Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/F48NOSoMkCv0h1mLI20qH9buAAw.roa
File: F48NOSoMkCv0h1mLI20qH9buAAw.roa (raw, json)
Hash identifier: J7lDDVEkAPioIQaXMiH9z4l4gdZntlRoYMF6g6gScFA=
Subject key identifier: 17:8F:0D:39:2A:0C:90:2B:F4:87:59:8B:23:6D:2A:1F:D6:EE:00:0C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018BD38394C95F8945043668F996DFAD4BC8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/F48NOSoMkCv0h1mLI20qH9buAAw.roa
Signing time: Wed 15 Nov 2023 15:04:57 +0000
ROA not before: Wed 15 Nov 2023 15:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.182.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.208.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
84.32.236.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
84.32.249.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.178.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:83:94:c9:5f:89:45:04:36:68:f9:96:df:ad:4b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 15 15:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=178f0d392a0c902bf487598b236d2a1fd6ee000c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3e:0e:a1:bd:92:52:6c:57:c0:9e:80:0c:5e:
cb:73:59:31:8a:d1:fd:e2:a5:9c:b6:6b:14:dd:c5:
15:2f:fa:8f:22:d2:3a:91:f9:2b:9d:f4:f9:fd:8a:
d5:37:c4:d4:15:3a:08:f5:4c:5a:2f:fc:d2:f0:0e:
c6:b5:37:81:c7:05:e8:1d:a1:c6:e6:80:57:48:22:
36:12:0f:5f:11:58:53:f0:d3:9d:48:c1:f9:0f:42:
9f:83:2b:3c:e3:eb:62:2e:7c:9d:39:43:1b:a4:79:
00:2e:7d:7d:c6:d9:91:8d:49:8c:09:e0:7b:b3:d1:
c9:9a:85:5e:b5:b5:36:07:19:1e:1f:6e:47:6a:0b:
50:eb:b1:21:2c:06:8e:a6:5f:6c:c4:c3:c4:34:cc:
de:83:5c:20:65:8b:c4:e7:32:74:68:e3:5f:f0:58:
7c:7b:00:bb:b4:b9:2e:7b:b5:5d:98:f8:c9:33:0f:
ce:b6:17:4b:87:0f:8c:ef:29:84:f3:2d:17:d7:29:
9f:22:f0:c2:2d:ab:71:6f:f0:a6:fe:49:f0:43:59:
81:e0:51:c1:99:23:38:14:a2:0b:d2:e3:13:b1:4f:
39:b6:75:f2:33:ea:66:75:ab:aa:02:df:56:af:cd:
84:93:fe:46:a7:4b:b6:64:5c:53:41:b8:79:a0:34:
98:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8F:0D:39:2A:0C:90:2B:F4:87:59:8B:23:6D:2A:1F:D6:EE:00:0C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/F48NOSoMkCv0h1mLI20qH9buAAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.66.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.210.0/24
84.32.214.0/23
84.32.236.0/24
84.32.244.0/22
84.32.249.0/24
88.216.22.0/23
88.216.43.0-88.216.45.255
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.180.0/24
88.216.182.0/23
88.216.187.0-88.216.189.255
88.216.191.0/24
88.216.197.0-88.216.198.255
88.216.208.0/24
