Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NGeKCXNkXsdAUKEF1oRHS7UJJW8.roa
File: NGeKCXNkXsdAUKEF1oRHS7UJJW8.roa (raw, json)
Hash identifier: HZvkkMqJLRzMhunEs34J8475j1P21eHrB4PbsJaE7gw=
Subject key identifier: 34:67:8A:09:73:64:5E:C7:40:50:A1:05:D6:84:47:4B:B5:09:25:6F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0187EB9B3DAFE6B155E5788F01A33103C129
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NGeKCXNkXsdAUKEF1oRHS7UJJW8.roa
Signing time: Fri 05 May 2023 11:10:32 +0000
ROA not before: Fri 05 May 2023 11:10:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.9.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.108.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:eb:9b:3d:af:e6:b1:55:e5:78:8f:01:a3:31:03:c1:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 5 11:10:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34678a0973645ec74050a105d684474bb509256f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:89:1f:d1:38:29:78:6d:67:39:93:e3:dc:29:
9b:68:61:4f:3c:b2:4c:e8:a3:9b:4b:8e:f8:88:14:
1c:ad:7a:15:cc:06:b0:b6:c8:f9:0d:0d:20:3c:87:
57:2c:91:9c:bc:1d:4d:d1:80:c8:8d:cc:47:34:fd:
66:4f:a7:69:0f:15:f6:3d:50:75:cf:31:46:c8:83:
50:d6:49:79:84:07:31:79:b3:a2:9a:46:57:af:f1:
5d:39:c2:a9:9a:51:4e:cc:8b:46:df:9b:2b:38:42:
09:85:ea:72:70:49:e4:0d:c9:a6:7e:2c:1d:6d:e1:
1a:c4:f9:2d:08:68:bb:66:2c:ad:5c:17:a4:1a:64:
8e:5d:5c:2f:46:52:64:5a:67:05:0a:ec:21:6c:99:
18:c1:b8:66:56:47:1c:88:84:6b:ee:77:77:e3:3d:
2c:c9:e3:31:a3:10:89:3b:3b:a2:0e:68:89:48:0b:
3b:85:cb:33:8a:8f:6b:ca:19:00:fb:6d:b9:b3:41:
27:2d:db:ca:03:4c:fe:29:5b:62:9f:45:2a:17:ed:
24:bc:56:c6:8e:d2:ee:67:e2:ab:9f:87:7d:5b:2d:
76:74:77:9f:e8:a1:ba:aa:41:ef:d8:d6:0d:34:ab:
62:f7:d8:73:c9:63:ea:f9:00:0d:3b:b7:00:57:ea:
ef:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:67:8A:09:73:64:5E:C7:40:50:A1:05:D6:84:47:4B:B5:09:25:6F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NGeKCXNkXsdAUKEF1oRHS7UJJW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/23
84.32.15.0/24
84.32.24.0/22
84.32.30.0/24
84.32.44.0/24
84.32.46.0/23
84.32.57.0/24
84.32.60.0/24
84.32.67.0-84.32.68.255
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.110.0/24
84.32.148.0-84.32.154.255
84.32.156.0/24
84.32.158.0/23
84.32.174.0/23
84.32.177.0-84.32.178.255
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.225.255
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.242.0/23
84.32.251.0-84.32.253.255
88.216.0.0/23
88.216.3.0/24
88.216.16.0/24
88.216.32.0/24
88.216.35.0/24
88.216.41.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.100.0/24
88.216.108.0/24
88.216.111.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.183.0/24
88.216.188.0/23
88.216.197.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/21
