Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Cl-Mvm5O2ECTR7v3CKvWB_Peh_A.roa
File: Cl-Mvm5O2ECTR7v3CKvWB_Peh_A.roa (raw, json)
Hash identifier: A4bTD7Xn/BGcwbJGutLXmcWHy47tm84qVHKZmUR0rE0=
Subject key identifier: 0A:5F:8C:BE:6E:4E:D8:40:93:47:BB:F7:08:AB:D6:07:F3:DE:87:F0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186DA1597BF8CA48EA0B4AA9F692EFE38B1
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Cl-Mvm5O2ECTR7v3CKvWB_Peh_A.roa
Signing time: Mon 13 Mar 2023 08:28:13 +0000
ROA not before: Mon 13 Mar 2023 08:28:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.199.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Mar 2023 07:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:da:15:97:bf:8c:a4:8e:a0:b4:aa:9f:69:2e:fe:38:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 13 08:28:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a5f8cbe6e4ed8409347bbf708abd607f3de87f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d9:f1:0c:13:c7:93:93:cb:ee:6a:7c:d1:d9:
49:bb:be:b8:8c:34:66:68:ef:c0:06:e5:98:4d:2e:
de:82:9e:6d:56:0f:70:86:63:64:8e:b1:b4:40:75:
c4:4d:89:75:b2:b6:85:53:a3:ea:3d:21:ef:8f:9f:
16:e5:77:9d:26:b4:8d:71:ee:66:06:20:40:67:f8:
85:f6:bc:a3:04:b2:b7:e7:3a:05:fb:fa:51:be:b5:
cf:4f:39:df:ab:ae:23:ba:0b:bf:0c:81:a7:81:c7:
4a:57:eb:34:dc:35:86:cc:d3:ed:ba:78:ee:8d:44:
68:4c:ee:5f:f9:95:f5:df:a3:b1:ec:b0:3f:c1:d3:
ee:8d:48:3e:cd:e0:ec:d6:09:1f:de:f8:2a:69:a3:
ce:64:b3:dc:3a:a6:80:5a:49:46:45:4f:a1:0a:1a:
4e:81:71:a3:29:34:47:82:4d:b8:b9:2c:39:cf:60:
ba:ee:ec:51:b5:0c:dc:2b:71:16:b8:76:b0:65:a0:
0c:8c:c3:4b:2c:3e:de:9c:fa:f5:43:24:19:47:b6:
2b:90:2c:1a:3c:26:b7:f8:8d:ae:0d:d1:49:8a:bb:
62:25:df:dd:b4:5e:be:97:ed:cb:8d:d0:9c:4f:90:
12:23:8a:93:ec:ad:68:e6:3a:d8:cd:db:7b:97:d3:
84:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:5F:8C:BE:6E:4E:D8:40:93:47:BB:F7:08:AB:D6:07:F3:DE:87:F0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Cl-Mvm5O2ECTR7v3CKvWB_Peh_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.71.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.148.0/22
84.32.174.0/24
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.221.0-84.32.222.255
84.32.227.0/24
84.32.229.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.252.0/23
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.186.0/24
88.216.189.0/24
88.216.199.0/24
88.216.215.0/24
88.216.228.0-88.216.235.255
Signature Algorithm: sha256WithRSAEncryption
