Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QyZsSLF5DKL97q2jwVM0n8je96g.roa
File: QyZsSLF5DKL97q2jwVM0n8je96g.roa (raw, json)
Hash identifier: YFzP475+ersUgrUuSbZaPAg2DzA3wU6tcu8+x83FOE8=
Subject key identifier: 43:26:6C:48:B1:79:0C:A2:FD:EE:AD:A3:C1:53:34:9F:C8:DE:F7:A8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0187218130A0E1979732DEB6A4C8DAD201FD
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QyZsSLF5DKL97q2jwVM0n8je96g.roa
Signing time: Mon 27 Mar 2023 05:18:47 +0000
ROA not before: Mon 27 Mar 2023 05:18:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.106.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:21:81:30:a0:e1:97:97:32:de:b6:a4:c8:da:d2:01:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 27 05:18:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43266c48b1790ca2fdeeada3c153349fc8def7a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d3:c6:2b:95:67:5a:c6:84:ad:a9:ef:3d:86:
08:94:7f:51:b4:d9:fd:63:db:48:5c:66:89:8d:23:
6c:3b:ff:6d:50:59:ce:bb:9a:f0:f6:22:6f:8e:39:
c2:f8:46:af:93:38:a3:98:aa:d5:e8:06:c5:8d:8b:
e2:e9:d3:0a:40:5d:71:5a:64:a8:3d:63:38:b8:59:
9f:95:db:10:d3:34:ec:6a:1a:57:cd:8c:22:6a:b7:
e6:29:3f:e7:a3:ee:1c:91:b8:05:87:12:5f:be:45:
c1:76:9d:18:df:de:a3:b1:8a:d9:59:86:58:f6:d0:
27:87:fe:9e:c7:49:c5:5e:3f:5d:03:ae:a6:2e:36:
c7:5c:24:b4:cd:ce:06:6e:c0:fa:db:8b:2c:d9:ec:
b2:fc:40:4f:85:f8:1c:65:a6:57:b9:c3:4e:8c:b9:
4f:8e:a7:74:7d:57:cf:78:84:d4:b1:0b:67:6d:db:
b7:3a:bc:bd:5a:2f:6e:e0:a2:2f:8b:c5:f7:a9:2d:
25:cc:12:79:ca:b6:ca:8a:57:3b:a0:69:56:9a:aa:
0c:70:8a:2b:38:8f:13:82:7a:4f:9a:0b:73:3e:79:
30:fe:24:54:79:6f:22:08:29:a9:5e:3e:7f:f8:cd:
94:78:69:0c:e0:e6:de:8e:b2:fa:d8:6a:73:78:00:
f9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:26:6C:48:B1:79:0C:A2:FD:EE:AD:A3:C1:53:34:9F:C8:DE:F7:A8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QyZsSLF5DKL97q2jwVM0n8je96g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.60.0/24
84.32.71.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.106.0/24
84.32.148.0/22
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.224.0/24
84.32.227.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.252.0/23
88.216.1.0/24
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.186.0/24
88.216.189.0/24
88.216.209.0/24
88.216.215.0/24
88.216.228.0-88.216.235.255
Signature Algorithm: sha256WithRSAEncryption
6a:19:a1:dc:20:e0:37:41:ac:ec:17:53:f8:ad:01:a8:d4:59:
