Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ITsIp_-Hh2WgBOivSgt1AiELDZ8.roa
File: ITsIp_-Hh2WgBOivSgt1AiELDZ8.roa (raw, json)
Hash identifier: SRb/JpoEd2NL9JMFjV7UNl2mAEAwWDs0c5LVd3WiNXI=
Subject key identifier: 21:3B:08:A7:FF:87:87:65:A0:04:E8:AF:4A:0B:75:02:21:0B:0D:9F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01877464FEB4A8B0AF1922E0826A50528B03
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ITsIp_-Hh2WgBOivSgt1AiELDZ8.roa
Signing time: Wed 12 Apr 2023 07:36:28 +0000
ROA not before: Wed 12 Apr 2023 07:36:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.157.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Apr 2023 15:19:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:64:fe:b4:a8:b0:af:19:22:e0:82:6a:50:52:8b:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 12 07:36:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=213b08a7ff878765a004e8af4a0b7502210b0d9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:02:a7:22:d2:81:6f:7f:92:78:e7:08:85:ae:
4b:20:a9:ff:f4:10:10:7e:ec:67:81:67:e3:fb:50:
d0:f1:22:8c:d0:9c:5a:e1:29:ae:72:69:d0:b4:7b:
26:86:3a:b8:fe:23:eb:aa:19:40:b7:c8:f1:31:11:
70:2a:6a:92:e8:85:c1:75:61:0e:7c:25:5e:5d:7a:
9a:74:85:69:94:cd:42:e2:56:5a:69:99:ed:98:59:
69:03:5d:1f:ab:58:40:62:01:10:e9:ba:94:7c:f7:
03:ea:88:f8:eb:ac:c7:11:3d:f0:a6:0a:29:14:c6:
86:5e:40:17:43:b8:de:c4:1c:3b:5b:1c:67:c4:68:
7a:0d:2b:68:af:09:cd:f3:25:1e:d2:1f:0d:0e:12:
2a:81:30:05:dd:d5:f0:6a:e0:e0:0a:cf:73:8a:9a:
0a:8a:32:42:af:61:5b:19:e8:74:2d:61:10:1c:eb:
b9:4d:81:99:7e:4e:35:ff:29:2c:e2:c8:28:4f:12:
92:be:6a:87:02:ff:e5:06:3b:38:df:e3:37:6b:5e:
a7:d1:d8:cd:1d:ee:d1:c9:c3:0c:74:b5:d8:6b:25:
1f:8d:4b:9b:a5:a1:50:2e:1b:a7:ff:15:49:08:61:
b1:b6:da:a3:1e:11:53:d8:be:ff:d4:02:49:5f:0f:
fe:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3B:08:A7:FF:87:87:65:A0:04:E8:AF:4A:0B:75:02:21:0B:0D:9F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ITsIp_-Hh2WgBOivSgt1AiELDZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.40.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.67.0/24
84.32.70.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/23
84.32.108.0/23
84.32.148.0/22
84.32.157.0/24
84.32.174.0/23
84.32.177.0-84.32.179.255
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.224.255
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0-84.32.253.255
88.216.1.0/24
88.216.3.0/24
88.216.16.0/24
88.216.21.0/24
88.216.32.0/24
88.216.44.0/24
88.216.93.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.189.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
