Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/bfjhSw2ExWr2FdoLraqsVjjHAew.roa
File: bfjhSw2ExWr2FdoLraqsVjjHAew.roa (raw, json)
Hash identifier: po4b7PV0KJAz6oWznXzYSE2z6H3Qubu0X7JhzWBxRjU=
Subject key identifier: 6D:F8:E1:4B:0D:84:C5:6A:F6:15:DA:0B:AD:AA:AC:56:38:C7:01:EC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01865523D7F318D8AD38C466A646803A1102
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/bfjhSw2ExWr2FdoLraqsVjjHAew.roa
Signing time: Wed 15 Feb 2023 12:54:17 +0000
ROA not before: Wed 15 Feb 2023 12:54:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.190.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
88.216.108.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.109.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:23:d7:f3:18:d8:ad:38:c4:66:a6:46:80:3a:11:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 15 12:54:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6df8e14b0d84c56af615da0badaaac5638c701ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3e:89:96:c5:db:e6:ce:e5:48:c4:5f:7f:6d:
2f:6d:24:f6:9c:ca:77:ca:40:00:9c:e3:5e:d3:c5:
cd:d1:12:76:3c:d4:8d:6f:2b:53:97:6d:88:f7:f8:
ae:81:d4:54:ea:33:5c:28:01:f1:8d:78:c8:f7:de:
ff:2c:65:f4:fa:05:bb:d9:08:8b:58:5b:bb:53:4e:
cc:69:b7:58:cc:ee:fe:45:0b:7c:a3:3d:8d:ee:92:
80:dd:8e:17:0e:c0:86:68:41:6a:e0:85:e5:76:c3:
1b:a3:b9:34:d9:48:20:61:d9:bc:fd:b5:b9:a7:65:
0d:ca:99:78:04:58:6b:17:a1:60:d4:7b:3e:4a:a1:
b9:be:47:8b:e2:ed:4d:68:75:ec:5e:46:f1:5c:67:
87:e5:2f:2b:74:2f:e6:fe:8e:85:45:3c:35:96:b8:
cc:88:fd:8d:ad:d5:41:32:e3:14:2f:c8:6e:ad:ad:
b6:d7:59:a0:a3:fb:00:f2:0a:f8:ab:d2:03:1d:f7:
32:c1:b3:cf:c3:b5:2d:95:b7:e9:55:ec:25:23:20:
06:c0:44:ac:86:ae:99:3c:3c:10:b4:41:e3:80:4f:
36:8f:1a:af:a7:8c:b5:53:52:b8:c6:8c:93:fc:21:
7f:9b:c8:10:13:3e:b9:44:70:e3:f2:57:f5:e8:51:
0e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F8:E1:4B:0D:84:C5:6A:F6:15:DA:0B:AD:AA:AC:56:38:C7:01:EC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/bfjhSw2ExWr2FdoLraqsVjjHAew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.76.0/23
84.32.79.0/24
84.32.109.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.220.0-84.32.222.255
84.32.240.0/24
84.32.242.0/23
84.32.252.0/23
88.216.17.0/24
88.216.93.0/24
88.216.108.0/24
88.216.128.0/23
88.216.132.0-88.216.134.255
88.216.190.0/24
88.216.213.0/24
88.216.215.0/24
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:b7:41:3d:45:05:ea:99:4e:ad:bd:39:fa:3f:c0:e4:4e:e2:
7c:7a:56:5f:ee:da:55:15:aa:53:2e:72:fc:ae:86:04:7e:c2:
14:35:93:a0:2f:91:7f:d1:0f:26:5a:f3:ba:7e:b3:e3:3a:a2:
ea:b4:00:6b:bf:a6:fd:22:7b:5e:e5:db:aa:a2:6a:e8:22:97:
dd:4b:cc:31:e3:11:a4:89:fd:73:d1:de:8f:db:84:7c:ac:42:
b6:90:95:38:d4:c7:48:e1:c4:a7:99:16:7c:96:4b:62:5f:4f:
00:bf:ec:1f:04:cf:0c:f0:8d:8b:77:08:c4:9c:25:38:53:72:
28:94:d6:f8:a8:f6:c4:53:2c:83:9d:54:cf:d2:bc:1a:62:ef:
30:77:f2:d1:fa:48:00:6d:e6:e5:57:7d:3b:a4:f4:f1:a4:de:
f9:b5:4b:7c:41:ef:f9:52:97:cc:2b:50:07:93:4a:16:95:11:
af:1e:33:de:fd:af:6d:fe:2b:63:8a:f0:24:ef:e3:ba:97:9a:
fa:db:b1:be:f6:49:e5:64:37:99:75:41:05:29:2a:57:fc:d1:
54:41:6a:ad:29:98:04:36:23:7e:1b:87:b0:7d:ec:63:99:e8:
85:38:6a:86:3b:5a:42:f1:5f:bf:28:01:cc:1f:8b:94:82:5c:
59:c8:8c:21
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYZVI9fzGNitOMRmpkaAOhECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjE1MTI1NDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGY4ZTE0YjBkODRjNTZhZjYxNWRhMGJhZGFhYWM1NjM4YzcwMWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjz6JlsXb5s7lSMRff20vbST2nMp3
ykAAnONe08XN0RJ2PNSNbytTl22I9/iugdRU6jNcKAHxjXjI997/LGX0+gW72QiL
WFu7U07MabdYzO7+RQt8oz2N7pKA3Y4XDsCGaEFq4IXldsMbo7k02UggYdm8/bW5
p2UNypl4BFhrF6Fg1Hs+SqG5vkeL4u1NaHXsXkbxXGeH5S8rdC/m/o6FRTw1lrjM
iP2NrdVBMuMUL8hura2211mgo/sA8gr4q9IDHfcywbPPw7UtlbfpVewlIyAGwESs
hq6ZPDwQtEHjgE82jxqvp4y1U1K4xoyT/CF/m8gQEz65RHDj8lf16FEOiwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFG344UsNhMVq9hXaC62qrFY4xwHsMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYmZqaFN3MkV4V3IyRmRvTHJhcXNWampIQWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAJU
IBgDBABUIB4DBABUIC4DBAFUIEwDBABUIE8DBABUIG0DBABUILMDBABUINQDBAFU
INYDBABUINowDAMEAlQg3AMEAFQg3gMEAFQg8AMEAVQg8gMEAVQg/AMEAFjYEQME
AFjYXQMEAFjYbAMEAVjYgDAMAwQCWNiEAwQAWNiGAwQAWNi+AwQAWNjVAwQAWNjX
AwQAWNjcMA0GCSqGSIb3DQEBCwUAA4IBAQAct0E9RQXqmU6tvTn6P8DkTuJ8elZf
7tpVFapTLnL8roYEfsIUNZOgL5F/0Q8mWvO6frPjOqLqtABrv6b9Inte5duqomro
IpfdS8wx4xGkif1z0d6P24R8rEK2kJU41MdI4cSnmRZ8lktiX08Av+wfBM8M8I2L
dwjEnCU4U3IolNb4qPbEUyyDnVTP0rwaYu8wd/LR+kgAbeblV307pPTxpN75tUt8
Qe/5UpfMK1AHk0oWlRGvHjPe/a9t/itjivAk7+O6l5r627G+9knlZDeZdUEFKSpX
/NFUQWqtKZgENiN+G4ewfexjmeiFOGqGO1pC8V+/KAHMH4uUglxZyIwh
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:31 2023 by rpki-client on console-ams.rpki-client.org