Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WQ9WjZCiHbL9hCUvLc_tvriyMs0.roa
File: WQ9WjZCiHbL9hCUvLc_tvriyMs0.roa (raw, json)
Hash identifier: 94azFtkVTdWUZ1jwLa+6xGe6pSdS5QxkNb1gHw36uYI=
Subject key identifier: 59:0F:56:8D:90:A2:1D:B2:FD:84:25:2F:2D:CF:ED:BE:B8:B2:32:CD
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018BA9689CA928D8A83728C871D693011DC5
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WQ9WjZCiHbL9hCUvLc_tvriyMs0.roa
Signing time: Tue 07 Nov 2023 10:51:27 +0000
ROA not before: Tue 07 Nov 2023 10:51:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.182.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.208.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
84.32.236.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
84.32.249.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.178.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Nov 2023 12:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:68:9c:a9:28:d8:a8:37:28:c8:71:d6:93:01:1d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 7 10:51:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=590f568d90a21db2fd84252f2dcfedbeb8b232cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:12:f7:bf:d2:8e:ba:a4:4a:21:15:b1:73:b5:
c2:bd:76:8a:a7:8d:b2:99:4e:d2:7e:86:d8:50:75:
ca:bd:2e:17:a8:9b:60:60:eb:ef:65:0f:47:3e:f9:
9d:86:b1:ba:28:e0:ef:87:ee:64:ab:8d:be:d0:a9:
b1:37:16:f4:e6:f1:7a:cd:7b:1c:25:58:ad:e4:69:
af:5e:a1:e2:d5:e0:cc:6c:b2:f3:af:09:de:41:39:
a1:45:1d:e9:0a:af:0e:d7:32:a4:67:18:b9:2d:67:
5a:1a:91:51:61:90:0f:01:99:89:cc:c6:ed:d3:80:
a6:6e:43:57:ad:06:c7:f0:f5:d1:18:84:ee:7c:2d:
7b:6d:ae:06:94:90:ab:f2:fa:5b:e7:14:37:5b:04:
8e:ab:6b:a0:cb:67:5e:f2:9f:b6:19:cb:bc:3b:ab:
7a:9c:3e:a8:ce:93:d2:0c:78:6b:da:ff:a2:86:25:
60:c7:07:96:bd:14:bd:e6:38:be:65:28:92:ee:09:
dc:69:90:e5:0c:94:c3:3b:92:24:6d:93:90:ac:a1:
c4:0f:93:6f:a0:7a:89:89:26:76:ab:8b:34:af:3e:
b3:b3:14:01:d3:fe:21:54:cd:58:31:a1:ab:34:16:
16:f0:f5:b9:cc:f1:f2:40:b3:37:07:a4:5f:94:ac:
5d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:0F:56:8D:90:A2:1D:B2:FD:84:25:2F:2D:CF:ED:BE:B8:B2:32:CD
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WQ9WjZCiHbL9hCUvLc_tvriyMs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.66.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.210.0/24
84.32.214.0/23
84.32.236.0/24
84.32.244.0/22
84.32.249.0/24
88.216.22.0/23
88.216.43.0-88.216.45.255
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.180.0/24
88.216.182.0/23
88.216.187.0-88.216.189.255
88.216.191.0/24
