Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PgF_jNol83kuCJHAi4iebJdHyBw.roa
File: PgF_jNol83kuCJHAi4iebJdHyBw.roa (raw, json)
Hash identifier: S9IYjfUIPFPjd5ROrtKvrd/TO5HJxV4alAiuB4G4W24=
Subject key identifier: 3E:01:7F:8C:DA:25:F3:79:2E:08:91:C0:8B:88:9E:6C:97:47:C8:1C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186703F8D846EE2B6767C1591A07FB01A06
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PgF_jNol83kuCJHAi4iebJdHyBw.roa
Signing time: Mon 20 Feb 2023 19:14:18 +0000
ROA not before: Mon 20 Feb 2023 19:14:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.186.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.108.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.32.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.109.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:70:3f:8d:84:6e:e2:b6:76:7c:15:91:a0:7f:b0:1a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 20 19:14:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e017f8cda25f3792e0891c08b889e6c9747c81c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d5:8b:fc:02:b7:6d:36:58:20:92:92:cd:af:
fd:3a:2f:0d:be:7e:db:9a:c1:29:97:2d:29:8c:82:
e9:77:7e:5a:7e:1b:ae:83:09:f4:d4:6f:2b:ea:c2:
d5:20:89:44:5a:93:6f:8f:1d:5a:a8:9b:77:9c:56:
32:dd:6d:ba:f4:b2:df:52:36:5a:04:fb:91:43:a7:
88:da:17:c0:41:d6:2d:cd:24:fe:f8:f0:31:57:55:
68:ef:60:28:74:55:0e:02:18:6a:a9:22:27:55:e7:
04:79:5e:8b:f1:66:73:c3:97:2a:ff:ff:ab:e5:6c:
01:98:e7:1f:94:e8:fc:86:fa:2f:84:1e:88:b9:58:
53:8a:eb:b6:79:d8:03:ca:1b:1c:4b:2a:fb:13:8d:
25:b7:50:66:25:1b:41:2c:0d:33:29:86:4c:7e:33:
a9:4e:6c:b9:67:d9:bc:b2:1c:94:5b:9e:17:26:ef:
b4:af:92:d9:fb:c3:a7:af:48:c3:2c:7a:7c:b8:73:
fb:b0:52:01:ab:21:d5:c1:07:e5:4d:92:b9:7a:25:
c5:42:a4:b9:b3:72:37:9f:3a:4b:72:0a:03:b0:92:
a4:ab:51:b5:c6:f7:1b:f1:55:12:50:f5:64:fe:db:
17:08:36:a7:4d:89:82:15:5c:5a:c7:01:86:95:b8:
91:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:01:7F:8C:DA:25:F3:79:2E:08:91:C0:8B:88:9E:6C:97:47:C8:1C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PgF_jNol83kuCJHAi4iebJdHyBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.30.0/24
84.32.32.0/24
84.32.46.0/24
84.32.76.0/23
84.32.79.0/24
84.32.109.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.220.0-84.32.222.255
84.32.240.0/24
84.32.242.0/23
84.32.252.0/23
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.93.0/24
88.216.108.0/24
88.216.128.0/24
88.216.132.0-88.216.134.255
88.216.186.0/24
88.216.189.0-88.216.190.255
88.216.215.0/24
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:d2:7f:7f:21:8e:c4:34:1d:63:b9:bb:1e:51:fc:b2:d2:62:
ea:6e:65:ec:b1:46:19:b7:d8:1f:ea:d6:7c:45:96:57:d8:67:
53:02:9d:fb:bd:86:43:74:05:2e:78:2c:3e:e1:61:ef:0b:44:
25:47:d4:e5:49:51:e5:16:5b:67:1c:dd:aa:f8:cf:10:27:59:
d9:52:e4:14:03:46:9d:1f:80:d2:bd:8d:f9:6b:72:3b:36:ac:
5e:93:e5:a0:f9:cd:6a:86:df:29:8c:1d:91:ce:92:6a:c1:f2:
99:bd:57:ce:60:68:23:9c:43:70:82:1e:50:18:4a:9c:0d:e5:
ad:0e:12:a7:f9:85:43:06:4c:0d:75:73:3d:fb:a9:df:48:74:
2d:a4:43:f7:87:77:b1:94:c1:9e:5c:96:e5:8e:7e:e9:f5:d8:
30:64:35:15:50:de:09:ab:51:ee:c4:57:f3:51:22:04:33:c5:
1c:ca:e8:20:e3:47:c7:7c:dc:ba:42:83:d6:de:c3:35:73:ec:
4e:a7:87:26:cc:72:b7:dd:bc:08:1e:2f:77:d0:1e:f4:7a:53:
74:39:c1:2e:9e:8a:97:10:ea:ad:cd:53:55:ec:e7:24:28:1d:
92:d9:95:23:ee:ed:5e:a3:24:da:7d:d9:ea:b4:12:a6:c4:3e:
eb:2a:97:1c
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYZwP42EbuK2dnwVkaB/sBoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIwMTkxNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTAxN2Y4Y2RhMjVmMzc5MmUwODkxYzA4Yjg4OWU2Yzk3NDdjODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndWL/AK3bTZYIJKSza/9Oi8Nvn7b
msEply0pjILpd35afhuugwn01G8r6sLVIIlEWpNvjx1aqJt3nFYy3W269LLfUjZa
BPuRQ6eI2hfAQdYtzST++PAxV1Vo72AodFUOAhhqqSInVecEeV6L8WZzw5cq//+r
5WwBmOcflOj8hvovhB6IuVhTiuu2edgDyhscSyr7E40lt1BmJRtBLA0zKYZMfjOp
Tmy5Z9m8shyUW54XJu+0r5LZ+8Onr0jDLHp8uHP7sFIBqyHVwQflTZK5eiXFQqS5
s3I3nzpLcgoDsJKkq1G1xvcb8VUSUPVk/tsXCDanTYmCFVxaxwGGlbiRYQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFD4Bf4zaJfN5LgiRwIuInmyXR8gcMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUGdGX2pOb2w4M2t1Q0pIQWk0aWViSmRIeUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAJU
IBgDBABUIB4DBABUICADBABUIC4DBAFUIEwDBABUIE8DBABUIG0DBABUILMDBABU
INQDBAFUINYwDAMEAlQg3AMEAFQg3gMEAFQg8AMEAVQg8gMEAVQg/AMEAFjYEQME
AFjYFQMEAFjYIAMEAFjYXQMEAFjYbAMEAFjYgDAMAwQCWNiEAwQAWNiGAwQAWNi6
MAwDBABY2L0DBABY2L4DBABY2NcDBABY2NwwDQYJKoZIhvcNAQELBQADggEBAI3S
f38hjsQ0HWO5ux5R/LLSYupuZeyxRhm32B/q1nxFllfYZ1MCnfu9hkN0BS54LD7h
Ye8LRCVH1OVJUeUWW2cc3ar4zxAnWdlS5BQDRp0fgNK9jflrcjs2rF6T5aD5zWqG
3ymMHZHOkmrB8pm9V85gaCOcQ3CCHlAYSpwN5a0OEqf5hUMGTA11cz37qd9IdC2k
Q/eHd7GUwZ5cluWOfun12DBkNRVQ3gmrUe7EV/NRIgQzxRzK6CDjR8d83LpCg9be
wzVz7E6nhybMcrfdvAgeL3fQHvR6U3Q5wS6eipcQ6q3NU1Xs5yQoHZLZlSPu7V6j
JNp92eq0EqbEPusqlxw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:47 2023 by rpki-client on console-fra.rpki-client.org