b6:0f:bd:ac:0a:41:a8:89:5e:1e:85:55:e4:5c:a4:b5:29:16:
68:54:31:21:5b:58:82:30:bc:2b:68:4a:f7:00:45:4f:64:19:
ed:f7:19:5f:df:8a:70:0d:b6:b0:11:e1:70:1a:85:c5:01:49:
30:1e:67:36:3e:bc:bb:a0:43:5d:05:dc:36:fa:d4:5a:8d:d7:
e6:fa:7c:65:04:bd:e6:01:cc:ab:f7:76:7b:b1:d7:d2:17:56:
8f:d4:6b:29:e4:85:bf:7c:1f:47:a4:f0:ea:4f:40:bc:67:c5:
2f:65:b2:c6:a6:24:85:75:89:c8:f9:01:38:0e:a6:46:4a:31:
4f:09:e6:35:35:31:94:a9:01:e8:f3:3f:7e:a0:f3:01:de:e0:
fa:54:7c:8f:85:43:2d:5c:15:7e:8e:f5:36:98:13:32:84:4f:
5f:64:96:09:98:af:f9:69:0d:95:e8:71:9a:0b:85:9b:fd:1c:
73:db:32:33:7f:03:0b:76:33:93:07:e3:af:05:15:63:a3:43:
6c:38:39:ff:fe:bd:35:8c:8e:47:cb:c1:7d:b8:34:d4:ce:7e:
37:a6:1f:78:ff:8e:3d:79:6e:ba:67:dd:c2:bf:0b:3e:d2:56:
cb:f8:ca:67
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAYchgTCg4ZeXMt62pMja0gH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzI3MDUxODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzI2NmM0OGIxNzkwY2EyZmRlZWFkYTNjMTUzMzQ5ZmM4ZGVmN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NPGK5VnWsaEranvPYYIlH9RtNn9
Y9tIXGaJjSNsO/9tUFnOu5rw9iJvjjnC+EavkzijmKrV6AbFjYvi6dMKQF1xWmSo
PWM4uFmfldsQ0zTsahpXzYwiarfmKT/no+4ckbgFhxJfvkXBdp0Y396jsYrZWYZY
9tAnh/6ex0nFXj9dA66mLjbHXCS0zc4GbsD624ss2eyy/EBPhfgcZaZXucNOjLlP
jqd0fVfPeITUsQtnbdu3Ory9Wi9u4KIvi8X3qS0lzBJ5yrbKilc7oGlWmqoMcIor
OI8TgnpPmgtzPnkw/iRUeW8iCCmpXj5/+M2UeGkM4ObejrL62GpzeAD5CQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFEMmbEixeQyi/e6to8FTNJ/I3veoMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUXlac1NMRjVES0w5N3EyandWTTBuOGplOTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgLgMEAFQgPAMEAFQgRwMEAFQgTQMEAFQg
TwMEAFQgWAMEAFQgagMEAlQglAMEAVQgrgMEAFQgsQMEAFQgswMEAFQg1AMEAVQg
1gMEAFQg2gMEAFQg3QMEAFQg4AMEAFQg4wMEAFQg6DAMAwQAVCDvAwQAVCDwMAwD
BAFUIPIDBAFUIPQDBAFUIPwDBABY2AEDBABY2AMDBABY2BEDBABY2BUDBABY2CAD
BABY2CQDBAFY2FwDBABY2G8DBABY2IAwDAMEAFjYgwMEAVjYhAMEAFjYugMEAFjY
vQMEAFjY0QMEAFjY1zAMAwQCWNjkAwQCWNjoMA0GCSqGSIb3DQEBCwUAA4IBAQBq
GaHcIOA3QazsF1P4rQGo1Fm2D72sCkGoiV4ehVXkXKS1KRZoVDEhW1iCMLwraEr3
AEVPZBnt9xlf34pwDbawEeFwGoXFAUkwHmc2Pry7oENdBdw2+tRajdfm+nxlBL3m
Acyr93Z7sdfSF1aP1Gsp5IW/fB9HpPDqT0C8Z8UvZbLGpiSFdYnI+QE4DqZGSjFP
CeY1NTGUqQHo8z9+oPMB3uD6VHyPhUMtXBV+jvU2mBMyhE9fZJYJmK/5aQ2V6HGa
C4Wb/Rxz2zIzfwMLdjOTB+OvBRVjo0NsODn//r01jI5Hy8F9uDTUzn43ph94/449
eW66Z93Cvws+0lbL+Mpn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:29 2023 by rpki-client on console-ams.rpki-client.org