Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_WRWRE8aYhayLa2ghd3wfdt0-VI.roa
File: _WRWRE8aYhayLa2ghd3wfdt0-VI.roa (raw, json)
Hash identifier: B7u268g4h4YDecYKlM26SNvlRSnnrUALz8Rjie/RGKI=
Subject key identifier: FD:64:56:44:4F:1A:62:16:B2:2D:AD:A0:85:DD:F0:7D:DB:74:F9:52
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018729D6179D979F5E800B68EF7323201C45
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_WRWRE8aYhayLa2ghd3wfdt0-VI.roa
Signing time: Tue 28 Mar 2023 20:08:29 +0000
ROA not before: Tue 28 Mar 2023 20:08:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.106.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Mar 2023 06:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:29:d6:17:9d:97:9f:5e:80:0b:68:ef:73:23:20:1c:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 28 20:08:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd6456444f1a6216b22dada085ddf07ddb74f952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:98:01:b8:1c:8c:26:fa:f9:bc:b1:a2:f4:82:
a1:40:77:9f:fb:d9:be:4d:4a:98:f8:5a:23:75:7c:
5f:8a:1a:e4:10:2d:d7:92:db:00:7a:ca:b0:5a:42:
0b:9e:55:40:d5:be:fd:2d:c8:05:2a:9b:42:54:c4:
76:e4:8c:67:bc:03:76:14:03:ec:60:3c:cc:16:6a:
5a:95:da:30:2e:74:62:1b:d6:33:e4:2f:89:74:50:
43:14:bd:b5:8c:64:52:60:4a:2e:cf:87:65:67:85:
bc:66:48:43:fa:d0:78:fc:48:9a:a1:3c:f5:88:18:
af:91:9f:4c:07:87:e0:f7:a0:1d:e1:8b:5d:d0:14:
d4:35:9e:ef:fc:bd:a5:ce:eb:98:94:71:66:f8:3e:
1e:65:d9:ef:2e:9d:22:66:1d:67:6b:58:9f:3d:7e:
56:73:17:e5:63:fc:e9:26:1d:2a:d8:35:ca:ae:1c:
76:08:f3:23:dc:5c:bf:40:34:14:8d:90:61:57:a9:
fb:d0:78:04:b8:c6:05:8e:e9:2f:62:ec:d1:d0:97:
6a:96:29:e8:f1:ab:c1:bf:03:fc:ef:e1:4e:8f:dc:
a3:c7:cc:d7:d6:5b:51:d0:c0:59:a1:5f:03:88:40:
b5:09:48:f8:90:f7:1e:df:46:24:c1:2c:b5:fe:6f:
3f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:64:56:44:4F:1A:62:16:B2:2D:AD:A0:85:DD:F0:7D:DB:74:F9:52
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_WRWRE8aYhayLa2ghd3wfdt0-VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.60.0/24
84.32.71.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.106.0/24
84.32.148.0/22
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.224.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.252.0/23
88.216.1.0/24
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.186.0/24
88.216.189.0/24
88.216.215.0/24
88.216.228.0-88.216.235.255
Signature Algorithm: sha256WithRSAEncryption
49:ed:a9:32:06:63:97:58:1d:8e:8d:8b:0d:70:e6:f7:60:cb:
