Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QdlIhfIW5jqRcacp3MDTghKaMAM.roa
File: QdlIhfIW5jqRcacp3MDTghKaMAM.roa (raw, json)
Hash identifier: HHNVUgPvAOK3YjcuyCWLo98By4Ly91By9tv0TIjAcSs=
Subject key identifier: 41:D9:48:85:F2:16:E6:3A:91:71:A7:29:DC:C0:D3:82:12:9A:30:03
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018776640F607C795065F4C11F6AE824A692
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QdlIhfIW5jqRcacp3MDTghKaMAM.roa
Signing time: Wed 12 Apr 2023 16:54:41 +0000
ROA not before: Wed 12 Apr 2023 16:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Apr 2023 17:50:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:64:0f:60:7c:79:50:65:f4:c1:1f:6a:e8:24:a6:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 12 16:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41d94885f216e63a9171a729dcc0d382129a3003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e9:41:5b:75:e4:65:a8:cf:e2:6a:c0:6f:7a:
41:77:e6:c9:3c:1d:50:62:5a:7b:52:a5:ee:5a:09:
46:26:bc:37:0d:ec:d3:04:90:ad:4e:2b:9f:1e:aa:
a9:22:2e:71:16:be:41:d5:83:9d:cd:e8:f6:94:e7:
30:29:8e:a8:0e:15:db:15:87:e8:3d:70:45:cb:de:
61:ef:3f:9e:08:9f:e9:96:24:2f:a9:aa:fe:a7:de:
c2:37:68:36:c6:ad:d7:76:77:30:00:67:71:58:2f:
df:60:82:19:bf:f6:bf:e0:86:80:d5:d5:77:fa:23:
c9:8d:6e:b8:4e:e5:93:e8:73:b1:b5:a9:fb:5a:51:
03:0d:02:e7:36:a5:0a:14:a8:d4:7b:03:a1:9a:9f:
b8:33:dd:0a:b5:bb:08:53:88:d7:73:f3:88:c4:7d:
f7:eb:55:22:4d:41:98:c8:d3:f4:8d:3f:31:a3:7d:
49:7f:48:07:35:81:c8:bb:d3:a6:42:de:22:13:ad:
dd:4a:c0:c4:20:20:7c:f0:96:1e:6a:e5:fa:a0:a3:
c2:36:68:c2:d5:fe:5d:5d:ef:21:9e:e2:42:11:1c:
53:45:d7:f4:18:f3:f8:ee:f1:7c:51:b2:85:c3:8f:
c6:3f:54:ca:f2:ec:01:b4:71:71:2d:47:e4:53:7c:
45:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D9:48:85:F2:16:E6:3A:91:71:A7:29:DC:C0:D3:82:12:9A:30:03
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QdlIhfIW5jqRcacp3MDTghKaMAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.40.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.67.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.108.0/23
84.32.148.0/22
84.32.174.0/23
84.32.177.0-84.32.179.255
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.224.255
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0-84.32.253.255
88.216.1.0/24
88.216.3.0/24
88.216.16.0/24
88.216.21.0/24
88.216.32.0/24
88.216.44.0/24
88.216.93.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.189.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:b7:4e:c0:2f:80:cc:3c:2e:e7:50:0d:af:01:b7:1f:55:c0:
