Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TJavZwf1y-r41ww7VPJ1KCwgmd0.roa
File: TJavZwf1y-r41ww7VPJ1KCwgmd0.roa (raw, json)
Hash identifier: 2/oZeDbBocQdAbCBLU0DzULx5Km3DzqoKw+G3ygIRBA=
Subject key identifier: 4C:96:AF:67:07:F5:CB:EA:F8:D7:0C:3B:54:F2:75:28:2C:20:99:DD
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01878530822C81BBB0352485594A5BD652C4
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TJavZwf1y-r41ww7VPJ1KCwgmd0.roa
Signing time: Sat 15 Apr 2023 13:52:41 +0000
ROA not before: Sat 15 Apr 2023 13:52:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Apr 2023 07:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:85:30:82:2c:81:bb:b0:35:24:85:59:4a:5b:d6:52:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 15 13:52:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c96af6707f5cbeaf8d70c3b54f275282c2099dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:80:b4:ca:c2:7f:0f:fe:ea:df:ee:9c:1d:10:
a6:d4:01:59:c4:de:22:64:1a:d6:47:dd:fe:b2:60:
6d:94:fd:41:17:5d:2f:6b:f6:ca:71:90:24:ee:0f:
bc:5e:43:9a:4a:ab:d1:48:1b:ef:57:c0:a1:72:3b:
ed:2b:ff:25:79:b4:2f:2f:7b:1f:0e:4c:d0:da:f2:
1d:c7:3b:1e:bb:7a:40:e8:33:11:8b:13:17:d5:10:
c9:86:89:73:0c:70:2f:0c:39:08:2c:c7:28:ef:28:
85:bd:01:a5:3d:7b:d9:00:64:ba:d2:0a:c2:4b:a3:
5c:21:a5:c7:9d:21:cb:eb:b6:70:fc:06:36:6a:3b:
71:0c:cb:09:67:fe:bf:86:d7:11:ab:c2:78:33:51:
fc:a9:85:cd:3d:bf:56:38:0f:0e:68:23:ab:d1:1e:
57:b8:df:4e:e3:ad:8c:7b:ac:90:6b:64:ab:70:8e:
2d:4a:ed:d8:5c:8b:33:be:98:f3:92:5e:ff:35:6a:
5f:1f:9b:02:4f:ab:a6:7c:bf:20:e5:78:db:4a:98:
e0:e3:79:f8:03:8f:2c:d7:c6:d0:0f:a6:c5:7d:d5:
56:5b:33:2a:4b:34:83:35:0d:c6:f0:bb:41:f1:ce:
08:58:6c:af:81:d2:58:79:13:24:e1:45:26:5c:4a:
66:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:96:AF:67:07:F5:CB:EA:F8:D7:0C:3B:54:F2:75:28:2C:20:99:DD
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TJavZwf1y-r41ww7VPJ1KCwgmd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.67.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.90.0/24
84.32.108.0/23
84.32.148.0-84.32.154.255
84.32.156.0/24
84.32.158.0/23
84.32.174.0/23
84.32.177.0-84.32.179.255
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.224.255
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0-84.32.253.255
88.216.1.0/24
88.216.3.0/24
88.216.16.0/24
88.216.21.0/24
88.216.32.0/24
88.216.35.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.93.0/24
88.216.103.0/24
88.216.111.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.183.0/24
88.216.185.0/24
88.216.189.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:02:f3:66:65:d6:87:1b:11:e3:d6:0c:8a:a4:01:3e:70:32:
07:da:a3:ff:7d:a9:3e:1d:12:2e:af:2a:a8:62:3b:23:70:e6:
ad:c5:c6:81:1a:a7:a3:98:3d:42:4b:21:28:df:0e:eb:ce:fc:
65:90:b3:95:2c:59:08:f2:8f:e8:c1:8b:94:b2:59:6b:6a:13:
f9:a1:bd:8a:a2:11:97:0f:9a:b5:51:de:04:05:12:47:a0:db:
29:53:b1:ca:0e:0b:2b:d7:9d:28:38:3b:a9:86:17:16:ad:61:
eb:18:49:35:49:53:ae:3a:6c:91:d8:e7:69:87:3c:d4:77:15:
f6:3e:6a:a3:a7:09:df:b8:9a:72:cb:09:e2:11:a4:bf:85:c4:
82:09:4e:20:fd:25:8a:4d:ca:b6:e2:49:29:0e:86:87:a1:e9:
6b:2b:cd:8c:2a:96:cc:bc:c9:af:22:0f:13:ea:10:7a:9d:02:
6b:b9:80:44:1d:24:5a:8b:13:a8:32:28:d8:e5:c8:8d:0c:9d:
04:ae:98:d1:07:7f:27:cb:49:94:f6:e9:c2:5a:af:df:51:31:
cb:da:39:99:10:92:f9:24:a9:f9:76:f5:4a:8b:cc:c1:23:4a:
c3:7d:a0:45:80:58:0f:3a:7a:53:90:47:0b:df:4a:67:85:30:
53:65:e8:6c
-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgISAYeFMIIsgbuwNSSFWUpb1lLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDE1MTM1MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzk2YWY2NzA3ZjVjYmVhZjhkNzBjM2I1NGYyNzUyODJjMjA5OWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoC0ysJ/D/7q3+6cHRCm1AFZxN4i
ZBrWR93+smBtlP1BF10va/bKcZAk7g+8XkOaSqvRSBvvV8ChcjvtK/8lebQvL3sf
DkzQ2vIdxzseu3pA6DMRixMX1RDJholzDHAvDDkILMco7yiFvQGlPXvZAGS60grC
S6NcIaXHnSHL67Zw/AY2ajtxDMsJZ/6/htcRq8J4M1H8qYXNPb9WOA8OaCOr0R5X
uN9O462Me6yQa2SrcI4tSu3YXIszvpjzkl7/NWpfH5sCT6umfL8g5XjbSpjg43n4
A48s18bQD6bFfdVWWzMqSzSDNQ3G8LtB8c4IWGyvgdJYeRMk4UUmXEpmVwIDAQAB
o4IDaTCCA2UwHQYDVR0OBBYEFEyWr2cH9cvq+NcMO1TydSgsIJndMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVEphdlp3ZjF5LXI0MXd3N1ZQSjFLQ3dnbWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfQYIKwYBBQUHAQcBAf8EggFsMIIBaDCCAWQEAgABMIIB
XAMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgLgMEAFQgOQMEAFQgPAMEAFQgQwMEAFQg
TQMEAFQgTwMEAFQgWAMEAFQgWgMEAVQgbDAMAwQCVCCUAwQAVCCaAwQAVCCcAwQB
VCCeAwQBVCCuMAwDBABUILEDBAJUILADBABUINQDBAFUINYDBABUINoDBABUIN0w
DAMEAFQg3wMEAFQg4DAMAwQAVCDnAwQAVCDoAwQAVCDrMAwDBABUIO8DBABUIPAw
DAMEAVQg8gMEAVQg9DAMAwQBVCD6AwQBVCD8AwQAWNgBAwQAWNgDAwQAWNgQAwQA
WNgVAwQAWNggAwQAWNgjAwQBWNgsMAwDBANY2DgDBAFY2EADBABY2F0DBABY2GcD
BABY2G8DBABY2IAwDAMEAVjYggMEAFjYhAMEAFjYtwMEAFjYuQMEAFjYvQMEAljY
1AMEAFjY3AMEAljY6DANBgkqhkiG9w0BAQsFAAOCAQEAKgLzZmXWhxsR49YMiqQB
PnAyB9qj/32pPh0SLq8qqGI7I3DmrcXGgRqno5g9QkshKN8O6878ZZCzlSxZCPKP
6MGLlLJZa2oT+aG9iqIRlw+atVHeBAUSR6DbKVOxyg4LK9edKDg7qYYXFq1h6xhJ
NUlTrjpskdjnaYc81HcV9j5qo6cJ37iacssJ4hGkv4XEgglOIP0lik3KtuJJKQ6G
h6HpayvNjCqWzLzJryIPE+oQep0Ca7mARB0kWosTqDIo2OXIjQydBK6Y0Qd/J8tJ
lPbpwlqv31Exy9o5mRCS+SSp+Xb1SovMwSNKw32gRYBYDzp6U5BHC99KZ4UwU2Xo
bA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org