Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Gdk7sonMPSyxn532n9b2acnNpho.roa
File: Gdk7sonMPSyxn532n9b2acnNpho.roa (raw, json)
Hash identifier: efU9Z5rz5FMq9peg+QJ4Z3YX1ncu4j/vrPV+nmj6BFs=
Subject key identifier: 19:D9:3B:B2:89:CC:3D:2C:B1:9F:9D:F6:9F:D6:F6:69:C9:CD:A6:1A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018751BA448EF122E3FB0E3FAC2191FCAF10
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Gdk7sonMPSyxn532n9b2acnNpho.roa
Signing time: Wed 05 Apr 2023 14:02:54 +0000
ROA not before: Wed 05 Apr 2023 14:02:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.106.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Apr 2023 05:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:ba:44:8e:f1:22:e3:fb:0e:3f:ac:21:91:fc:af:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 5 14:02:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19d93bb289cc3d2cb19f9df69fd6f669c9cda61a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cb:68:59:25:54:8a:85:61:a4:74:be:33:e6:
4a:41:28:79:84:58:c9:a6:70:dd:3c:93:67:4a:46:
d5:f6:8c:b3:25:98:b2:0c:e6:1a:12:1d:df:03:6d:
ca:b0:1c:35:40:80:e8:9f:9c:ab:ba:17:ad:73:9c:
92:b1:d5:c2:7b:60:c5:f1:ec:ad:41:3f:6b:89:32:
4a:c7:6f:cd:b1:e2:aa:06:5b:64:d7:22:cf:ec:a0:
95:f6:06:cf:4e:cd:64:58:fa:5c:af:6e:13:ff:97:
81:fa:65:6f:1a:b7:e7:89:ee:e7:04:2e:e5:bf:94:
e9:20:c4:4c:29:c0:a0:f8:8b:91:ca:0f:bf:30:fe:
17:c7:7a:1f:89:b2:b5:49:7d:8e:fa:e4:38:24:00:
d5:64:91:17:3b:f3:a2:a4:91:1b:88:80:fa:2b:40:
12:5e:4f:d5:48:fb:f9:1d:1a:57:65:32:d6:44:09:
84:b6:19:c1:3c:32:cb:f2:b7:48:c3:ea:7b:ec:9d:
3f:5a:a0:21:65:1a:ea:30:a1:02:d3:47:db:4b:9b:
34:dd:0e:bb:4e:7d:75:02:10:18:69:70:75:db:89:
a7:91:e7:c7:11:b1:89:63:d1:dc:50:2f:a4:eb:30:
d2:e7:5f:34:9b:df:13:b7:dd:aa:1a:ee:9f:2d:1e:
49:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D9:3B:B2:89:CC:3D:2C:B1:9F:9D:F6:9F:D6:F6:69:C9:CD:A6:1A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Gdk7sonMPSyxn532n9b2acnNpho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.40.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.70.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.106.0/24
84.32.108.0/23
84.32.148.0/22
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.224.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0/24
84.32.252.0/23
88.216.1.0/24
88.216.3.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.189.0/24
88.216.212.0/24
88.216.215.0/24
