Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ILX9qs1CJtz_gij6oAF3-Uncows.roa
File: ILX9qs1CJtz_gij6oAF3-Uncows.roa (raw, json)
Hash identifier: KhyrVcm6lS98GJIwdxjuPn2wfTEHsrNu+FEV4nCtDMs=
Subject key identifier: 20:B5:FD:AA:CD:42:26:DC:FF:82:28:FA:A0:01:77:F9:49:DC:A3:0B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018644A8086FCCE2D49E57D575AE693E5FB7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ILX9qs1CJtz_gij6oAF3-Uncows.roa
Signing time: Sun 12 Feb 2023 08:05:08 +0000
ROA not before: Sun 12 Feb 2023 08:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.190.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.255.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.26.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Feb 2023 06:20:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:44:a8:08:6f:cc:e2:d4:9e:57:d5:75:ae:69:3e:5f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 12 08:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20b5fdaacd4226dcff8228faa00177f949dca30b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2d:f9:c2:f1:7f:eb:63:8b:77:52:d5:40:2b:
d0:1e:d6:a9:80:0c:89:d0:bb:39:f9:7b:96:a8:9c:
e5:63:0d:de:b9:16:1e:3c:0b:0b:47:ec:3f:af:14:
83:2d:6e:ac:48:91:e6:a1:a1:b4:70:93:03:1c:94:
82:a5:15:b5:aa:99:92:b6:1e:0f:52:5a:b0:31:d4:
a1:3c:45:88:6a:ac:cd:0c:23:29:38:67:46:17:e1:
6a:70:bf:09:9d:40:42:6e:3a:d9:18:3e:37:f1:7a:
df:b2:9e:bb:7d:98:24:cd:f3:84:5f:44:51:e3:a9:
fe:f3:91:24:e3:d3:cb:04:a8:08:0f:75:1e:70:85:
41:69:47:48:8f:7e:59:ec:0a:76:94:c5:5b:d0:e3:
3f:1f:2f:87:63:30:df:51:14:c8:6d:f5:b1:a9:22:
1f:97:0d:04:e8:be:aa:10:ac:eb:f8:4b:14:a8:4c:
bd:3c:dd:57:79:ad:67:bb:c7:d6:9d:32:13:7a:a2:
da:40:08:b0:51:07:9a:0e:2d:45:82:e3:b3:7d:95:
66:e3:f2:d4:18:af:2b:63:dc:f1:2a:f5:21:b3:d3:
0f:23:df:7a:94:82:67:b3:b4:94:9b:7f:57:1c:b8:
d9:52:8b:2e:eb:7c:59:96:c0:ad:d1:2f:90:e9:22:
8e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:B5:FD:AA:CD:42:26:DC:FF:82:28:FA:A0:01:77:F9:49:DC:A3:0B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ILX9qs1CJtz_gij6oAF3-Uncows.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.76.0/23
84.32.79.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.220.0-84.32.222.255
84.32.240.0/24
84.32.242.0/23
84.32.252.0/23
84.32.255.0/24
88.216.17.0/24
88.216.93.0/24
88.216.128.0/23
88.216.132.0-88.216.134.255
88.216.190.0/24
88.216.213.0/24
88.216.215.0/24
88.216.220.0/24
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
70:31:a2:84:7d:0e:71:bf:c1:cc:91:12:5d:4c:2f:ef:f4:0f:
50:ba:fd:f1:0e:b6:b2:65:9a:cf:81:ef:5c:7b:ae:6c:ab:91:
a6:c2:1c:12:8d:19:00:d0:53:41:ef:96:70:2e:f4:bf:1e:84:
c8:65:9b:20:7a:13:fb:28:40:06:b7:56:ea:aa:c1:c2:99:43:
b5:1f:9a:e3:58:f9:24:46:9c:6d:96:71:58:32:0b:92:b0:fa:
ea:fc:31:2f:be:dc:6e:b9:ad:31:f9:22:a5:65:60:d0:1a:56:
10:1f:41:0c:7a:4b:4c:b9:06:28:2b:9a:df:2b:ae:70:f8:3c:
29:27:a3:37:7d:15:29:ca:a3:a8:6a:50:1f:12:ec:9a:15:01:
49:6f:4d:1b:3c:3d:90:8f:fc:c0:d6:c8:c9:01:72:d1:29:65:
89:0c:2f:e3:cb:8b:bf:6a:0c:c1:df:24:86:e4:c3:b0:54:92:
89:2e:3a:06:36:44:9a:e5:39:93:9d:dc:cb:20:3b:90:5e:43:
78:0b:2c:a5:b4:f3:2d:0c:ad:47:d6:10:68:4f:64:27:65:d1:
00:74:7d:24:31:b6:c0:02:2b:3e:f2:ab:af:7a:fe:b9:e2:74:
96:11:0d:03:c8:6f:06:eb:0b:c4:d7:05:a4:1e:64:24:0e:f3:
20:ec:d5:ff
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYZEqAhvzOLUnlfVda5pPl+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjEyMDgwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGI1ZmRhYWNkNDIyNmRjZmY4MjI4ZmFhMDAxNzdmOTQ5ZGNhMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmS35wvF/62OLd1LVQCvQHtapgAyJ
0Ls5+XuWqJzlYw3euRYePAsLR+w/rxSDLW6sSJHmoaG0cJMDHJSCpRW1qpmSth4P
UlqwMdShPEWIaqzNDCMpOGdGF+FqcL8JnUBCbjrZGD438Xrfsp67fZgkzfOEX0RR
46n+85Ek49PLBKgID3UecIVBaUdIj35Z7Ap2lMVb0OM/Hy+HYzDfURTIbfWxqSIf
lw0E6L6qEKzr+EsUqEy9PN1Xea1nu8fWnTITeqLaQAiwUQeaDi1FguOzfZVm4/LU
GK8rY9zxKvUhs9MPI996lIJns7SUm39XHLjZUosu63xZlsCt0S+Q6SKORQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFCC1/arNQibc/4Io+qABd/lJ3KMLMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSUxYOXFzMUNKdHpfZ2lqNm9BRjMtVW5jb3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAJU
IBgDBABUIB4DBABUIC4DBAFUIEwDBABUIE8DBABUILMDBABUINQDBAFUINYwDAME
AlQg3AMEAFQg3gMEAFQg8AMEAVQg8gMEAVQg/AMEAFQg/wMEAFjYEQMEAFjYXQME
AVjYgDAMAwQCWNiEAwQAWNiGAwQAWNi+AwQAWNjVAwQAWNjXAwQAWNjcAwQCWNjs
MA0GCSqGSIb3DQEBCwUAA4IBAQBwMaKEfQ5xv8HMkRJdTC/v9A9Quv3xDrayZZrP
ge9ce65sq5GmwhwSjRkA0FNB75ZwLvS/HoTIZZsgehP7KEAGt1bqqsHCmUO1H5rj
WPkkRpxtlnFYMguSsPrq/DEvvtxuua0x+SKlZWDQGlYQH0EMektMuQYoK5rfK65w
+DwpJ6M3fRUpyqOoalAfEuyaFQFJb00bPD2Qj/zA1sjJAXLRKWWJDC/jy4u/agzB
3ySG5MOwVJKJLjoGNkSa5TmTndzLIDuQXkN4CyyltPMtDK1H1hBoT2QnZdEAdH0k
MbbAAis+8quvev654nSWEQ0DyG8G6wvE1wWkHmQkDvMg7NX/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org