Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/U-9CF61U8qbei4EEc42HuvYd5L8.roa
File: U-9CF61U8qbei4EEc42HuvYd5L8.roa (raw, json)
Hash identifier: lozauosUzmy/sBpNJSfTY6IDOxODyE8fGSpknekzfTY=
Subject key identifier: 53:EF:42:17:AD:54:F2:A6:DE:8B:81:04:73:8D:87:BA:F6:1D:E4:BF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018863FD9BD222978196E86BAF5D11151BC9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/U-9CF61U8qbei4EEc42HuvYd5L8.roa
Signing time: Sun 28 May 2023 20:12:24 +0000
ROA not before: Sun 28 May 2023 20:12:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.208.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 May 2023 20:18:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:63:fd:9b:d2:22:97:81:96:e8:6b:af:5d:11:15:1b:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 28 20:12:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53ef4217ad54f2a6de8b8104738d87baf61de4bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:eb:ca:52:c2:30:67:a1:f8:47:d4:d4:a0:17:
9f:70:a8:64:4a:ea:75:a9:1c:15:18:3b:80:2d:e7:
a1:c0:4c:92:07:c2:33:93:89:15:69:7e:60:75:bc:
66:84:3d:e3:45:75:49:c0:9f:df:60:80:45:3c:9e:
86:aa:73:6a:86:ae:6a:eb:60:a9:8c:bf:e0:89:aa:
a2:f3:51:c3:9a:f2:67:2a:c3:5a:a1:87:da:3c:2f:
89:87:7a:6d:3e:4d:28:6e:52:27:4e:b3:92:f7:77:
66:e3:19:d3:68:81:09:78:05:97:be:b0:65:a4:37:
45:43:81:75:e2:9b:b6:58:9c:b9:3c:3d:d8:82:d0:
54:65:fb:cd:cc:59:21:7d:b3:27:04:a8:1d:56:47:
fb:51:16:0f:b5:3f:4f:05:27:08:2c:6b:79:c4:ac:
a3:b8:5e:e3:21:5b:27:47:fa:7c:66:f7:5b:16:ca:
53:c5:9b:b8:78:65:5a:da:ba:a0:4e:bb:fa:0f:3e:
c0:91:3f:2d:b6:8e:c4:fc:69:fb:05:4c:51:81:9a:
0a:61:f3:d0:2c:59:d6:da:1f:2d:f8:80:8e:ac:9f:
79:26:0d:4f:b4:9b:42:d5:e0:a3:15:38:4e:ba:53:
03:7e:ca:70:58:74:ec:3d:92:20:01:11:dc:60:a2:
c9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EF:42:17:AD:54:F2:A6:DE:8B:81:04:73:8D:87:BA:F6:1D:E4:BF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/U-9CF61U8qbei4EEc42HuvYd5L8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.30.0/24
84.32.46.0/24
84.32.60.0/24
84.32.67.0-84.32.68.255
84.32.70.0/24
84.32.77.0/24
84.32.79.0/24
84.32.89.0/24
84.32.110.0/24
84.32.148.0/22
84.32.158.0/23
84.32.177.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.224.0/23
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.242.0/23
84.32.250.0-84.32.253.255
88.216.0.0/22
88.216.16.0/24
88.216.19.0/24
88.216.32.0/24
88.216.35.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.100.0/24
88.216.111.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.180.0/24
88.216.183.0/24
88.216.188.0/23
88.216.197.0/24