05:78:3f:e9:4a:f8:1a:f3:3d:43:94:f9:0f:7e:0f:67:62:8d:
ff:ed:ed:bd:4c:66:a4:67:db:59:fd:2f:2d:e6:62:65:51:1d:
33:0b:7e:6a:a4:80:87:19:06:c5:ed:df:db:2c:14:f5:3d:88:
bf:80:a4:b2:fe:b9:2c:8d:88:13:2e:a1:b5:e8:d8:24:cd:c2:
97:61:f0:ab:fe:e5:4f:dc:55:1c:ed:ea:b0:9c:3d:43:a0:ce:
98:c0:01:c2:06:74:99:1e:86:bc:a6:ad:57:86:aa:b8:72:69:
de:26:a8:e0:c1:57:e6:c7:d3:27:dd:21:c3:86:32:d2:a1:fb:
33:54:3a:28:21:1a:db:69:9d:7a:b5:aa:7a:e9:81:8b:08:40:
79:6c:96:0f:a1:7a:f6:0e:28:e0:79:dd:ec:b0:25:ef:0d:20:
8b:99:37:4b:8b:82:02:6a:f9:35:ac:03:f0:5a:f7:b2:9c:5d:
e9:68:98:98:7a:85:67:f3:6d:a1:3c:bd:e1:2f:2b:bc:25:1c:
94:1f:0d:ff:6d:67:a0:0b:24:78:19:e2:89:3d:ca:f1:99:6e:
cc:53:27:7d:e3:ed:d8:ca:2c:23:a9:a2:3c:58:f3:38:10:40:
3e:6f:cb:0e
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAYcp1hedl59egAto73MjIBxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzI4MjAwODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDY0NTY0NDRmMWE2MjE2YjIyZGFkYTA4NWRkZjA3ZGRiNzRmOTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA95gBuByMJvr5vLGi9IKhQHef+9m+
TUqY+FojdXxfihrkEC3XktsAesqwWkILnlVA1b79LcgFKptCVMR25IxnvAN2FAPs
YDzMFmpaldowLnRiG9Yz5C+JdFBDFL21jGRSYEouz4dlZ4W8ZkhD+tB4/EiaoTz1
iBivkZ9MB4fg96Ad4Ytd0BTUNZ7v/L2lzuuYlHFm+D4eZdnvLp0iZh1na1ifPX5W
cxflY/zpJh0q2DXKrhx2CPMj3Fy/QDQUjZBhV6n70HgEuMYFjukvYuzR0Jdqlino
8avBvwP87+FOj9yjx8zX1ltR0MBZoV8DiEC1CUj4kPce30YkwSy1/m8/8wIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFP1kVkRPGmIWsi2toIXd8H3bdPlSMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvX1dSV1JFOGFZaGF5TGEyZ2hkM3dmZHQwLVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCCAQUEAgABMIH+
AwQAVCAIAwQCVCAYAwQAVCAeAwQAVCAuAwQAVCA8AwQAVCBHAwQAVCBNAwQAVCBP
AwQAVCBYAwQAVCBqAwQCVCCUAwQBVCCuAwQAVCCxAwQAVCCzAwQAVCDUAwQBVCDW
AwQAVCDaAwQAVCDdAwQAVCDgAwQAVCDoMAwDBABUIO8DBABUIPAwDAMEAVQg8gME
AVQg9AMEAVQg/AMEAFjYAQMEAFjYAwMEAFjYEQMEAFjYFQMEAFjYIAMEAFjYJAME
AVjYXAMEAFjYbwMEAFjYgDAMAwQAWNiDAwQBWNiEAwQAWNi6AwQAWNi9AwQAWNjX
MAwDBAJY2OQDBAJY2OgwDQYJKoZIhvcNAQELBQADggEBAEntqTIGY5dYHY6Niw1w
5vdgywV4P+lK+BrzPUOU+Q9+D2dijf/t7b1MZqRn21n9Ly3mYmVRHTMLfmqkgIcZ
BsXt39ssFPU9iL+ApLL+uSyNiBMuobXo2CTNwpdh8Kv+5U/cVRzt6rCcPUOgzpjA
AcIGdJkehrymrVeGqrhyad4mqODBV+bH0yfdIcOGMtKh+zNUOighGttpnXq1qnrp
gYsIQHlslg+hevYOKOB53eywJe8NIIuZN0uLggJq+TWsA/Ba97KcXelomJh6hWfz
baE8veEvK7wlHJQfDf9tZ6ALJHgZ4ok9yvGZbsxTJ33j7djKLCOpojxY8zgQQD5v
yw4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:29 2024 by rpki-client on console-ams.rpki-client.org