Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/AfbONeoE_qRnen1Bo3eCMjBGVMw.roa
File: AfbONeoE_qRnen1Bo3eCMjBGVMw.roa (raw, json)
Hash identifier: 5vCDsHtwV8QY199vR5WW3uhv7FUFZfzK5XlXHmbIi+A=
Subject key identifier: 01:F6:CE:35:EA:04:FE:A4:67:7A:7D:41:A3:77:82:32:30:46:54:CC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186BAB2BAD814B204730BA21845E7B2C5D0
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/AfbONeoE_qRnen1Bo3eCMjBGVMw.roa
Signing time: Tue 07 Mar 2023 06:12:00 +0000
ROA not before: Tue 07 Mar 2023 06:12:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.186.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.199.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Mar 2023 06:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ba:b2:ba:d8:14:b2:04:73:0b:a2:18:45:e7:b2:c5:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 7 06:12:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01f6ce35ea04fea4677a7d41a3778232304654cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f2:d1:54:27:a3:38:98:b8:03:61:64:de:1e:
fe:7f:6c:d4:a0:6c:02:0d:d3:3b:dd:07:1b:a6:0f:
be:b6:a8:86:c8:db:e2:9c:ab:e3:0e:5c:61:af:de:
64:59:4a:8b:a0:ab:7e:1b:b4:40:1b:28:b2:51:e7:
a6:6b:fb:98:db:f7:58:fa:18:af:ac:c1:ed:16:8c:
62:14:b0:c2:42:97:30:cd:e0:f1:1b:e8:26:f8:15:
70:6f:5e:ca:be:d0:31:d2:6c:47:b0:31:d0:51:8a:
d9:21:d9:fb:a1:60:6c:02:08:c8:62:19:b9:f3:e2:
02:0b:84:7a:d3:67:ce:36:4f:fa:f9:2c:cf:4e:bb:
c1:18:c7:8d:7d:d7:c5:5a:49:b4:88:d7:ac:36:40:
55:39:af:e1:d6:ab:0f:06:d2:e6:66:48:8b:e0:f6:
4a:d1:9c:9e:47:41:4d:c2:97:39:12:43:61:fe:a6:
92:79:8c:1a:f0:f8:73:cb:93:28:5c:a1:0b:4e:3f:
19:c0:36:a0:e0:6e:f5:3b:b8:c0:56:9b:ae:6f:ad:
2f:88:f2:4e:9d:d4:3b:ae:09:14:8c:08:7d:09:7d:
22:0b:65:bd:5f:01:7c:9b:68:7d:38:5c:68:c5:4d:
d4:e0:16:c7:f3:09:34:6c:58:02:f9:31:30:d6:df:
3b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F6:CE:35:EA:04:FE:A4:67:7A:7D:41:A3:77:82:32:30:46:54:CC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/AfbONeoE_qRnen1Bo3eCMjBGVMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.71.0/24
84.32.76.0/23
84.32.79.0/24
84.32.88.0/24
84.32.148.0/22
84.32.174.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.221.0-84.32.222.255
84.32.229.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0/23
84.32.245.0/24
84.32.252.0/23
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.92.0/23
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.186.0/24
88.216.189.0-88.216.190.255
88.216.199.0/24
88.216.215.0/24
