Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VdSu-mqbQEc9DcTPQ94jvPtwJW8.roa
File: VdSu-mqbQEc9DcTPQ94jvPtwJW8.roa (raw, json)
Hash identifier: ObEAZ/KAyVw1dQkQcejvlCU+5Q2JJ+UstlTy2VKi/ZQ=
Subject key identifier: 55:D4:AE:FA:6A:9B:40:47:3D:0D:C4:CF:43:DE:23:BC:FB:70:25:6F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01864B34DCC6D08A94238362A62F02C67430
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VdSu-mqbQEc9DcTPQ94jvPtwJW8.roa
Signing time: Mon 13 Feb 2023 14:36:40 +0000
ROA not before: Mon 13 Feb 2023 14:36:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.190.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 11:27:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4b:34:dc:c6:d0:8a:94:23:83:62:a6:2f:02:c6:74:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 13 14:36:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55d4aefa6a9b40473d0dc4cf43de23bcfb70256f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9c:8c:02:30:44:4c:d2:94:fb:8f:f3:ae:4d:
e0:25:55:2c:13:c1:6c:53:83:75:f1:63:5d:be:a6:
e9:d7:4f:a3:0c:47:87:11:41:f2:85:93:d1:e4:96:
b2:7c:16:e9:ad:e8:23:27:2e:88:4c:6c:39:fb:8f:
4e:15:d1:d5:13:aa:a8:d4:72:a7:3c:72:f5:81:4b:
ff:7f:1e:e3:78:54:51:f2:79:42:f4:10:0e:e9:28:
67:ba:f9:df:21:ab:d3:a0:2a:3d:4c:53:ec:0d:7d:
a4:a4:1a:6c:1b:d5:63:22:cb:f0:f9:f8:d1:21:3d:
79:ca:18:4c:09:6a:54:cf:02:af:01:f7:57:e0:01:
0d:38:9c:56:4d:d6:03:48:8c:f6:6e:15:94:33:9a:
0f:47:6e:55:5f:94:af:ed:80:47:1d:cf:3c:38:2e:
4f:0f:bf:8b:c5:fc:a1:3c:c2:0b:9d:9e:0e:81:aa:
ab:15:1d:79:7b:50:70:21:28:da:03:ea:6b:b0:60:
d5:66:9f:db:46:9d:f5:03:97:7e:7f:1d:0c:6d:4d:
8b:f0:b4:66:6b:2b:f6:4d:f0:c5:d3:a5:c5:e6:a5:
c2:6c:f5:84:bd:e8:91:50:43:6d:ca:e6:e2:e9:9a:
77:e0:9a:a6:4d:b9:fb:31:fd:ca:0b:ec:cd:e9:cc:
70:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D4:AE:FA:6A:9B:40:47:3D:0D:C4:CF:43:DE:23:BC:FB:70:25:6F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VdSu-mqbQEc9DcTPQ94jvPtwJW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.76.0/23
84.32.79.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.220.0-84.32.222.255
84.32.240.0/24
84.32.242.0/23
84.32.252.0/23
88.216.17.0/24
88.216.93.0/24
88.216.128.0/23
88.216.132.0-88.216.134.255
88.216.190.0/24
88.216.213.0/24
88.216.215.0/24
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:4d:66:74:96:59:ed:34:99:85:c9:57:76:7b:be:5c:e2:3a:
a6:31:3c:87:7e:04:cf:a6:55:e0:21:47:dd:37:12:e1:46:86:
de:89:94:b1:75:16:0c:7f:47:97:a5:81:00:92:db:d0:4d:e5:
92:b1:25:29:ce:3e:f2:1b:bc:43:d0:5c:b3:2f:36:65:bf:ad:
43:cb:08:07:f5:37:db:5e:2a:8b:d9:ab:22:95:8d:67:69:99:
c9:bc:23:e7:aa:b8:d4:7a:68:5b:4f:2d:aa:7f:37:39:b7:26:
c9:b4:0c:de:04:68:a5:f5:dd:2c:eb:32:d6:72:06:15:0f:10:
18:43:89:ce:2e:e9:65:76:ff:23:00:17:b6:e3:01:7a:bc:20:
0f:4f:4b:e3:fb:d2:7d:46:79:0b:2e:56:b3:8b:d3:1b:88:79:
e6:16:55:61:3d:bb:4c:5f:28:f1:4c:64:3f:5b:cc:45:bb:51:
fd:1c:7e:2f:82:ad:48:b3:09:74:b2:08:19:9a:e8:e3:b5:fe:
e3:ff:d3:d8:77:95:21:9f:80:be:4c:8d:f0:8c:f9:87:a5:e2:
5c:d6:49:c9:44:de:80:79:3d:a3:ba:51:52:9c:34:17:5c:33:
a6:79:af:ec:ec:70:e3:aa:77:e9:3f:01:82:45:04:34:c6:aa:
0b:89:0a:eb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYZLNNzG0IqUI4Nipi8CxnQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjEzMTQzNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWQ0YWVmYTZhOWI0MDQ3M2QwZGM0Y2Y0M2RlMjNiY2ZiNzAyNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpyMAjBETNKU+4/zrk3gJVUsE8Fs
U4N18WNdvqbp10+jDEeHEUHyhZPR5JayfBbpregjJy6ITGw5+49OFdHVE6qo1HKn
PHL1gUv/fx7jeFRR8nlC9BAO6ShnuvnfIavToCo9TFPsDX2kpBpsG9VjIsvw+fjR
IT15yhhMCWpUzwKvAfdX4AENOJxWTdYDSIz2bhWUM5oPR25VX5Sv7YBHHc88OC5P
D7+LxfyhPMILnZ4OgaqrFR15e1BwISjaA+prsGDVZp/bRp31A5d+fx0MbU2L8LRm
ayv2TfDF06XF5qXCbPWEveiRUENtyubi6Zp34JqmTbn7Mf3KC+zN6cxwXQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFFXUrvpqm0BHPQ3Ez0PeI7z7cCVvMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVmRTdS1tcWJRRWM5RGNUUFE5NGp2UHR3Slc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAJU
IBgDBABUIB4DBABUIC4DBAFUIEwDBABUIE8DBABUILMDBABUINQDBAFUINYwDAME
AlQg3AMEAFQg3gMEAFQg8AMEAVQg8gMEAVQg/AMEAFjYEQMEAFjYXQMEAVjYgDAM
AwQCWNiEAwQAWNiGAwQAWNi+AwQAWNjVAwQAWNjXAwQAWNjcMA0GCSqGSIb3DQEB
CwUAA4IBAQA9TWZ0llntNJmFyVd2e75c4jqmMTyHfgTPplXgIUfdNxLhRobeiZSx
dRYMf0eXpYEAktvQTeWSsSUpzj7yG7xD0FyzLzZlv61DywgH9TfbXiqL2asilY1n
aZnJvCPnqrjUemhbTy2qfzc5tybJtAzeBGil9d0s6zLWcgYVDxAYQ4nOLulldv8j
ABe24wF6vCAPT0vj+9J9RnkLLlazi9MbiHnmFlVhPbtMXyjxTGQ/W8xFu1H9HH4v
gq1Iswl0sggZmujjtf7j/9PYd5Uhn4C+TI3wjPmHpeJc1knJRN6AeT2julFSnDQX
XDOmea/s7HDjqnfpPwGCRQQ0xqoLiQrr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org