Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Yawd7r4nAUgbu8HekvcbuKcYOBI.roa
File: Yawd7r4nAUgbu8HekvcbuKcYOBI.roa (raw, json)
Hash identifier: HLvZ/plHelgoQWwzA57uDYxV2ErLiggEve8eRWl9Tgw=
Subject key identifier: 61:AC:1D:EE:BE:27:01:48:1B:BB:C1:DE:92:F7:1B:B8:A7:18:38:12
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018BB7DCB9C68F6C881A060B562F54A34D38
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Yawd7r4nAUgbu8HekvcbuKcYOBI.roa
Signing time: Fri 10 Nov 2023 06:12:57 +0000
ROA not before: Fri 10 Nov 2023 06:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.182.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.208.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
84.32.236.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
84.32.249.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.178.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Nov 2023 15:04:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b7:dc:b9:c6:8f:6c:88:1a:06:0b:56:2f:54:a3:4d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 10 06:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61ac1deebe2701481bbbc1de92f71bb8a7183812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:c5:0c:3c:c0:09:9e:66:ee:b3:55:24:fc:
51:38:cd:38:25:f9:95:25:73:08:a5:ec:e1:7e:96:
2f:a1:b5:f5:a2:e3:ed:f6:d5:da:c6:09:67:54:54:
00:69:6c:e3:2d:ab:1d:f2:17:02:43:7f:b9:51:03:
c7:83:4a:88:2a:96:af:74:d0:0b:e7:8b:a1:df:f2:
a5:f0:3f:9b:4e:bf:eb:7a:6f:a4:a1:44:4b:24:8f:
26:e8:01:2f:70:3a:6e:62:c4:0f:a7:63:08:81:17:
46:45:1f:d0:f0:1a:b2:f5:05:e0:04:c9:ce:36:36:
1c:d2:03:8c:c1:de:b6:50:55:a5:bb:05:97:82:f5:
19:df:4e:cd:48:97:31:e4:cf:d9:11:84:3c:3f:15:
9b:56:ad:f5:36:b5:b2:d0:f8:49:0a:80:ae:3f:0c:
3d:b1:4e:0f:ba:46:4f:ca:8e:8e:44:1d:ae:73:b3:
8d:6b:a9:5b:9a:21:f3:4a:01:38:26:a8:2d:07:98:
72:79:23:3f:23:31:47:13:19:b3:ad:8c:62:6e:8a:
9c:75:84:e5:47:46:99:89:62:9a:f8:59:4b:a0:53:
ae:c4:1f:c7:9f:23:a8:16:74:c4:cd:b3:e3:b1:4f:
27:2d:5e:51:fe:9c:15:f2:1e:22:19:f8:d8:be:42:
83:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:AC:1D:EE:BE:27:01:48:1B:BB:C1:DE:92:F7:1B:B8:A7:18:38:12
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Yawd7r4nAUgbu8HekvcbuKcYOBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.66.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.177.0-84.32.179.255
84.32.210.0/24
84.32.214.0/23
84.32.236.0/24
84.32.244.0/22
84.32.249.0/24
88.216.22.0/23
88.216.43.0-88.216.45.255
88.216.93.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.180.0/24
88.216.182.0/23
88.216.187.0-88.216.189.255