88.216.211.0-88.216.215.255
88.216.228.0/22
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:75:8e:6b:a7:5c:1e:5a:ec:18:1c:b8:8d:5e:e0:86:87:aa:
51:e6:44:81:eb:89:01:fc:42:11:2f:71:69:82:e1:2b:6c:85:
26:75:97:2c:e4:bf:c8:29:ef:5e:a8:20:08:73:68:e2:c3:15:
9a:db:57:93:7a:9e:17:4c:8f:9a:14:9d:22:78:33:cd:e4:99:
b9:6a:38:aa:6f:6e:35:6b:c5:5d:32:44:c4:05:9e:5f:98:1c:
36:75:2a:c0:48:93:27:1d:34:f4:a5:62:b5:29:ef:1a:2f:0c:
67:55:2d:af:d4:54:7e:8e:df:76:c4:5a:83:ab:7c:82:7d:08:
91:61:89:c3:bd:ed:27:74:95:67:42:57:94:39:68:ae:ec:4a:
05:ef:0c:22:fe:e1:8b:97:cc:9b:48:44:72:16:93:43:f8:dc:
74:7e:c6:34:05:77:da:5c:bb:c3:fc:02:21:ac:99:a4:0a:96:
b3:6c:17:be:e1:bf:d1:ce:20:a4:00:7d:8c:57:62:4b:20:67:
3a:ad:10:a2:1e:d7:3f:79:bb:9f:c5:86:31:92:24:38:eb:72:
ac:59:fe:68:de:38:f9:70:a0:81:75:c2:af:97:18:6f:94:84:
5b:de:9a:73:86:13:b9:ea:4d:15:10:e4:34:1c:d6:15:32:41:
e7:6e:e5:10
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYvTg5TJX4lFBDZo+ZbfrUvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMTE1MTUwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzhmMGQzOTJhMGM5MDJiZjQ4NzU5OGIyMzZkMmExZmQ2ZWUwMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD4Oob2SUmxXwJ6ADF7Lc1kxitH9
4qWctmsU3cUVL/qPItI6kfkrnfT5/YrVN8TUFToI9UxaL/zS8A7GtTeBxwXoHaHG
5oBXSCI2Eg9fEVhT8NOdSMH5D0Kfgys84+tiLnydOUMbpHkALn19xtmRjUmMCeB7
s9HJmoVetbU2BxkeH25HagtQ67EhLAaOpl9sxMPENMzeg1wgZYvE5zJ0aONf8Fh8
ewC7tLkue7VdmPjJMw/OthdLhw+M7ymE8y0X1ymfIvDCLatxb/Cm/knwQ1mB4FHB
mSM4FKIL0uMTsU85tnXyM+pmdauqAt9Wr82Ek/5Gp0u2ZFxTQbh5oDSY5QIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFBePDTkqDJAr9IdZiyNtKh/W7gAMMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRjQ4Tk9Tb01rQ3YwaDFtTEkyMHFIOWJ1QUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBABU
IAgwDAMEAlQgFAMEAlQgGAMEAVQgLgMEAFQgQgMEAFQgXwMEAlQglAMEAVQgrgME
AVQgsgMEAFQg0gMEAVQg1gMEAFQg7AMEAlQg9AMEAFQg+QMEAVjYFjAMAwQAWNgr
AwQBWNgsAwQAWNhdMAwDBAFY2IIDBABY2IQDBAFY2IYDBABY2LQDBAFY2LYwDAME
AFjYuwMEAVjYvAMEAFjYvzAMAwQAWNjFAwQAWNjGAwQAWNjQMAwDBABY2NMDBANY
2NADBAJY2OQDBAJY2OwwDQYJKoZIhvcNAQELBQADggEBAJx1jmunXB5a7BgcuI1e
4IaHqlHmRIHriQH8QhEvcWmC4StshSZ1lyzkv8gp716oIAhzaOLDFZrbV5N6nhdM
j5oUnSJ4M83kmblqOKpvbjVrxV0yRMQFnl+YHDZ1KsBIkycdNPSlYrUp7xovDGdV
La/UVH6O33bEWoOrfIJ9CJFhicO97Sd0lWdCV5Q5aK7sSgXvDCL+4YuXzJtIRHIW
k0P43HR+xjQFd9pcu8P8AiGsmaQKlrNsF77hv9HOIKQAfYxXYksgZzqtEKIe1z95
u5/FhjGSJDjrcqxZ/mjeOPlwoIF1wq+XGG+UhFvemnOGE7nqTRUQ5DQc1hUyQedu
5RA=
-----END CERTIFICATE-----
Generated at Fri Nov 17 15:31:35 2023 by rpki-client on console-ams.rpki-client.org