Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MnctgBC6jrvVG2nfHUZj7CbV1XI.roa
File: MnctgBC6jrvVG2nfHUZj7CbV1XI.roa (raw, json)
Hash identifier: pnwfRMhpq/hylKfwzibAj3hQt9CVp3QSIk/7OFMY1QQ=
Subject key identifier: 32:77:2D:80:10:BA:8E:BB:D5:1B:69:DF:1D:46:63:EC:26:D5:D5:72
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01876501B0803AA34C57731AB8A87D30E10C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MnctgBC6jrvVG2nfHUZj7CbV1XI.roa
Signing time: Sun 09 Apr 2023 07:53:42 +0000
ROA not before: Sun 09 Apr 2023 07:53:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.106.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.157.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Apr 2023 05:13:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:65:01:b0:80:3a:a3:4c:57:73:1a:b8:a8:7d:30:e1:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 9 07:53:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32772d8010ba8ebbd51b69df1d4663ec26d5d572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:68:2a:18:d7:54:5f:e0:9f:60:e1:a9:5d:99:
5b:21:9f:0b:33:f0:6e:cb:7c:a3:d7:2a:1b:a6:78:
b3:54:b2:58:e3:3b:59:5f:f7:aa:5c:02:82:ab:42:
0d:6c:9e:97:22:33:3e:11:e8:20:b4:55:d7:9a:82:
d0:a2:e7:ce:7d:d1:0d:d8:62:54:64:73:07:b2:d1:
f1:d3:c0:c9:ad:03:f4:6d:4e:7b:f5:77:39:c2:44:
46:e7:4c:a0:5f:8e:ed:a5:51:52:82:2c:8a:01:c2:
c8:5d:7f:a1:f0:38:f9:83:21:5f:45:96:ae:4e:40:
7b:8f:42:da:b7:dc:ac:cb:21:20:fd:a5:cb:d2:1a:
6f:1c:f1:20:76:15:06:c9:32:95:17:ba:c6:5f:da:
f1:be:21:9c:f3:19:7d:70:90:b5:d8:1e:23:70:3a:
03:11:4b:e2:7b:fa:b8:64:42:db:2c:cb:eb:2c:38:
dd:6f:b9:23:94:aa:36:37:96:6c:27:f5:ac:a9:dd:
c1:65:e9:3a:26:72:0b:c7:2c:89:b3:e1:8d:d0:09:
34:5c:a0:7d:c6:54:26:69:8d:de:f1:29:86:8a:7f:
86:85:21:4a:c8:97:46:84:fe:a6:40:6d:ac:a0:1d:
fe:d6:29:fd:4b:8f:63:75:2d:69:9d:26:c2:a9:7e:
cf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:77:2D:80:10:BA:8E:BB:D5:1B:69:DF:1D:46:63:EC:26:D5:D5:72
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MnctgBC6jrvVG2nfHUZj7CbV1XI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.40.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.67.0/24
84.32.70.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/23
84.32.106.0/24
84.32.108.0/23
84.32.148.0/22
84.32.157.0/24
84.32.174.0/23
84.32.177.0-84.32.179.255
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.224.255
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0-84.32.253.255
88.216.1.0/24
88.216.3.0/24
88.216.21.0/24
88.216.32.0/24
88.216.44.0/24
88.216.93.0/24