88.216.228.0-88.216.235.255
Signature Algorithm: sha256WithRSAEncryption
90:bf:fb:8e:99:06:08:fe:e4:ac:2f:07:7b:68:67:9f:12:e2:
82:63:91:73:92:fc:bc:15:80:18:92:57:c5:f5:27:50:dc:7b:
05:6b:04:cb:ba:d1:cf:ed:5f:03:a2:fd:15:c9:23:e9:04:bc:
54:2c:75:aa:d0:cf:aa:33:8b:5e:21:61:50:5f:8a:30:a4:45:
cf:b9:b3:8d:e6:8b:e1:c9:c6:e8:c3:6f:18:61:51:7e:29:fe:
c4:aa:6f:16:88:eb:74:27:fe:53:0f:21:28:fb:e8:91:da:3d:
65:c6:2a:ae:92:d5:92:1d:85:df:01:cd:81:04:34:55:ca:01:
6c:0d:03:1e:11:b5:09:16:ba:cf:b1:3f:df:f6:96:b9:77:97:
14:aa:47:44:78:97:05:7a:e0:56:14:dc:f9:05:65:f9:e4:f8:
0e:23:de:cf:36:06:44:e8:7c:dd:01:79:f6:08:f7:ae:11:7f:
db:af:0f:52:33:ba:b1:02:7b:5e:9c:fb:b4:21:a5:d4:64:bc:
22:98:2d:49:52:fa:c6:e8:00:ad:3e:27:f6:07:5a:27:b0:06:
9e:1a:b7:88:dc:eb:e3:8d:54:25:39:a6:e7:e1:c5:fd:9b:59:
e4:47:54:1f:79:24:60:d9:dd:9d:14:4c:7d:b5:b0:b0:ef:0e:
7a:46:d6:17
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYa6srrYFLIEcwuiGEXnssXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzA3MDYxMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY2Y2UzNWVhMDRmZWE0Njc3YTdkNDFhMzc3ODIzMjMwNDY1NGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/LRVCejOJi4A2Fk3h7+f2zUoGwC
DdM73Qcbpg++tqiGyNvinKvjDlxhr95kWUqLoKt+G7RAGyiyUeema/uY2/dY+hiv
rMHtFoxiFLDCQpcwzeDxG+gm+BVwb17KvtAx0mxHsDHQUYrZIdn7oWBsAgjIYhm5
8+ICC4R602fONk/6+SzPTrvBGMeNfdfFWkm0iNesNkBVOa/h1qsPBtLmZkiL4PZK
0ZyeR0FNwpc5EkNh/qaSeYwa8Phzy5MoXKELTj8ZwDag4G71O7jAVpuub60viPJO
ndQ7rgkUjAh9CX0iC2W9XwF8m2h9OFxoxU3U4BbH8wk0bFgC+TEw1t87sQIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFAH2zjXqBP6kZ3p9QaN3gjIwRlTMMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQWZiT05lb0VfcVJuZW4xQm8zZUNNakJHVk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQA
VCAIAwQAVCAKAwQCVCAYAwQAVCAeAwQAVCAuAwQAVCBHAwQBVCBMAwQAVCBPAwQA
VCBYAwQCVCCUAwQAVCCuAwQAVCCzAwQAVCDUAwQBVCDWMAwDBABUIN0DBABUIN4D
BABUIOUDBABUIOgwDAMEAFQg7wMEAFQg8AMEAVQg8gMEAFQg9QMEAVQg/AMEAFjY
AwMEAFjYEQMEAFjYFQMEAFjYIAMEAVjYXAMEAFjYgDAMAwQAWNiDAwQBWNiEAwQA
WNi6MAwDBABY2L0DBABY2L4DBABY2McDBABY2NcwDAMEAljY5AMEAljY6DANBgkq
hkiG9w0BAQsFAAOCAQEAkL/7jpkGCP7krC8He2hnnxLigmORc5L8vBWAGJJXxfUn
UNx7BWsEy7rRz+1fA6L9Fckj6QS8VCx1qtDPqjOLXiFhUF+KMKRFz7mzjeaL4cnG
6MNvGGFRfin+xKpvFojrdCf+Uw8hKPvokdo9ZcYqrpLVkh2F3wHNgQQ0VcoBbA0D
HhG1CRa6z7E/3/aWuXeXFKpHRHiXBXrgVhTc+QVl+eT4DiPezzYGROh83QF59gj3
rhF/268PUjO6sQJ7Xpz7tCGl1GS8IpgtSVL6xugArT4n9gdaJ7AGnhq3iNzr441U
JTmm5+HF/ZtZ5EdUH3kkYNndnRRMfbWwsO8OekbWFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org