cYzDRJBXeJF19ylQo6s3dF
g8SuTT/CgPqMh0QpRXjmHQTCENAAeYyLDDmJmtCazuPBh/i+aQjayw/DCJVHlbeO
rirXxoPiaP7nTm89CnNjXcV4T25HhbuJD/Tpd/HO/x83AdnYNtdWltRuwhXMs/fL
8Md0Lb+j6oW8xDQVGS1BbyymHdZS3pqLPmd2cl7hwa3+gn5Ep+UvEBLXTwIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFOcKB2ZM05GlLu+NoWK3UY1UW4aZMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNXdvSFprelRrYVV1NzQyaFlyZFJqVlJiaHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAJU
IBgDBABUIB4DBABUICADBABUIC4DBAFUIEwDBABUIE8DBABUIG0DBABUILMDBABU
INQDBAFUINYwDAMEAlQg3AMEAFQg3gMEAFQg5QMEAFQg8AMEAVQg8gMEAVQg/AME
AFjYEQMEAFjYFQMEAFjYIAMEAFjYXQMEAFjYbAMEAFjYgDAMAwQCWNiEAwQAWNiG
AwQAWNi6MAwDBABY2L0DBABY2L4DBABY2NcDBABY2NwwDQYJKoZIhvcNAQELBQAD
ggEBAHuRjoq5XEm2FGaCaXobNLQN2Jxxy23sIg3/79f/zMA7i80OUZ8sBj2CkGa0
PEkjYx0SOkE/vZS51CZpuV9pTayupQ2DvLwCELWkyvhpkNTWmOYfUeHVl+0eYvDB
0GHQiCW0VG/4Wkb65C5E+cgZRavLTT5C1RCTbXk2acaLD3AFDwCgr6ZQg8YP6AJs
7bQIgatWynMLmxkGSihKYnOi+GBHSe1N9mTIljmz2upYj5fd3flCo9fE6zBw44pb
jKATMzd37SKvMInXavnur1Oswk5GyNDcJFkffWo/2z2OP31ugogOEx8GROW5cQ7U
seLV8fYsrzRuedzbkTMf0gZI5Ag=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org