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:0e:74:16:2e:e1:64:8c:bf:8a:92:fe:c3:31:bf:28:4b:b1:
7b:a8:b5:75:78:f0:95:50:50:48:b7:47:cc:7e:4a:d5:c1:4b:
7c:e0:ca:af:14:8a:e0:ab:f6:31:08:9d:74:05:7e:94:58:28:
1d:ac:cb:08:6a:09:39:2b:b9:59:ca:d8:2e:06:b4:ac:06:25:
0c:e9:49:c6:ca:97:d1:a3:bb:ae:70:c4:6c:da:67:88:68:ed:
07:ea:71:5d:14:ec:be:fa:25:7a:6c:57:0e:24:7a:4f:11:fc:
80:e3:7e:8d:70:60:e9:83:9d:12:99:c6:b3:4b:21:32:ce:d5:
e0:8b:24:50:f8:d0:83:25:e9:47:1a:c3:81:93:f4:c4:7f:2c:
1e:2f:c5:93:1b:cb:3d:e8:b2:26:84:48:ac:d6:ea:b0:87:d3:
fa:9b:5a:57:2b:2a:d4:3f:79:40:73:c8:3c:ee:b8:3f:a0:14:
0c:2c:eb:69:b1:ee:88:24:f4:29:7d:e3:43:a2:d2:74:68:5f:
20:d8:d5:19:22:78:a3:4b:3a:03:a1:91:fb:c5:99:48:60:55:
88:e3:7c:0a:aa:bb:65:61:c6:05:30:84:ca:de:33:68:e7:05:
69:54:5a:69:a3:d4:74:47:03:c5:36:29:9e:b0:1a:c4:87:f0:
84:9b:7d:5e
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYdRukSO8SLj+w4/rCGR/K8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDA1MTQwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWQ5M2JiMjg5Y2MzZDJjYjE5ZjlkZjY5ZmQ2ZjY2OWM5Y2RhNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAictoWSVUioVhpHS+M+ZKQSh5hFjJ
pnDdPJNnSkbV9oyzJZiyDOYaEh3fA23KsBw1QIDon5yruhetc5ySsdXCe2DF8eyt
QT9riTJKx2/NseKqBltk1yLP7KCV9gbPTs1kWPpcr24T/5eB+mVvGrfnie7nBC7l
v5TpIMRMKcCg+IuRyg+/MP4Xx3ofibK1SX2O+uQ4JADVZJEXO/OipJEbiID6K0AS
Xk/VSPv5HRpXZTLWRAmEthnBPDLL8rdIw+p77J0/WqAhZRrqMKEC00fbS5s03Q67
Tn11AhAYaXB124mnkefHEbGJY9HcUC+k6zDS5180m98Tt92qGu6fLR5JxQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFBnZO7KJzD0ssZ+d9p/W9mnJzaYaMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvR2RrN3Nvbk1QU3l4bjUzMm45YjJhY25OcGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgKAMEAFQgLgMEAFQgOQMEAFQgPAMEAFQg
RgMEAFQgTQMEAFQgTwMEAFQgWAMEAFQgagMEAVQgbAMEAlQglAMEAVQgrgMEAFQg
sQMEAFQgswMEAFQg1AMEAVQg1gMEAFQg2gMEAFQg3QMEAFQg4AMEAFQg6DAMAwQA
VCDvAwQAVCDwMAwDBAFUIPIDBAFUIPQDBABUIPoDBAFUIPwDBABY2AEDBABY2AMD
BABY2BUDBABY2CADBABY2CQDBAFY2FwDBABY2G8DBABY2IAwDAMEAVjYggMEAFjY
hAMEAFjYvQMEAFjY1AMEAFjY1wMEAFjY3AMEAljY6DANBgkqhkiG9w0BAQsFAAOC
AQEADA50Fi7hZIy/ipL+wzG/KEuxe6i1dXjwlVBQSLdHzH5K1cFLfODKrxSK4Kv2
MQiddAV+lFgoHazLCGoJOSu5WcrYLga0rAYlDOlJxsqX0aO7rnDEbNpniGjtB+px
XRTsvvolemxXDiR6TxH8gON+jXBg6YOdEpnGs0shMs7V4IskUPjQgyXpRxrDgZP0
xH8sHi/FkxvLPeiyJoRIrNbqsIfT+ptaVysq1D95QHPIPO64P6AUDCzrabHuiCT0
KX3jQ6LSdGhfINjVGSJ4o0s6A6GR+8WZSGBViON8Cqq7ZWHGBTCEyt4zaOcFaVRa
aaPUdEcDxTYpnrAaxIfwhJt9Xg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org