Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/6H3PyNV5HbEcFZSVatKtvhokgLs.roa
File: 6H3PyNV5HbEcFZSVatKtvhokgLs.roa (raw, json)
Hash identifier: evxoVum7uX9F0RLuSFqvlb6kCXmKJZbelcNisVQZBwg=
Subject key identifier: E8:7D:CF:C8:D5:79:1D:B1:1C:15:94:95:6A:D2:AD:BE:1A:24:80:BB
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186744051DDD17A20905CAA03C449710E80
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/6H3PyNV5HbEcFZSVatKtvhokgLs.roa
Signing time: Tue 21 Feb 2023 13:53:37 +0000
ROA not before: Tue 21 Feb 2023 13:53:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.186.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.108.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.32.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/24 maxlen: 24
84.32.109.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Feb 2023 18:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:40:51:dd:d1:7a:20:90:5c:aa:03:c4:49:71:0e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 21 13:53:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e87dcfc8d5791db11c1594956ad2adbe1a2480bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:45:4e:f0:6b:11:53:2e:4d:fd:8f:83:3d:ba:
92:27:e8:83:bf:7f:a3:33:7f:2c:c3:ea:d5:f9:ce:
9a:6b:bc:f5:60:d4:43:3f:50:db:87:e3:7e:32:3d:
6f:97:78:ce:c5:e7:39:21:19:cd:04:47:06:08:2d:
2c:d2:e4:2c:dc:f9:40:ae:11:69:29:4c:0f:9b:71:
b1:13:be:4d:72:83:23:af:6c:c2:78:12:b0:c4:bb:
2c:ea:9e:57:e1:af:5b:04:65:88:b7:9a:43:14:4e:
f1:fc:60:57:f6:f7:69:40:6e:6b:39:36:c1:4b:72:
25:ee:c6:5b:02:df:1e:66:17:07:89:34:d9:e1:12:
dc:de:50:2a:c3:7a:64:ab:6a:3e:32:0c:58:72:a2:
86:61:7b:8d:27:4a:20:1b:68:68:db:b1:93:01:fd:
f1:fd:b0:6f:eb:76:15:a6:87:8d:e4:26:a5:2c:ff:
01:3b:51:91:9c:ae:f8:d0:b6:57:93:c1:dd:80:48:
88:b0:4d:64:68:fc:19:f5:0e:c6:11:50:bb:65:24:
dd:4b:17:f6:d3:cd:7a:2b:16:a0:39:49:0e:ff:ca:
b3:86:1b:be:42:3a:b5:54:96:0c:c0:19:0a:28:ff:
08:85:0f:8e:fe:f8:5c:25:b5:26:96:19:16:52:76:
d8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:7D:CF:C8:D5:79:1D:B1:1C:15:94:95:6A:D2:AD:BE:1A:24:80:BB
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/6H3PyNV5HbEcFZSVatKtvhokgLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.30.0/24
84.32.32.0/24
84.32.46.0/24
84.32.76.0/23
84.32.79.0/24
84.32.108.0/23
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.221.0-84.32.222.255
84.32.229.0/24
84.32.239.0-84.32.240.255
84.32.242.0/23
84.32.252.0/23
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.46.0/24
88.216.93.0/24
88.216.108.0/24