e6:e4:2e:6b:ad:07:19:7d:05:d0:d5:2b:e2:e0:5a:0e:39:50:
88:75:d9:df:57:3c:4b:74:d1:f5:2c:9c:2c:da:3b:f8:55:49:
4b:91:ff:b3:2a:9d:40:2b:0b:3e:6b:18:bc:8a:47:58:28:00:
ad:04:e5:59:df:ad:60:0c:a6:62:36:5e:ed:9c:d6:54:4e:8c:
44:fe:83:cc:88:14:fd:3a:c3:26:1b:7f:57:54:ff:49:18:c8:
64:77:0f:a0:a8:75:4d:66:51:8f:b3:f9:ec:24:f5:b2:3a:7b:
10:f8:a5:50:05:40:bf:d6:a3:ad:c2:ca:6d:1d:11:76:84:4f:
d6:ca:f1:d6:88:a3:93:1e:26:2e:4f:58:50:7b:ed:3d:e8:a1:
18:b1:c5:31:91:5e:fd:22:9f:c7:b5:93:8a:ec:f0:2c:95:5d:
ac:0b:90:f2:3f:af:73:bb:1f:89:98:ca:55:a0:34:30:68:64:
c3:b2:36:03:22:dd:9f:e0:9f:42:41:33:2c:f9:52:d8:4e:09:
09:e6:f2:ec:0e:e3:b9:10:01:1a:26:ef:0b:61:a2:1d:05:70:
1a:75:95:28:c9:0f:e2:dc:af:d5:08:ba:ba:05:75:95:e5:63:
c7:4e:0e:c2
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYd2ZA9gfHlQZfTBH2roJKaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDEyMTY1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQ5NDg4NWYyMTZlNjNhOTE3MWE3MjlkY2MwZDM4MjEyOWEzMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3elBW3XkZajP4mrAb3pBd+bJPB1Q
Ylp7UqXuWglGJrw3DezTBJCtTiufHqqpIi5xFr5B1YOdzej2lOcwKY6oDhXbFYfo
PXBFy95h7z+eCJ/pliQvqar+p97CN2g2xq3XdncwAGdxWC/fYIIZv/a/4IaA1dV3
+iPJjW64TuWT6HOxtan7WlEDDQLnNqUKFKjUewOhmp+4M90KtbsIU4jXc/OIxH33
61UiTUGYyNP0jT8xo31Jf0gHNYHIu9OmQt4iE63dSsDEICB88JYeauX6oKPCNmjC
1f5dXe8hnuJCERxTRdf0GPP47vF8UbKFw4/GP1TK8uwBtHFxLUfkU3xFLQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFEHZSIXyFuY6kXGnKdzA04ISmjADMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUWRsSWhmSVc1anFSY2FjcDNNRFRnaEthTUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgKAMEAFQgLgMEAFQgOQMEAFQgPAMEAFQg
QwMEAFQgTQMEAFQgTwMEAFQgWAMEAVQgbAMEAlQglAMEAVQgrjAMAwQAVCCxAwQC
VCCwAwQAVCDUAwQBVCDWAwQAVCDaAwQAVCDdMAwDBABUIN8DBABUIOADBABUIOgw
DAMEAFQg7wMEAFQg8DAMAwQBVCDyAwQBVCD0MAwDBAFUIPoDBAFUIPwDBABY2AED
BABY2AMDBABY2BADBABY2BUDBABY2CADBABY2CwDBABY2F0DBABY2IAwDAMEAVjY
ggMEAFjYhAMEAFjYvQMEAljY1AMEAFjY3AMEAljY6DANBgkqhkiG9w0BAQsFAAOC
AQEAm7dOwC+AzDwu51ANrwG3H1XA5uQua60HGX0F0NUr4uBaDjlQiHXZ31c8S3TR
9SycLNo7+FVJS5H/syqdQCsLPmsYvIpHWCgArQTlWd+tYAymYjZe7ZzWVE6MRP6D
zIgU/TrDJht/V1T/SRjIZHcPoKh1TWZRj7P57CT1sjp7EPilUAVAv9ajrcLKbR0R
doRP1srx1oijkx4mLk9YUHvtPeihGLHFMZFe/SKfx7WTiuzwLJVdrAuQ8j+vc7sf
iZjKVaA0MGhkw7I2AyLdn+CfQkEzLPlS2E4JCeby7A7juRABGibvC2GiHQVwGnWV
KMkP4tyv1Qi6ugV1leVjx04Owg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org