88.216.191.0/24
88.216.197.0-88.216.198.255
88.216.208.0/24
88.216.211.0-88.216.215.255
88.216.228.0/22
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:5f:95:65:73:95:9d:4e:4a:cf:17:65:13:a0:b8:b3:30:cc:
fb:c5:74:0a:1b:61:b0:6e:2b:69:bc:cc:0a:0c:cc:d5:42:a2:
6a:4c:6e:a4:32:17:7f:96:60:e0:6a:51:d3:80:06:8a:30:85:
43:1b:c3:da:73:1c:a4:d0:d2:44:2e:df:7e:36:90:12:fb:bc:
ff:05:b1:23:5d:53:a5:c0:72:ec:2a:a5:22:3d:cf:42:f4:ea:
85:e5:be:a9:b0:92:25:a7:07:ab:fb:0d:ae:bb:2f:e1:e1:24:
a2:7b:0b:03:c2:ef:2c:3b:5b:21:bd:81:06:2b:18:fa:7b:31:
10:24:3b:61:3c:0f:a5:b0:f8:03:86:bf:20:e1:aa:bd:f9:f7:
c4:45:f9:4b:cc:cc:9d:cb:15:fa:c9:81:d2:d0:90:ec:f9:2a:
94:64:f9:e1:6c:f3:e5:99:75:a4:a8:c3:7a:4b:68:1c:f9:88:
74:de:f9:38:3b:8f:65:73:70:38:34:ec:8e:c3:a9:9e:2a:db:
4c:e9:eb:c1:22:4a:32:fc:04:8f:96:d2:35:e3:a3:93:09:10:
0d:f5:bf:a5:9f:be:61:c1:bb:df:06:c4:21:cc:39:54:a9:5b:
55:ec:51:fe:e5:9b:74:07:d0:65:35:c7:bb:82:6e:22:4d:ea:
bd:99:ef:fb
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAYu33LnGj2yIGgYLVi9Uo004MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMTEwMDYxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWFjMWRlZWJlMjcwMTQ4MWJiYmMxZGU5MmY3MWJiOGE3MTgzODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV/FDDzACZ5m7rNVJPxROM04JfmV
JXMIpezhfpYvobX1ouPt9tXaxglnVFQAaWzjLasd8hcCQ3+5UQPHg0qIKpavdNAL
54uh3/Kl8D+bTr/rem+koURLJI8m6AEvcDpuYsQPp2MIgRdGRR/Q8Bqy9QXgBMnO
NjYc0gOMwd62UFWluwWXgvUZ307NSJcx5M/ZEYQ8PxWbVq31NrWy0PhJCoCuPww9
sU4PukZPyo6ORB2uc7ONa6lbmiHzSgE4JqgtB5hyeSM/IzFHExmzrYxiboqcdYTl
R0aZiWKa+FlLoFOuxB/HnyOoFnTEzbPjsU8nLV5R/pwV8h4iGfjYvkKDLQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFGGsHe6+JwFIG7vB3pL3G7inGDgSMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWWF3ZDdyNG5BVWdidThIZWt2Y2J1S2NZT0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBABU
IAgwDAMEAlQgFAMEAlQgGAMEAVQgLgMEAFQgQgMEAFQgXwMEAlQglAMEAVQgrjAM
AwQAVCCxAwQCVCCwAwQAVCDSAwQBVCDWAwQAVCDsAwQCVCD0AwQAVCD5AwQBWNgW
MAwDBABY2CsDBAFY2CwDBABY2F0wDAMEAVjYggMEAFjYhAMEAVjYhgMEAFjYtAME
AVjYtjAMAwQAWNi7AwQBWNi8AwQAWNi/MAwDBABY2MUDBABY2MYDBABY2NAwDAME
AFjY0wMEA1jY0AMEAljY5AMEAljY7DANBgkqhkiG9w0BAQsFAAOCAQEAHV+VZXOV
nU5KzxdlE6C4szDM+8V0ChthsG4rabzMCgzM1UKiakxupDIXf5Zg4GpR04AGijCF
QxvD2nMcpNDSRC7ffjaQEvu8/wWxI11TpcBy7CqlIj3PQvTqheW+qbCSJacHq/sN
rrsv4eEkonsLA8LvLDtbIb2BBisY+nsxECQ7YTwPpbD4A4a/IOGqvfn3xEX5S8zM
ncsV+smB0tCQ7PkqlGT54Wzz5Zl1pKjDektoHPmIdN75ODuPZXNwODTsjsOpnirb
TOnrwSJKMvwEj5bSNeOjkwkQDfW/pZ++YcG73wbEIcw5VKlbVexR/uWbdAfQZTXH
u4JuIk3qvZnv+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org