Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/69m41LFrqpTwDAJ_n3rd-Oxl4Ew.roa
File: 69m41LFrqpTwDAJ_n3rd-Oxl4Ew.roa (raw, json)
Hash identifier: 6OmgYVAUv5QEm9OzCoTgSggWe2bx3q0vHxeR4nq3DBk=
Subject key identifier: EB:D9:B8:D4:B1:6B:AA:94:F0:0C:02:7F:9F:7A:DD:F8:EC:65:E0:4C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0187760D15BBFBB61DDBF8F48F0A20E7143B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/69m41LFrqpTwDAJ_n3rd-Oxl4Ew.roa
Signing time: Wed 12 Apr 2023 15:19:41 +0000
ROA not before: Wed 12 Apr 2023 15:19:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.157.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Apr 2023 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:0d:15:bb:fb:b6:1d:db:f8:f4:8f:0a:20:e7:14:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 12 15:19:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebd9b8d4b16baa94f00c027f9f7addf8ec65e04c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:80:0c:20:8a:e6:14:65:29:8d:01:ac:cd:cf:
29:e9:89:ed:3c:1b:1f:07:11:77:18:06:41:fe:31:
a7:89:b0:fb:32:7c:f3:f2:41:86:fc:39:54:a0:fd:
8d:bd:57:d5:d9:6c:f3:01:7b:89:dc:db:19:67:1a:
b5:91:59:58:bb:d7:a9:d4:01:00:d7:3b:69:77:47:
3b:2d:d4:74:f3:9f:cc:68:9c:86:82:d3:50:81:5d:
c2:63:a4:28:97:1d:76:a7:95:95:e3:70:68:18:09:
75:15:7d:7e:68:ab:0b:78:c9:1b:07:25:fb:bc:09:
cc:60:21:2f:7f:9a:96:6d:10:fa:a7:03:dc:68:5e:
00:14:09:d5:56:76:9c:3a:66:d3:8d:62:a5:ac:07:
68:73:0f:78:35:1c:4f:83:db:79:a5:d7:21:f6:4f:
87:9d:9d:2f:2f:6a:c8:4f:73:69:f9:ab:d7:c7:02:
eb:60:be:ef:0f:fd:cc:d4:d1:46:61:f3:70:de:c0:
24:71:f3:4e:ef:de:25:36:90:34:8b:7b:ab:3b:10:
1c:df:01:7c:0a:5d:35:20:76:23:dd:2b:82:8b:23:
c0:71:53:33:9a:4e:02:aa:1e:3a:77:a3:6e:0e:33:
c9:ee:96:51:77:27:04:d3:27:4c:f0:f5:93:02:21:
34:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:D9:B8:D4:B1:6B:AA:94:F0:0C:02:7F:9F:7A:DD:F8:EC:65:E0:4C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/69m41LFrqpTwDAJ_n3rd-Oxl4Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.40.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.67.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.108.0/23
84.32.148.0/22
84.32.157.0/24
84.32.174.0/23
84.32.177.0-84.32.179.255
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.224.255
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0-84.32.253.255
88.216.1.0/24
88.216.3.0/24
88.216.16.0/24
88.216.21.0/24
88.216.32.0/24
88.216.44.0/24
88.216.93.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.189.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
