Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PfK9IZTbwsyfgEE8IGHy4a1sBL8.roa
File: PfK9IZTbwsyfgEE8IGHy4a1sBL8.roa (raw, json)
Hash identifier: dJ/AvzhrRjmYD0ZLMZ+y2WYSd0O3LgFadSw5zKauQHU=
Subject key identifier: 3D:F2:BD:21:94:DB:C2:CC:9F:80:41:3C:20:61:F2:E1:AD:6C:04:BF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01863BD56CD99157747CF7FAA2BCBFA5FE2B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PfK9IZTbwsyfgEE8IGHy4a1sBL8.roa
Signing time: Fri 10 Feb 2023 14:58:08 +0000
ROA not before: Fri 10 Feb 2023 14:58:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.190.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.255.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Feb 2023 14:35:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3b:d5:6c:d9:91:57:74:7c:f7:fa:a2:bc:bf:a5:fe:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 10 14:58:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3df2bd2194dbc2cc9f80413c2061f2e1ad6c04bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:11:89:51:29:5f:eb:72:28:7c:7b:5a:c4:ed:
e3:70:6e:bb:73:b4:22:51:eb:63:f1:8d:63:8e:22:
75:87:e1:c2:67:b5:d1:1f:55:8d:e7:71:43:9a:3f:
e7:23:cf:27:09:a6:18:40:6f:70:ec:da:74:00:db:
69:93:6d:d5:e7:0c:33:ac:0c:69:ef:86:6f:d0:df:
ea:a7:2d:89:1b:6b:04:25:5a:d5:8d:1b:34:58:b6:
38:66:e6:37:a2:c9:c4:0c:81:68:89:f2:e0:22:4b:
c0:63:dc:58:f8:97:f6:d6:dd:aa:8b:22:8d:68:64:
e2:53:58:ce:c9:7c:2c:4b:c2:f4:ef:a0:3a:a5:90:
7f:d6:06:b3:c6:51:79:54:b8:8a:1d:16:5e:d2:b8:
72:de:80:f8:5a:c3:5a:38:bc:59:bd:c4:7e:46:18:
56:c0:a7:97:fe:46:b5:fe:60:45:00:b6:c2:b4:8e:
2b:ca:7d:7d:91:19:fd:bc:81:74:14:3b:b0:e3:59:
31:a5:ea:08:d0:81:e3:22:db:27:a4:33:f1:20:44:
50:4d:d4:24:49:13:59:6e:9f:90:91:b1:2f:e7:b1:
37:88:4e:2b:d3:22:d8:a3:a8:cf:35:32:72:24:7d:
05:d4:53:61:25:77:18:ff:ac:f1:6e:03:82:79:bb:
59:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F2:BD:21:94:DB:C2:CC:9F:80:41:3C:20:61:F2:E1:AD:6C:04:BF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PfK9IZTbwsyfgEE8IGHy4a1sBL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.76.0/23
84.32.79.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.220.0-84.32.222.255
84.32.240.0/24
84.32.243.0/24
84.32.252.0/23
84.32.255.0/24
88.216.17.0/24
88.216.93.0/24
88.216.128.0/23
88.216.132.0-88.216.134.255
88.216.190.0/24
88.216.213.0/24
88.216.215.0/24
88.216.220.0/24
88.216.228.0-88.216.239.255
Signature Algorithm: sha256WithRSAEncryption
6c:8e:79:73:12:36:12:0a:36:57:2e:c5:9c:48:72:2e:8e:04:
98:7e:72:14:dc:53:d4:ae:2b:e5:d7:c6:20:2a:dc:ef:1e:53:
db:17:b7:48:62:3c:fa:35:83:57:73:1c:45:79:f6:47:52:0e:
3b:6d:58:ca:17:3b:be:79:09:10:40:80:19:3a:25:a4:ef:c5:
b3:06:9e:b4:c8:49:63:e5:4b:7c:be:c1:6b:81:41:d9:f8:40:
f0:76:f9:e5:f8:f7:fc:02:ff:75:88:e6:c1:55:c3:70:85:af:
79:6e:11:6e:c8:0e:46:9d:1e:24:75:3e:3e:10:cd:31:da:37:
c9:a3:d0:b9:91:5d:b1:58:fb:85:58:2c:37:a6:28:78:50:6a:
ab:a0:8e:5f:19:7d:a2:0f:ef:68:1e:f0:b3:cb:e7:e0:37:23:
81:d9:75:20:d7:47:2d:df:e7:6d:67:d7:cc:30:64:12:c5:a1:
42:77:09:f6:c4:25:85:0e:b0:01:0c:1b:52:58:ce:f5:ea:e8:
23:c5:6c:41:90:c1:48:05:0a:e9:22:15:ec:cb:f5:dd:01:6e:
f1:af:bb:3c:ab:22:6b:1e:7e:03:67:98:08:9a:3b:8b:6a:75:
a3:d6:a8:3c:ff:79:93:aa:f8:90:46:7d:4d:ff:d4:d2:29:09:
2b:b3:76:85
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYY71WzZkVd0fPf6ory/pf4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjEwMTQ1ODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGYyYmQyMTk0ZGJjMmNjOWY4MDQxM2MyMDYxZjJlMWFkNmMwNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRGJUSlf63IofHtaxO3jcG67c7Qi
Uetj8Y1jjiJ1h+HCZ7XRH1WN53FDmj/nI88nCaYYQG9w7Np0ANtpk23V5wwzrAxp
74Zv0N/qpy2JG2sEJVrVjRs0WLY4ZuY3osnEDIFoifLgIkvAY9xY+Jf21t2qiyKN
aGTiU1jOyXwsS8L076A6pZB/1gazxlF5VLiKHRZe0rhy3oD4WsNaOLxZvcR+RhhW
wKeX/ka1/mBFALbCtI4ryn19kRn9vIF0FDuw41kxpeoI0IHjItsnpDPxIERQTdQk
SRNZbp+QkbEv57E3iE4r0yLYo6jPNTJyJH0F1FNhJXcY/6zxbgOCebtZ5wIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFD3yvSGU28LMn4BBPCBh8uGtbAS/MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUGZLOUlaVGJ3c3lmZ0VFOElHSHk0YTFzQkw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAJU
IBgDBABUIB4DBABUIC4DBAFUIEwDBABUIE8DBABUILMDBABUINQDBAFUINYwDAME
AlQg3AMEAFQg3gMEAFQg8AMEAFQg8wMEAVQg/AMEAFQg/wMEAFjYEQMEAFjYXQME
AVjYgDAMAwQCWNiEAwQAWNiGAwQAWNi+AwQAWNjVAwQAWNjXAwQAWNjcMAwDBAJY
2OQDBARY2OAwDQYJKoZIhvcNAQELBQADggEBAGyOeXMSNhIKNlcuxZxIci6OBJh+
chTcU9SuK+XXxiAq3O8eU9sXt0hiPPo1g1dzHEV59kdSDjttWMoXO755CRBAgBk6
JaTvxbMGnrTISWPlS3y+wWuBQdn4QPB2+eX49/wC/3WI5sFVw3CFr3luEW7IDkad
HiR1Pj4QzTHaN8mj0LmRXbFY+4VYLDemKHhQaqugjl8ZfaIP72ge8LPL5+A3I4HZ
dSDXRy3f521n18wwZBLFoUJ3CfbEJYUOsAEMG1JYzvXq6CPFbEGQwUgFCukiFezL
9d0BbvGvuzyrImsefgNnmAiaO4tqdaPWqDz/eZOq+JBGfU3/1NIpCSuzdoU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org