Signature Algorithm: sha256WithRSAEncryption
61:26:4b:95:1e:aa:2f:e4:f0:97:19:fe:ec:da:38:32:c3:21:
c3:e8:11:d1:b3:53:ba:ff:e0:9b:0f:f7:d9:fc:d5:20:59:b0:
dc:6b:33:f1:f2:a8:51:22:fc:a0:4e:98:1f:a1:18:dd:2a:2c:
9f:dc:26:ad:33:e9:db:4a:19:00:5e:4b:f0:0d:7b:c2:4d:23:
5a:3a:03:01:95:a2:5d:3e:ad:f7:7e:bb:f4:30:b9:1c:7d:ae:
96:c5:62:e8:2d:26:7a:4b:44:5d:ef:5a:2a:b2:55:b1:77:47:
01:64:df:e5:c1:22:a0:ee:ca:06:9e:fc:63:64:ce:e0:95:35:
84:83:17:c8:79:e9:19:26:00:39:f0:42:18:5b:3f:21:d2:34:
b5:22:4b:50:3d:10:3f:11:40:83:2b:fb:f7:28:e8:04:51:c9:
61:79:52:62:81:91:26:55:f8:a2:b6:34:8a:65:d1:6c:05:8a:
da:d3:92:90:aa:1d:12:61:47:9b:38:07:e5:53:a2:a9:b4:f6:
fa:1a:e2:1d:ef:a2:f6:58:f4:a6:be:32:5f:a1:62:3a:b3:68:
ac:3c:7c:fa:ad:5d:37:7b:96:d7:cc:26:25:c7:66:b4:80:60:
ea:e1:bb:b8:57:c2:92:ec:ab:3a:51:80:47:08:5e:58:5d:1d:
46:c8:48:1c
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgISAYfrmz2v5rFV5XiPAaMxA8EpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTA1MTExMDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDY3OGEwOTczNjQ1ZWM3NDA1MGExMDVkNjg0NDc0YmI1MDkyNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyokf0TgpeG1nOZPj3CmbaGFPPLJM
6KObS474iBQcrXoVzAawtsj5DQ0gPIdXLJGcvB1N0YDIjcxHNP1mT6dpDxX2PVB1
zzFGyINQ1kl5hAcxebOimkZXr/FdOcKpmlFOzItG35srOEIJhepycEnkDcmmfiwd
beEaxPktCGi7ZiytXBekGmSOXVwvRlJkWmcFCuwhbJkYwbhmVkcciIRr7nd34z0s
yeMxoxCJOzuiDmiJSAs7hcszio9ryhkA+225s0EnLdvKA0z+KVtin0UqF+0kvFbG
jtLuZ+Krn4d9Wy12dHef6KG6qkHv2NYNNKti99hzyWPq+QANO7cAV+rv6wIDAQAB
o4IDbzCCA2swHQYDVR0OBBYEFDRniglzZF7HQFChBdaER0u1CSVvMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTkdlS0NYTmtYc2RBVUtFRjFvUkhTN1VKSlc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgwYIKwYBBQUHAQcBAf8EggFyMIIBbjCCAWoEAgABMIIB
YgMEAVQgCAMEAFQgDwMEAlQgGAMEAFQgHgMEAFQgLAMEAVQgLgMEAFQgOQMEAFQg
PDAMAwQAVCBDAwQAVCBEAwQAVCBNAwQAVCBPAwQAVCBYAwQAVCBuMAwDBAJUIJQD
BABUIJoDBABUIJwDBAFUIJ4DBAFUIK4wDAMEAFQgsQMEAFQgsgMEAFQg1AMEAVQg
1gMEAFQg2gMEAFQg3TAMAwQAVCDfAwQBVCDgMAwDBABUIOcDBABUIOgDBABUIOsw
DAMEAFQg7wMEAFQg8AMEAVQg8jAMAwQAVCD7AwQBVCD8AwQBWNgAAwQAWNgDAwQA
WNgQAwQAWNggAwQAWNgjAwQAWNgpAwQBWNgsMAwDBANY2DgDBAFY2EADBABY2GQD
BABY2GwDBABY2G8wDAMEAVjYggMEAFjYhAMEAVjYhgMEAFjYtwMEAVjYvAMEAFjY
xQMEAljY1AMEAFjY3AMEA1jY6DANBgkqhkiG9w0BAQsFAAOCAQEAYSZLlR6qL+Tw
lxn+7No4MsMhw+gR0bNTuv/gmw/32fzVIFmw3Gsz8fKoUSL8oE6YH6EY3Sosn9wm
rTPp20oZAF5L8A17wk0jWjoDAZWiXT6t93679DC5HH2ulsVi6C0mektEXe9aKrJV
sXdHAWTf5cEioO7KBp78Y2TO4JU1hIMXyHnpGSYAOfBCGFs/IdI0tSJLUD0QPxFA
gyv79yjoBFHJYXlSYoGRJlX4orY0imXRbAWK2tOSkKodEmFHmzgH5VOiqbT2+hri
He+i9lj0pr4yX6FiOrNorDx8+q1dN3uW18wmJcdmtIBg6uG7uFfCkuyrOlGARwhe
WF0dRshIHA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:47 2023 by rpki-client on console-fra.rpki-client.org