88.216.208.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/21
Signature Algorithm: sha256WithRSAEncryption
52:fa:2b:fd:72:0b:3b:f3:8b:7f:09:6a:86:cd:b7:79:04:62:
a4:4f:a0:62:4c:9f:1e:a3:f4:1b:aa:4b:d0:23:23:f6:e3:33:
e8:07:a4:61:6c:43:67:e5:b7:65:a1:2f:1e:cf:ed:d8:20:cd:
4b:9d:a8:34:3c:42:fb:ab:d5:03:c5:a5:9f:40:99:b7:47:05:
15:02:10:55:33:3a:d8:07:84:b3:a1:23:49:c9:25:54:c1:5f:
76:1e:ae:bb:10:59:85:fe:64:06:33:5a:22:64:93:9d:86:1b:
25:20:31:b2:36:37:4a:36:e1:20:83:9d:c0:0c:af:af:b4:76:
35:5e:a3:0b:a8:8b:81:91:2b:24:dd:15:93:77:f9:5e:4c:b2:
ba:51:e2:37:d9:86:31:9c:22:09:ce:a3:cc:fb:4a:98:c1:e8:
d2:61:b9:42:ce:bd:7e:3e:7a:a7:e7:2e:61:94:2b:da:6a:42:
96:4f:b6:76:d1:a0:b4:d0:a7:7d:a6:fe:59:fa:9d:e4:fd:59:
97:ce:8c:9d:e4:a3:27:e8:6e:d8:2b:af:0a:cc:0c:88:7f:c6:
35:ea:c4:ff:3b:ce:69:06:d6:93:a1:41:51:1b:34:16:1e:99:
3c:95:26:25:66:4e:23:03:2d:76:80:42:08:04:91:8a:a7:76:
c4:76:ff:a8
-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgISAYhj/ZvSIpeBluhrr10RFRvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTI4MjAxMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2VmNDIxN2FkNTRmMmE2ZGU4YjgxMDQ3MzhkODdiYWY2MWRlNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuevKUsIwZ6H4R9TUoBefcKhkSup1
qRwVGDuALeehwEySB8Izk4kVaX5gdbxmhD3jRXVJwJ/fYIBFPJ6GqnNqhq5q62Cp
jL/giaqi81HDmvJnKsNaoYfaPC+Jh3ptPk0oblInTrOS93dm4xnTaIEJeAWXvrBl
pDdFQ4F14pu2WJy5PD3YgtBUZfvNzFkhfbMnBKgdVkf7URYPtT9PBScILGt5xKyj
uF7jIVsnR/p8ZvdbFspTxZu4eGVa2rqgTrv6Dz7AkT8tto7E/Gn7BUxRgZoKYfPQ
LFnW2h8t+ICOrJ95Jg1PtJtC1eCjFThOulMDfspwWHTsPZIgARHcYKLJHQIDAQAB
o4IDRzCCA0MwHQYDVR0OBBYEFFPvQhetVPKm3ouBBHONh7r2HeS/MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVS05Q0Y2MVU4cWJlaTRFRWM0Mkh1dllkNUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWwYIKwYBBQUHAQcBAf8EggFKMIIBRjCCAUIEAgABMIIB
OgMEAFQgCDAMAwQCVCAUAwQCVCAYAwQAVCAeAwQAVCAuAwQAVCA8MAwDBABUIEMD
BABUIEQDBABUIEYDBABUIE0DBABUIE8DBABUIFkDBABUIG4DBAJUIJQDBAFUIJ4D
BABUILEDBABUINQDBAFUINYDBABUINoDBABUIN0DBAFUIOAwDAMEAFQg5wMEAFQg
6AMEAFQg6zAMAwQAVCDvAwQAVCDwAwQBVCDyMAwDBAFUIPoDBAFUIPwDBAJY2AAD
BABY2BADBABY2BMDBABY2CADBABY2CMDBAFY2CwwDAMEA1jYOAMEAVjYQAMEAFjY
ZAMEAFjYbzAMAwQBWNiCAwQAWNiEAwQBWNiGAwQAWNi0AwQAWNi3AwQBWNi8AwQA
WNjFAwQAWNjQAwQCWNjUAwQAWNjcAwQDWNjoMA0GCSqGSIb3DQEBCwUAA4IBAQBS
+iv9cgs784t/CWqGzbd5BGKkT6BiTJ8eo/QbqkvQIyP24zPoB6RhbENn5bdloS8e
z+3YIM1Lnag0PEL7q9UDxaWfQJm3RwUVAhBVMzrYB4SzoSNJySVUwV92Hq67EFmF
/mQGM1oiZJOdhhslIDGyNjdKNuEgg53ADK+vtHY1XqMLqIuBkSsk3RWTd/leTLK6
UeI32YYxnCIJzqPM+0qYwejSYblCzr1+Pnqn5y5hlCvaakKWT7Z20aC00Kd9pv5Z
+p3k/VmXzoyd5KMn6G7YK68KzAyIf8Y16sT/O85pBtaToUFRGzQWHpk8lSYlZk4j
Ay12gEIIBJGKp3bEdv+o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org