34:15:96:04:d6:4e:b3:53:23:4e:5d:9b:a4:ff:79:f1:1c:a1:
7d:be:f2:11:83:0f:9a:3e:a0:24:be:54:09:0a:13:1e:f9:a1:
61:82:8d:6b:a8:24:33:bf:ff:d9:a8:1d:23:24:50:10:15:c6:
f5:0d:70:fc:54:76:a5:d2:5d:11:51:60:c5:20:f7:9d:7c:44:
4d:96:24:de:30:5b:4c:ca:82:a9:82:2c:41:85:b4:8b:a9:71:
37:a9:59:48:4a:03:f1:4e:ab:c0:01:e2:f3:a2:ac:8b:fb:a5:
1a:84:a6:3d:d0:48:fa:34:9e:21:20:d4:e4:6e:b3:59:9d:50:
28:0c:99:88:f0:03:a7:d1:55:3c:29:dc:3e:5c:44:9b:3c:61:
3e:eb:90:11:4a:68:23:8d:0b:f3:fd:5a:86:5d:a2:fd:64:43:
48:70:ae:0a:8f:e0:38:8a:0e:12:2a:fc:c1:f2:d8:4b:1e:8e:
94:d4:73:91:50:3f:98:0f:cc:41:37:6c:69:32:af:ae:e6:b7:
32:99:4e:35:a0:63:09:a9:0e:d7:a4:d6:2c:1f:bd:89:97:30:
1d:b9:1a:3f:f4:97:21:99:1f:73:a9:92:a1:e2:41:7f:0a:e3:
55:cd:c1:97:f8:a5:bb:01:68:9b:5e:39:30:5a:ae:14:b6:8a:
36:16:54:d6
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAYd0ZP60qLCvGSLggmpQUosDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDEyMDczNjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTNiMDhhN2ZmODc4NzY1YTAwNGU4YWY0YTBiNzUwMjIxMGIwZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQKnItKBb3+SeOcIha5LIKn/9BAQ
fuxngWfj+1DQ8SKM0Jxa4SmucmnQtHsmhjq4/iPrqhlAt8jxMRFwKmqS6IXBdWEO
fCVeXXqadIVplM1C4lZaaZntmFlpA10fq1hAYgEQ6bqUfPcD6oj466zHET3wpgop
FMaGXkAXQ7jexBw7WxxnxGh6DStorwnN8yUe0h8NDhIqgTAF3dXwauDgCs9zipoK
ijJCr2FbGeh0LWEQHOu5TYGZfk41/yks4sgoTxKSvmqHAv/lBjs43+M3a16n0djN
He7RycMMdLXYayUfjUubpaFQLhun/xVJCGGxttqjHhFT2L7/1AJJXw/+dQIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFCE7CKf/h4dloATor0oLdQIhCw2fMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSVRzSXBfLUhoMldnQk9pdlNndDFBaUVMRFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCASIEAgABMIIB
GgMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgKAMEAFQgLgMEAFQgOQMEAFQgPAMEAFQg
QwMEAFQgRgMEAFQgTQMEAFQgTwMEAVQgWAMEAVQgbAMEAlQglAMEAFQgnQMEAVQg
rjAMAwQAVCCxAwQCVCCwAwQAVCDUAwQBVCDWAwQAVCDaAwQAVCDdMAwDBABUIN8D
BABUIOADBABUIOgwDAMEAFQg7wMEAFQg8DAMAwQBVCDyAwQBVCD0MAwDBAFUIPoD
BAFUIPwDBABY2AEDBABY2AMDBABY2BADBABY2BUDBABY2CADBABY2CwDBABY2F0D
BABY2IAwDAMEAVjYggMEAFjYhAMEAFjYvQMEAljY1AMEAFjY3AMEAljY6DANBgkq
hkiG9w0BAQsFAAOCAQEANBWWBNZOs1MjTl2bpP958Ryhfb7yEYMPmj6gJL5UCQoT
HvmhYYKNa6gkM7//2agdIyRQEBXG9Q1w/FR2pdJdEVFgxSD3nXxETZYk3jBbTMqC
qYIsQYW0i6lxN6lZSEoD8U6rwAHi86Ksi/ulGoSmPdBI+jSeISDU5G6zWZ1QKAyZ
iPADp9FVPCncPlxEmzxhPuuQEUpoI40L8/1ahl2i/WRDSHCuCo/gOIoOEir8wfLY
Sx6OlNRzkVA/mA/MQTdsaTKvrua3MplONaBjCakO16TWLB+9iZcwHbkaP/SXIZkf
c6mSoeJBfwrjVc3Bl/iluwFom145MFquFLaKNhZU1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org