62:67:3f:b1:ab:e8:7b:5f:56:4e:4f:80:af:db:a6:e0:a2:30:
63:6a:27:33:d6:fb:a6:cf:a3:37:3b:64:03:e7:57:a5:42:9b:
5e:ad:89:86:75:11:e1:5d:26:49:76:a9:f7:af:94:39:62:11:
0d:a4:f5:70:74:64:80:47:b8:c1:c6:36:df:86:dd:fb:bb:9d:
b4:4a:d4:07:f9:06:7e:00:87:44:4e:be:98:e6:80:04:42:19:
57:00:da:f6:e1:c0:8d:c2:2e:03:ac:72:31:af:b5:28:07:13:
8d:aa:6f:cd:af:90:b6:a6:80:d6:7d:d0:40:b3:e3:4b:31:26:
2e:fd:77:88:be:b2:01:6a:f2:e2:77:1e:51:68:da:66:67:ad:
d8:b3:44:e6:80:76:1c:e6:f5:f1:5b:bd:c9:6f:f6:c1:82:b9:
c5:98:96:df:7c:de:69:7d:c2:40:ab:24:76:8f:72:4f:94:4b:
12:8b:94:5c:07:f8:20:fc:19:75:e8:9d:ae:f2:a7:d6:b7:c5:
81:65:b5:bd:c5:a5:ec:f3:4d:76:db:c8:e2:f0:a9:2a:fc:aa:
9b:4e:bb:a5:f3:ac:c3:da:6c:f9:35:df:47:b8:a0:19:c0:a0:
d1:fc:05:cb:ad:10:f6:a3:0c:cf:98:c9:1c:35:36:3a:3f:88:
4b:95:d0:72
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAYbaFZe/jKSOoLSqn2ku/jixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzEzMDgyODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTVmOGNiZTZlNGVkODQwOTM0N2JiZjcwOGFiZDYwN2YzZGU4N2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9nxDBPHk5PL7mp80dlJu764jDRm
aO/ABuWYTS7egp5tVg9whmNkjrG0QHXETYl1sraFU6PqPSHvj58W5XedJrSNce5m
BiBAZ/iF9ryjBLK35zoF+/pRvrXPTznfq64jugu/DIGngcdKV+s03DWGzNPtunju
jURoTO5f+ZX136Ox7LA/wdPujUg+zeDs1gkf3vgqaaPOZLPcOqaAWklGRU+hChpO
gXGjKTRHgk24uSw5z2C67uxRtQzcK3EWuHawZaAMjMNLLD7enPr1QyQZR7YrkCwa
PCa3+I2uDdFJirtiJd/dtF6+l+3LjdCcT5ASI4qT7K1o5jrYzdt7l9OEtwIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFApfjL5uTthAk0e79wir1gfz3ofwMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQ2wtTXZtNU8yRUNUUjd2M0NLdldCX1BlaF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgABMIIB
AAMEAFQgCAMEAFQgCgMEAlQgGAMEAFQgHgMEAFQgLgMEAFQgRwMEAFQgTQMEAFQg
TwMEAFQgWAMEAlQglAMEAFQgrgMEAFQgsQMEAFQgswMEAFQg1AMEAVQg1jAMAwQA
VCDdAwQAVCDeAwQAVCDjAwQAVCDlAwQAVCDoMAwDBABUIO8DBABUIPAwDAMEAVQg
8gMEAVQg9AMEAVQg/AMEAFjYAwMEAFjYEQMEAFjYFQMEAFjYIAMEAFjYJAMEAVjY
XAMEAFjYbwMEAFjYgDAMAwQAWNiDAwQBWNiEAwQAWNi6AwQAWNi9AwQAWNjHAwQA
WNjXMAwDBAJY2OQDBAJY2OgwDQYJKoZIhvcNAQELBQADggEBAGJnP7Gr6HtfVk5P
gK/bpuCiMGNqJzPW+6bPozc7ZAPnV6VCm16tiYZ1EeFdJkl2qfevlDliEQ2k9XB0
ZIBHuMHGNt+G3fu7nbRK1Af5Bn4Ah0ROvpjmgARCGVcA2vbhwI3CLgOscjGvtSgH
E42qb82vkLamgNZ90ECz40sxJi79d4i+sgFq8uJ3HlFo2mZnrdizROaAdhzm9fFb
vclv9sGCucWYlt983ml9wkCrJHaPck+USxKLlFwH+CD8GXXona7yp9a3xYFltb3F
pezzTXbbyOLwqSr8qptOu6XzrMPabPk130e4oBnAoNH8BcutEPajDM+YyRw1Njo/
iEuV0HI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org