88.216.128.0/24
88.216.132.0-88.216.134.255
88.216.186.0/24
88.216.189.0-88.216.190.255
88.216.215.0/24
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
76:3d:11:54:aa:99:75:3f:f0:0f:32:77:59:fe:ba:a4:50:b0:
b1:d9:99:34:e2:cc:b0:bc:e0:50:e4:9a:f8:44:fe:96:0f:d6:
52:d8:d5:97:57:f8:31:6d:82:e0:d5:64:d1:9e:e2:c8:e1:11:
3b:31:fa:3e:72:8e:5b:aa:f8:39:1c:2d:1e:5e:a4:6c:b9:1b:
c7:57:13:9b:17:91:cd:02:f0:ee:e4:f4:a0:21:77:0e:39:e7:
c2:63:64:4c:de:82:73:bf:e2:90:12:bd:93:b5:49:ec:20:82:
16:26:4f:c2:75:57:d8:4a:da:92:f3:d1:e1:46:c6:6d:6a:3f:
a4:6d:10:fb:fb:73:fa:3b:50:5d:42:1c:c3:b5:b4:e7:5f:d1:
0a:dd:bf:11:31:18:60:77:4c:56:96:3f:32:eb:9f:fd:8d:8f:
97:fd:6c:30:36:2d:23:e8:ac:55:21:cd:bb:ae:84:4b:bb:bb:
a6:96:cd:b1:7f:b2:d1:d1:02:66:9c:3d:ed:c2:2e:e7:0a:6b:
e4:c9:da:98:3d:fd:6a:2d:23:f5:b1:d5:25:c1:0b:74:9b:f8:
52:3a:54:83:9d:47:df:f5:cc:27:3c:87:43:b9:0e:bb:5d:a9:
91:06:db:f6:72:ea:84:85:a7:97:c0:ad:18:28:7c:22:af:b9:
83:aa:3b:71
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYZ0QFHd0XogkFyqA8RJcQ6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIxMTM1MzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODdkY2ZjOGQ1NzkxZGIxMWMxNTk0OTU2YWQyYWRiZTFhMjQ4MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0VO8GsRUy5N/Y+DPbqSJ+iDv3+j
M38sw+rV+c6aa7z1YNRDP1Dbh+N+Mj1vl3jOxec5IRnNBEcGCC0s0uQs3PlArhFp
KUwPm3GxE75NcoMjr2zCeBKwxLss6p5X4a9bBGWIt5pDFE7x/GBX9vdpQG5rOTbB
S3Il7sZbAt8eZhcHiTTZ4RLc3lAqw3pkq2o+MgxYcqKGYXuNJ0ogG2ho27GTAf3x
/bBv63YVpoeN5CalLP8BO1GRnK740LZXk8HdgEiIsE1kaPwZ9Q7GEVC7ZSTdSxf2
0816KxagOUkO/8qzhhu+Qjq1VJYMwBkKKP8IhQ+O/vhcJbUmlhkWUnbYowIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFOh9z8jVeR2xHBWUlWrSrb4aJIC7MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNkgzUHlOVjVIYkVjRlpTVmF0S3R2aG9rZ0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBAJU
IBgDBABUIB4DBABUICADBABUIC4DBAFUIEwDBABUIE8DBAFUIGwDBABUILMDBABU
INQDBAFUINYwDAMEAFQg3QMEAFQg3gMEAFQg5TAMAwQAVCDvAwQAVCDwAwQBVCDy
AwQBVCD8AwQAWNgRAwQAWNgVAwQAWNggAwQAWNguAwQAWNhdAwQAWNhsAwQAWNiA
MAwDBAJY2IQDBABY2IYDBABY2LowDAMEAFjYvQMEAFjYvgMEAFjY1wMEAFjY3DAN
BgkqhkiG9w0BAQsFAAOCAQEAdj0RVKqZdT/wDzJ3Wf66pFCwsdmZNOLMsLzgUOSa
+ET+lg/WUtjVl1f4MW2C4NVk0Z7iyOEROzH6PnKOW6r4ORwtHl6kbLkbx1cTmxeR
zQLw7uT0oCF3DjnnwmNkTN6Cc7/ikBK9k7VJ7CCCFiZPwnVX2ErakvPR4UbGbWo/
pG0Q+/tz+jtQXUIcw7W051/RCt2/ETEYYHdMVpY/Muuf/Y2Pl/1sMDYtI+isVSHN
u66ES7u7ppbNsX+y0dECZpw97cIu5wpr5MnamD39ai0j9bHVJcELdJv4UjpUg51H
3/XMJzyHQ7kOu12pkQbb9nLqhIWnl8CtGCh8Iq+5g6o7cQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org