Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KnnH7hhmge4hf0WLRFaZ5A3AXfs.roa
File: KnnH7hhmge4hf0WLRFaZ5A3AXfs.roa (raw, json)
Hash identifier: qdV4G38TEWnGYMk/1lxyGZ6R4/5CRLURHFzjZJhTJtE=
Subject key identifier: 2A:79:C7:EE:18:66:81:EE:21:7F:45:8B:44:56:99:E4:0D:C0:5D:FB
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01871F24EFA411073159E189B65B16C150D9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KnnH7hhmge4hf0WLRFaZ5A3AXfs.roa
Signing time: Sun 26 Mar 2023 18:18:46 +0000
ROA not before: Sun 26 Mar 2023 18:18:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.106.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1f:24:ef:a4:11:07:31:59:e1:89:b6:5b:16:c1:50:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 26 18:18:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a79c7ee186681ee217f458b445699e40dc05dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:93:1a:71:2c:de:f6:4a:3b:03:12:f2:5b:de:
f2:10:0c:2c:67:c8:f5:af:00:01:c0:8b:78:c5:a8:
bd:7e:80:84:4f:e6:2c:92:fa:c5:af:76:eb:d4:bb:
83:1c:f1:1d:70:df:b2:9c:00:ec:30:1c:a4:f7:8e:
4c:f4:72:f4:f7:6a:f0:19:2d:4e:e6:89:af:fd:67:
06:3b:c1:ae:ed:3e:03:a2:64:07:a4:ea:f7:6a:a9:
a2:a9:c6:eb:57:90:16:f7:8c:4f:a3:d2:93:16:f8:
18:9a:55:fc:aa:90:4b:d0:82:84:4e:06:fb:aa:11:
24:e7:72:d0:db:54:2d:0b:91:98:8a:37:08:06:52:
6f:b9:a9:d7:d9:5d:4c:9c:bc:12:81:d7:b5:5b:f8:
1c:3b:f7:45:f0:38:22:4f:39:0d:57:79:bc:65:d9:
57:ae:20:1d:86:f0:9a:51:7f:73:d1:7a:7f:22:75:
e6:87:81:be:4f:8d:9e:a1:4d:0e:e1:f0:c0:21:06:
83:28:10:76:7a:e1:8c:79:76:d9:4b:5a:c3:f3:8a:
3d:f5:d8:57:99:50:68:f2:08:d5:d3:4d:3c:3a:17:
f4:25:c7:42:0b:c9:d8:f2:e5:c2:a5:07:c7:8f:00:
07:ae:e8:46:88:80:dc:8d:c0:20:be:74:d7:d5:27:
0c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:79:C7:EE:18:66:81:EE:21:7F:45:8B:44:56:99:E4:0D:C0:5D:FB
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/KnnH7hhmge4hf0WLRFaZ5A3AXfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.71.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.106.0/24
84.32.148.0/22
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.224.0/24
84.32.227.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.252.0/23
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.186.0/24
88.216.189.0/24
88.216.209.0/24
88.216.215.0/24
88.216.228.0-88.216.235.255
Signature Algorithm: sha256WithRSAEncryption
5e:5b:b5:91:95:8a:7e:fc:a7:bd:8d:96:f1:96:16:4b:1a:e2:
