Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/EM9bHyUvylLbNSVVQmW8_0AyIDM.roa
File: EM9bHyUvylLbNSVVQmW8_0AyIDM.roa (raw, json)
Hash identifier: 0o4J4Eout/bsaxarBSDaht6jhhsNJxsByd03H75HvQM=
Subject key identifier: 10:CF:5B:1F:25:2F:CA:52:DB:35:25:55:42:65:BC:FF:40:32:20:33
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188F67670382D15FFC1B56FA5E7AE66D5E6
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/EM9bHyUvylLbNSVVQmW8_0AyIDM.roa
Signing time: Mon 26 Jun 2023 06:48:57 +0000
ROA not before: Mon 26 Jun 2023 06:48:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.62.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.31.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.178.0/23 maxlen: 24
84.32.213.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.184.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.107.0/24 maxlen: 24
88.216.109.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Jun 2023 11:35:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f6:76:70:38:2d:15:ff:c1:b5:6f:a5:e7:ae:66:d5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 26 06:48:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10cf5b1f252fca52db3525554265bcff40322033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:97:83:cd:13:8c:9c:2d:86:64:af:18:ad:fa:
98:00:94:1f:fa:c3:28:48:1e:26:f1:95:fd:c7:08:
0f:e3:0c:2e:81:b3:9a:e8:32:58:b9:20:ee:1a:f1:
3f:3d:82:97:88:ef:4c:8e:b5:44:9b:00:56:ff:8e:
b9:c7:62:db:b7:a6:b7:6a:74:4c:1d:11:0e:80:3a:
b8:a0:d1:e5:a4:10:e6:02:ff:6a:a7:74:8f:a9:3f:
34:47:98:42:ef:3a:c5:73:33:43:fd:19:99:02:9c:
2b:36:66:f4:f4:51:63:d4:09:29:f8:e8:a7:3e:2d:
6d:e0:b5:9a:b8:22:0a:f6:c8:c6:89:5c:f8:0b:2c:
2b:9a:b0:ed:2d:41:61:74:13:c1:1a:f6:1b:87:43:
7f:46:97:c9:ac:40:02:ed:16:87:3c:16:c9:27:48:
a6:19:21:6a:dd:37:7d:7c:e4:58:65:6d:57:60:ac:
20:20:72:b5:5f:a8:02:59:2c:5a:c2:34:d3:08:b9:
ad:62:7c:1c:15:c3:a6:33:06:e4:60:79:92:b9:0b:
4a:d4:72:38:07:76:aa:99:70:91:60:e0:d8:3f:41:
dc:bf:1d:0e:ec:6a:e6:14:29:3a:d2:80:17:eb:6e:
95:e1:5a:90:20:84:86:79:30:b7:c2:66:43:fc:ef:
68:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:CF:5B:1F:25:2F:CA:52:DB:35:25:55:42:65:BC:FF:40:32:20:33
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/EM9bHyUvylLbNSVVQmW8_0AyIDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.31.0/24
84.32.46.0/24
84.32.60.0/24
84.32.62.0/24
84.32.65.0/24
84.32.67.0-84.32.68.255
84.32.79.0/24
84.32.92.0/24
84.32.108.0-84.32.110.255
84.32.148.0/22
84.32.153.0/24
84.32.156.0/24
84.32.158.0/23
84.32.178.0/23
84.32.213.0-84.32.215.255
84.32.221.0/24
84.32.224.0/24
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.243.0/24
84.32.246.0/23
84.32.250.0-84.32.253.255
88.216.0.0/24
88.216.3.0/24
88.216.16.0/24
88.216.22.0/23
88.216.32.0/24
88.216.35.0/24
88.216.39.0-88.216.40.255
88.216.44.0/23
88.216.58.0/24
88.216.60.0-88.216.65.255
88.216.100.0/23