42:a9:28:4c:86:4f:78:43:24:36:67:bb:c9:e1:b5:f3:51:86:
a6:e8:fd:51:b6:fe:24:74:ad:c3:5b:83:9b:89:50:a3:e4:9e:
c7:f4:38:4a:9b:28:94:3f:11:e9:b2:03:b1:a9:f9:a4:95:9f:
c1:ef:cc:1c:78:be:92:c3:d0:53:c1:0a:69:a5:eb:43:07:aa:
4d:57:ce:d4:2b:7d:fe:03:6f:30:2f:fe:41:7f:49:3c:f0:62:
f4:0a:87:3e:18:31:fe:40:6a:7a:7a:78:0c:e8:6a:11:0d:2d:
4a:c2:bc:14:dc:c1:13:10:d8:21:43:d7:86:48:07:90:cb:cf:
54:39:6d:9e:27:3e:ec:3d:da:40:26:85:fd:5d:35:86:c3:08:
dd:7a:d4:d1:07:31:23:87:92:0e:ae:d3:81:b4:7d:be:3c:e1:
c3:0b:07:04:e3:34:9f:f5:95:8e:a0:fd:cd:d4:79:1c:df:bb:
49:bc:73:73:79:6d:4a:ae:3a:d9:9d:b8:ed:45:67:3a:63:ef:
f4:d8:05:75:01:cb:9c:46:65:87:e9:41:8d:ca:a8:7f:75:96:
65:be:29:05:05:3f:df:e5:3a:76:35:c4:8d:73:e2:8d:92:b8:
48:2f:b0:b5:ef:65:8b:18:39:6e:10:bb:9d:5f:08:42:03:07:
92:77:42:9e
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAYd2DRW7+7Yd2/j0jwog5xQ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDEyMTUxOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmQ5YjhkNGIxNmJhYTk0ZjAwYzAyN2Y5ZjdhZGRmOGVjNjVlMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYAMIIrmFGUpjQGszc8p6YntPBsf
BxF3GAZB/jGnibD7Mnzz8kGG/DlUoP2NvVfV2WzzAXuJ3NsZZxq1kVlYu9ep1AEA
1ztpd0c7LdR085/MaJyGgtNQgV3CY6Qolx12p5WV43BoGAl1FX1+aKsLeMkbByX7
vAnMYCEvf5qWbRD6pwPcaF4AFAnVVnacOmbTjWKlrAdocw94NRxPg9t5pdch9k+H
nZ0vL2rIT3Np+avXxwLrYL7vD/3M1NFGYfNw3sAkcfNO794lNpA0i3urOxAc3wF8
Cl01IHYj3SuCiyPAcVMzmk4Cqh46d6NuDjPJ7pZRdycE0ydM8PWTAiE0rQIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFOvZuNSxa6qU8AwCf5963fjsZeBMMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNjltNDFMRnJxcFR3REFKX24zcmQtT3hsNEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCARwEAgABMIIB
FAMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgKAMEAFQgLgMEAFQgOQMEAFQgPAMEAFQg
QwMEAFQgTQMEAFQgTwMEAFQgWAMEAVQgbAMEAlQglAMEAFQgnQMEAVQgrjAMAwQA
VCCxAwQCVCCwAwQAVCDUAwQBVCDWAwQAVCDaAwQAVCDdMAwDBABUIN8DBABUIOAD
BABUIOgwDAMEAFQg7wMEAFQg8DAMAwQBVCDyAwQBVCD0MAwDBAFUIPoDBAFUIPwD
BABY2AEDBABY2AMDBABY2BADBABY2BUDBABY2CADBABY2CwDBABY2F0DBABY2IAw
DAMEAVjYggMEAFjYhAMEAFjYvQMEAljY1AMEAFjY3AMEAljY6DANBgkqhkiG9w0B
AQsFAAOCAQEAQqkoTIZPeEMkNme7yeG181GGpuj9Ubb+JHStw1uDm4lQo+Sex/Q4
SpsolD8R6bIDsan5pJWfwe/MHHi+ksPQU8EKaaXrQweqTVfO1Ct9/gNvMC/+QX9J
PPBi9AqHPhgx/kBqenp4DOhqEQ0tSsK8FNzBExDYIUPXhkgHkMvPVDltnic+7D3a
QCaF/V01hsMI3XrU0QcxI4eSDq7TgbR9vjzhwwsHBOM0n/WVjqD9zdR5HN+7Sbxz
c3ltSq462Z247UVnOmPv9NgFdQHLnEZlh+lBjcqof3WWZb4pBQU/3+U6djXEjXPi
jZK4SC+wte9lixg5bhC7nV8IQgMHkndCng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org