ae:ad:8e:35:95:09:a1:15:cb:e0:04:6e:e6:92:b1:e4:05:5b:
21:b1:c3:87:3b:0c:c7:86:e0:e3:c4:29:67:5e:b0:4b:ab:ff:
0a:12:e4:de:67:a8:88:12:70:cc:cf:4f:f0:56:ac:61:6b:87:
1c:b6:53:e3:d0:10:ae:a7:65:88:a2:6b:31:01:32:65:b4:b4:
c6:14:8d:ac:0e:b6:d0:e9:45:ad:75:ec:bb:d7:60:fb:22:72:
ba:f0:d3:82:96:66:7e:98:68:23:d9:82:91:ec:2f:76:46:5c:
81:ae:2f:79:a8:62:df:3c:51:10:cc:bd:03:94:4e:b8:36:a5:
95:4f:4d:f9:29:b1:6a:57:dc:b9:e5:e3:6e:6a:68:87:41:39:
e3:e5:64:4d:dd:be:d5:64:14:b6:0a:1c:7b:7e:8e:29:89:87:
0c:4d:6b:70:04:15:5a:c3:b8:b3:f7:68:83:c4:67:a6:2e:5a:
bd:7d:be:56:f5:89:ce:ad:ed:90:30:8f:be:8c:d1:f0:6c:8b:
e7:6b:53:b6:43:53:04:81:e6:2e:ce:28:4f:49:b2:f2:2d:af:
2b:95:de:df:a5:57:84:ba:ea:3f:eb:74:fd:8c:a4:f8:c8:c4:
68:1a:d1:6a
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAYcfJO+kEQcxWeGJtlsWwVDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzI2MTgxODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTc5YzdlZTE4NjY4MWVlMjE3ZjQ1OGI0NDU2OTllNDBkYzA1ZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppMacSze9ko7AxLyW97yEAwsZ8j1
rwABwIt4xai9foCET+YskvrFr3br1LuDHPEdcN+ynADsMByk945M9HL092rwGS1O
5omv/WcGO8Gu7T4DomQHpOr3aqmiqcbrV5AW94xPo9KTFvgYmlX8qpBL0IKETgb7
qhEk53LQ21QtC5GYijcIBlJvuanX2V1MnLwSgde1W/gcO/dF8DgiTzkNV3m8ZdlX
riAdhvCaUX9z0Xp/InXmh4G+T42eoU0O4fDAIQaDKBB2euGMeXbZS1rD84o99dhX
mVBo8gjV0008Ohf0JcdCC8nY8uXCpQfHjwAHruhGiIDcjcAgvnTX1ScMJwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFCp5x+4YZoHuIX9Fi0RWmeQNwF37MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvS25uSDdoaG1nZTRoZjBXTFJGYVo1QTNBWGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCCAQUEAgABMIH+
AwQAVCAIAwQCVCAYAwQAVCAeAwQAVCAuAwQAVCBHAwQAVCBNAwQAVCBPAwQAVCBY
AwQAVCBqAwQCVCCUAwQBVCCuAwQAVCCxAwQAVCCzAwQAVCDUAwQBVCDWAwQAVCDa
AwQAVCDdAwQAVCDgAwQAVCDjAwQAVCDoMAwDBABUIO8DBABUIPAwDAMEAVQg8gME
AVQg9AMEAVQg/AMEAFjYAwMEAFjYEQMEAFjYFQMEAFjYIAMEAFjYJAMEAVjYXAME
AFjYbwMEAFjYgDAMAwQAWNiDAwQBWNiEAwQAWNi6AwQAWNi9AwQAWNjRAwQAWNjX
MAwDBAJY2OQDBAJY2OgwDQYJKoZIhvcNAQELBQADggEBAF5btZGVin78p72NlvGW
Fksa4q6tjjWVCaEVy+AEbuaSseQFWyGxw4c7DMeG4OPEKWdesEur/woS5N5nqIgS
cMzPT/BWrGFrhxy2U+PQEK6nZYiiazEBMmW0tMYUjawOttDpRa117LvXYPsicrrw
04KWZn6YaCPZgpHsL3ZGXIGuL3moYt88URDMvQOUTrg2pZVPTfkpsWpX3Lnl425q
aIdBOePlZE3dvtVkFLYKHHt+jimJhwxNa3AEFVrDuLP3aIPEZ6YuWr19vlb1ic6t
7ZAwj76M0fBsi+drU7ZDUwSB5i7OKE9JsvItryuV3t+lV4S66j/rdP2MpPjIxGga
0Wo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:29 2023 by rpki-client on console-ams.rpki-client.org