88.216.197.0-88.216.198.255
88.216.208.0/24
88.216.211.0-88.216.215.255
88.216.223.0/24
88.216.228.0/22
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:79:53:34:16:da:f8:d2:d7:44:08:03:ab:e3:b7:d4:9e:83:
ae:7d:d8:3b:ed:e0:2d:6b:9d:fb:89:56:fd:3d:b6:d5:8b:76:
d9:92:4f:d2:d9:58:a3:72:ea:b1:4b:64:59:80:a7:5e:10:d0:
81:a9:f3:77:73:9f:01:07:77:eb:95:98:df:34:9b:b8:2b:e6:
cc:df:56:58:5e:a5:96:9c:31:1e:98:b3:6c:07:e0:89:ed:b3:
72:d5:8f:6c:48:4e:1d:06:3a:32:a0:7d:40:4d:82:c2:e4:9b:
3b:f4:44:05:95:fb:42:7c:b0:44:22:88:1f:a7:71:9b:e6:ed:
5c:ae:44:df:91:93:7a:1b:6d:6f:6f:db:24:76:1f:51:8e:9a:
4b:d7:5b:16:f7:64:f5:ed:f9:f0:ef:6b:71:78:e4:7a:e5:e2:
4f:b9:ee:b4:a3:f5:2b:6c:31:4e:ce:c6:fe:2d:3f:b6:f2:a6:
e4:1c:b9:cc:f9:60:71:f5:56:e0:36:1a:bd:6c:68:f8:a1:10:
b5:c8:41:92:d7:85:92:cb:50:c4:e7:e0:fb:fa:89:4a:f3:90:
26:fc:cc:aa:3d:05:23:0e:ac:20:c6:6b:ca:32:8f:20:66:0b:
7e:62:e3:72:97:30:46:20:97:a3:bf:79:52:8f:4e:a0:e9:29:
e7:d6:ef:bb
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYupaJypKNioNyjIcdaTAR3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMTA3MTA1MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTBmNTY4ZDkwYTIxZGIyZmQ4NDI1MmYyZGNmZWRiZWI4YjIzMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRL3v9KOuqRKIRWxc7XCvXaKp42y
mU7SfobYUHXKvS4XqJtgYOvvZQ9HPvmdhrG6KODvh+5kq42+0KmxNxb05vF6zXsc
JVit5GmvXqHi1eDMbLLzrwneQTmhRR3pCq8O1zKkZxi5LWdaGpFRYZAPAZmJzMbt
04CmbkNXrQbH8PXRGITufC17ba4GlJCr8vpb5xQ3WwSOq2ugy2de8p+2Gcu8O6t6
nD6ozpPSDHhr2v+ihiVgxweWvRS95ji+ZSiS7gncaZDlDJTDO5IkbZOQrKHED5Nv
oHqJiSZ2q4s0rz6zsxQB0/4hVM1YMaGrNBYW8PW5zPHyQLM3B6RflKxdXQIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFFkPVo2Qoh2y/YQlLy3P7b64sjLNMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvV1E5V2paQ2lIYkw5aENVdkxjX3R2cml5TXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgDBABU
IAgwDAMEAlQgFAMEAlQgGAMEAVQgLgMEAFQgQgMEAFQgXwMEAlQglAMEAVQgrgME
AVQgsgMEAFQg0gMEAVQg1gMEAFQg7AMEAlQg9AMEAFQg+QMEAVjYFjAMAwQAWNgr
AwQBWNgsAwQAWNhdMAwDBAFY2IIDBABY2IQDBAFY2IYDBABY2LQDBAFY2LYwDAME
AFjYuwMEAVjYvAMEAFjYvzAMAwQAWNjFAwQAWNjGAwQAWNjQMAwDBABY2NMDBANY
2NADBABY2N8DBAJY2OQDBAJY2OwwDQYJKoZIhvcNAQELBQADggEBADx5UzQW2vjS
10QIA6vjt9Seg6592Dvt4C1rnfuJVv09ttWLdtmST9LZWKNy6rFLZFmAp14Q0IGp
83dznwEHd+uVmN80m7gr5szfVlhepZacMR6Ys2wH4Ints3LVj2xITh0GOjKgfUBN
gsLkmzv0RAWV+0J8sEQiiB+ncZvm7VyuRN+Rk3obbW9v2yR2H1GOmkvXWxb3ZPXt
+fDva3F45Hrl4k+57rSj9StsMU7Oxv4tP7bypuQcucz5YHH1VuA2Gr1saPihELXI
QZLXhZLLUMTn4Pv6iUrzkCb8zKo9BSMOrCDGa8oyjyBmC35i43KXMEYgl6O/eVKP
TqDpKefW77s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org