88.216.107.0/24
88.216.109.0/24
88.216.111.0/24
88.216.130.0/23
88.216.134.0/23
88.216.180.0/24
88.216.183.0-88.216.184.255
88.216.188.0/23
88.216.197.0/24
88.216.212.0/22
88.216.220.0/24
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
75:97:14:31:61:6a:bd:47:7b:1f:b4:8e:5f:4e:2f:c0:89:15:
f4:03:1e:39:7e:98:8f:51:7f:67:81:92:82:81:82:42:58:db:
6e:ab:a8:4d:d1:1d:95:d7:c8:43:51:bb:0f:8b:62:77:ad:23:
30:19:ac:82:fb:f5:d0:f5:48:c0:b2:80:22:5c:20:ba:8f:1c:
36:fc:28:84:34:b9:a3:ca:de:82:ad:bf:07:a2:a6:7e:5e:8c:
66:98:21:4d:3e:06:62:e4:cc:0a:0e:5f:4c:bb:b5:bf:94:5a:
a9:e9:6d:57:a8:3c:a1:a0:1f:08:db:23:1b:22:eb:b0:0f:f9:
9a:19:23:fb:c2:20:ce:a1:79:c2:c4:50:a7:40:19:6d:8b:dc:
e1:54:be:a0:01:bb:de:85:fd:b3:52:54:fe:08:2d:f4:26:25:
bb:14:80:65:a6:ab:6c:64:f0:01:ae:ba:48:13:b8:13:a7:f2:
0c:f0:be:c9:d9:18:68:11:ec:eb:97:58:ff:63:72:08:ae:94:
ca:c3:99:8c:d8:2e:79:ed:fa:71:53:f8:7d:15:ec:f6:6c:b1:
34:dc:63:24:3b:2e:70:48:6b:d4:75:cf:88:ca:2d:70:23:d6:
f6:70:5d:af:b4:36:bd:f6:99:1f:54:d8:34:d5:0a:81:69:f6:
48:53:44:57
-----BEGIN CERTIFICATE-----
MIIGeTCCBWGgAwIBAgISAYj2dnA4LRX/wbVvpeeuZtXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjI2MDY0ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGNmNWIxZjI1MmZjYTUyZGIzNTI1NTU0MjY1YmNmZjQwMzIyMDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJeDzROMnC2GZK8YrfqYAJQf+sMo
SB4m8ZX9xwgP4wwugbOa6DJYuSDuGvE/PYKXiO9MjrVEmwBW/465x2Lbt6a3anRM
HREOgDq4oNHlpBDmAv9qp3SPqT80R5hC7zrFczND/RmZApwrNmb09FFj1Akp+Oin
Pi1t4LWauCIK9sjGiVz4CywrmrDtLUFhdBPBGvYbh0N/RpfJrEAC7RaHPBbJJ0im
GSFq3Td9fORYZW1XYKwgIHK1X6gCWSxawjTTCLmtYnwcFcOmMwbkYHmSuQtK1HI4
B3aqmXCRYODYP0Hcvx0O7GrmFCk60oAX626V4VqQIISGeTC3wmZD/O9ojQIDAQAB
o4IDhTCCA4EwHQYDVR0OBBYEFBDPWx8lL8pS2zUlVUJlvP9AMiAzMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRU05Ykh5VXZ5bExiTlNWVlFtVzhfMEF5SURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmQYIKwYBBQUHAQcBAf8EggGIMIIBhDCCAYAEAgABMIIB
eAMEAFQgCDAMAwQCVCAUAwQCVCAYAwQAVCAfAwQAVCAuAwQAVCA8AwQAVCA+AwQA
VCBBMAwDBABUIEMDBABUIEQDBABUIE8DBABUIFwwDAMEAlQgbAMEAFQgbgMEAlQg
lAMEAFQgmQMEAFQgnAMEAVQgngMEAVQgsjAMAwQAVCDVAwQDVCDQAwQAVCDdAwQA
VCDgMAwDBABUIOcDBABUIOgDBABUIOswDAMEAFQg7wMEAFQg8AMEAFQg8wMEAVQg
9jAMAwQBVCD6AwQBVCD8AwQAWNgAAwQAWNgDAwQAWNgQAwQBWNgWAwQAWNggAwQA
WNgjMAwDBABY2CcDBABY2CgDBAFY2CwDBABY2DowDAMEAljYPAMEAVjYQAMEAVjY
ZAMEAFjYawMEAFjYbQMEAFjYbwMEAVjYggMEAVjYhgMEAFjYtDAMAwQAWNi3AwQA
WNi4AwQBWNi8AwQAWNjFAwQCWNjUAwQAWNjcMAwDBAJY2OwDBANY2PAwDQYJKoZI
hvcNAQELBQADggEBAHWXFDFhar1Hex+0jl9OL8CJFfQDHjl+mI9Rf2eBkoKBgkJY
226rqE3RHZXXyENRuw+LYnetIzAZrIL79dD1SMCygCJcILqPHDb8KIQ0uaPK3oKt
vweipn5ejGaYIU0+BmLkzAoOX0y7tb+UWqnpbVeoPKGgHwjbIxsi67AP+ZoZI/vC
IM6hecLEUKdAGW2L3OFUvqABu96F/bNSVP4ILfQmJbsUgGWmq2xk8AGuukgTuBOn
8gzwvsnZGGgR7OuXWP9jcgiulMrDmYzYLnnt+nFT+H0V7PZssTTcYyQ7LnBIa9R1
z4jKLXAj1vZwXa+0Nr32mR9U2DTVCoFp9khTRFc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org