88.216.111.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.189.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:22:97:40:58:2c:f1:7a:79:d5:5c:30:85:6e:77:19:45:91:
47:87:53:ea:48:52:ff:5b:b1:14:0e:83:c2:db:be:49:1a:e0:
78:db:a7:42:7f:be:d1:4c:32:19:87:42:45:b8:b7:08:ed:bc:
8c:c8:81:45:d6:e5:c0:57:2a:51:69:8d:07:9d:2a:5f:52:a9:
cd:5d:14:7b:e4:42:8c:b3:2c:d3:5f:4e:48:56:bd:8d:36:59:
a1:5e:83:61:0b:43:7b:2b:45:bb:1e:e1:de:39:d5:7a:c5:e5:
08:ad:c5:6e:86:0a:d2:ec:21:b6:f1:28:b6:f3:56:3a:8e:02:
35:b7:80:60:2e:2e:92:b6:20:70:13:f1:71:fd:f4:97:1b:71:
43:bc:08:64:10:cb:3c:99:c0:e4:48:1a:19:56:49:7f:3c:c7:
4c:7a:f0:d6:e0:a2:ab:a1:70:2e:98:3b:83:65:9a:37:29:2a:
b3:55:8a:3f:a3:66:e0:d9:a0:60:6a:86:a1:20:7a:62:70:6c:
c7:e3:66:f7:2a:94:53:98:0f:e3:da:82:96:93:ce:06:80:b4:
40:57:74:e6:e7:fc:91:ef:a5:d8:2b:74:cd:4a:18:77:c1:0d:
46:c1:94:25:85:95:17:ec:2b:d4:56:65:ec:6c:42:d3:1a:4f:
74:4f:50:6f
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAYdlAbCAOqNMV3MauKh9MOEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDA5MDc1MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjc3MmQ4MDEwYmE4ZWJiZDUxYjY5ZGYxZDQ2NjNlYzI2ZDVkNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7mgqGNdUX+CfYOGpXZlbIZ8LM/Bu
y3yj1yobpnizVLJY4ztZX/eqXAKCq0INbJ6XIjM+EeggtFXXmoLQoufOfdEN2GJU
ZHMHstHx08DJrQP0bU579Xc5wkRG50ygX47tpVFSgiyKAcLIXX+h8Dj5gyFfRZau
TkB7j0Lat9ysyyEg/aXL0hpvHPEgdhUGyTKVF7rGX9rxviGc8xl9cJC12B4jcDoD
EUvie/q4ZELbLMvrLDjdb7kjlKo2N5ZsJ/Wsqd3BZek6JnILxyyJs+GN0Ak0XKB9
xlQmaY3e8SmGin+GhSFKyJdGhP6mQG2soB3+1in9S49jdS1pnSbCqX7PHwIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFDJ3LYAQuo671Rtp3x1GY+wm1dVyMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTW5jdGdCQzZqcnZWRzJuZkhVWmo3Q2JWMVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDCCASgEAgABMIIB
IAMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgKAMEAFQgLgMEAFQgOQMEAFQgPAMEAFQg
QwMEAFQgRgMEAFQgTQMEAFQgTwMEAVQgWAMEAFQgagMEAVQgbAMEAlQglAMEAFQg
nQMEAVQgrjAMAwQAVCCxAwQCVCCwAwQAVCDUAwQBVCDWAwQAVCDaAwQAVCDdMAwD
BABUIN8DBABUIOADBABUIOgwDAMEAFQg7wMEAFQg8DAMAwQBVCDyAwQBVCD0MAwD
BAFUIPoDBAFUIPwDBABY2AEDBABY2AMDBABY2BUDBABY2CADBABY2CwDBABY2F0D
BABY2G8DBABY2IAwDAMEAVjYggMEAFjYhAMEAFjYvQMEAljY1AMEAFjY3AMEAljY
6DANBgkqhkiG9w0BAQsFAAOCAQEAayKXQFgs8Xp51VwwhW53GUWRR4dT6khS/1ux
FA6Dwtu+SRrgeNunQn++0UwyGYdCRbi3CO28jMiBRdblwFcqUWmNB50qX1KpzV0U
e+RCjLMs019OSFa9jTZZoV6DYQtDeytFux7h3jnVesXlCK3FboYK0uwhtvEotvNW
Oo4CNbeAYC4ukrYgcBPxcf30lxtxQ7wIZBDLPJnA5EgaGVZJfzzHTHrw1uCiq6Fw
Lpg7g2WaNykqs1WKP6Nm4NmgYGqGoSB6YnBsx+Nm9yqUU5gP49qClpPOBoC0QFd0
5uf8ke+l2Ct0zUoYd8ENRsGUJYWVF+wr1FZl7GxC0xpPdE9Qbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org