Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dzc64igNsKQgitQb_ODbMKkgipg.roa
File: dzc64igNsKQgitQb_ODbMKkgipg.roa (raw, json)
Hash identifier: QHYzLNBS/pzWnVdQsbmbl3T5LVZ8G5R3aPWbWEMD774=
Subject key identifier: 77:37:3A:E2:28:0D:B0:A4:20:8A:D4:1B:FC:E0:DB:30:A9:20:8A:98
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188A0D9DBA3B749F880C2C5A0C940FB0248
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dzc64igNsKQgitQb_ODbMKkgipg.roa
Signing time: Fri 09 Jun 2023 15:50:11 +0000
ROA not before: Fri 09 Jun 2023 15:50:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.56.0/24 maxlen: 24
84.32.62.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.178.0/23 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.214.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 20:28:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:d9:db:a3:b7:49:f8:80:c2:c5:a0:c9:40:fb:02:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 9 15:50:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77373ae2280db0a4208ad41bfce0db30a9208a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ec:4d:80:20:15:d2:63:f2:92:7f:10:92:14:
3d:81:b5:99:c6:f0:33:04:5b:7e:a4:7b:a2:eb:e5:
e4:75:01:7a:aa:f3:5a:0f:e9:8d:be:07:2c:9a:5f:
0b:00:c8:dd:a5:9a:22:7f:6b:61:4e:36:e0:0e:ed:
15:21:a0:6a:2f:c5:54:7b:da:3e:6a:2c:57:ea:ee:
4d:14:3b:21:62:55:15:fd:5b:49:50:01:9a:65:20:
b8:e0:57:41:30:b8:76:c9:bc:eb:2b:43:cb:d0:50:
c9:fa:b9:f6:04:89:ac:39:3e:5e:2d:7c:0d:50:73:
05:ae:d9:ec:41:4d:63:a2:9a:47:9a:08:89:0d:52:
e6:87:78:23:7a:55:3a:1d:ab:5b:8d:0f:0f:13:65:
ac:e0:8e:72:c4:cb:53:83:a7:5e:0b:08:57:4e:e6:
0d:79:b3:03:52:42:a7:2a:0f:3c:45:44:aa:80:8c:
6f:4e:c2:e7:94:94:6a:2f:35:d2:93:a1:e6:6d:71:
1c:e4:a5:2b:20:b5:1d:cc:d7:f4:3a:2e:76:93:ee:
c7:f2:4f:d9:e8:80:7c:f4:e5:b1:6e:08:71:64:b5:
41:11:a5:fc:d2:05:67:1e:cc:d1:ac:ee:5b:d3:e2:
cc:54:cd:17:e3:08:66:60:0c:37:db:d3:ec:6e:ab:
be:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:37:3A:E2:28:0D:B0:A4:20:8A:D4:1B:FC:E0:DB:30:A9:20:8A:98
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dzc64igNsKQgitQb_ODbMKkgipg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.30.0/23
84.32.42.0/24
84.32.46.0/24
84.32.56.0/24
84.32.60.0/24
84.32.62.0/24
84.32.65.0/24
84.32.67.0-84.32.68.255
84.32.79.0/24
84.32.89.0/24
84.32.108.0-84.32.110.255
84.32.148.0/22
84.32.153.0/24
84.32.158.0/23
84.32.178.0/23
84.32.212.0/24
84.32.214.0/23
84.32.221.0/24
84.32.224.0/24
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.243.0/24
84.32.246.0/23
84.32.250.0-84.32.253.255
88.216.0.0/24
88.216.3.0/24
88.216.16.0/24
88.216.22.0/23
88.216.32.0/24
88.216.35.0/24
88.216.38.0-88.216.40.255
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.100.0/23
88.216.111.0/24
88.216.130.0/23
88.216.134.0/23
88.216.180.0/24
88.216.183.0/24
88.216.188.0/23
88.216.197.0/24
88.216.212.0/22
88.216.220.0/24
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
9b:0b:87:24:91:6b:32:f2:84:36:d1:63:ee:55:64:e1:a0:b3:
e0:e8:aa:b1:87:6d:2f:e5:f4:d1:ba:4a:89:c1:95:33:21:19:
f3:82:a7:1c:d7:8a:94:33:25:46:14:22:8d:7c:f2:7f:91:ab:
66:0b:46:76:db:bb:1c:9f:bf:11:58:c0:85:88:dd:4c:bd:5f:
7e:b6:46:d8:a7:2a:c1:8e:ed:3c:f6:7c:71:4b:17:5c:3c:4d:
b4:4a:c2:3a:53:20:40:6d:f4:f0:26:ee:1c:d5:7b:72:53:94:
7a:10:c7:3e:09:af:26:63:7d:9b:6f:e8:f6:b1:28:e1:c4:f0:
b7:4c:c8:04:10:bb:8e:55:73:90:c2:99:e5:19:f4:b9:81:4a:
2d:4a:a9:98:44:9d:ac:40:b5:31:86:a8:c6:aa:43:1b:ab:6e:
e7:87:dd:b4:a6:54:65:a7:d8:41:3e:85:65:3b:09:83:de:1b:
23:57:0c:ea:57:da:5d:1f:98:09:3a:d6:91:a1:a9:a1:c9:e1:
99:13:8c:67:18:e6:d7:e2:bb:75:04:20:4d:41:44:da:2e:24:
52:71:43:7d:5c:74:9c:d9:f4:b3:9b:ba:3d:21:fb:08:9a:86:
7a:1b:a2:8e:4d:7c:b8:96:d0:de:79:0e:d8:86:4d:37:89:a7:
f7:00:ae:b7
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgISAYig2dujt0n4gMLFoMlA+wJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjA5MTU1MDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzM3M2FlMjI4MGRiMGE0MjA4YWQ0MWJmY2UwZGIzMGE5MjA4YTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlexNgCAV0mPykn8QkhQ9gbWZxvAz
BFt+pHui6+XkdQF6qvNaD+mNvgcsml8LAMjdpZoif2thTjbgDu0VIaBqL8VUe9o+
aixX6u5NFDshYlUV/VtJUAGaZSC44FdBMLh2ybzrK0PL0FDJ+rn2BImsOT5eLXwN
UHMFrtnsQU1joppHmgiJDVLmh3gjelU6HatbjQ8PE2Ws4I5yxMtTg6deCwhXTuYN
ebMDUkKnKg88RUSqgIxvTsLnlJRqLzXSk6HmbXEc5KUrILUdzNf0Oi52k+7H8k/Z
6IB89OWxbghxZLVBEaX80gVnHszRrO5b0+LMVM0X4whmYAw329Psbqu+MwIDAQAB
o4IDbzCCA2swHQYDVR0OBBYEFHc3OuIoDbCkIIrUG/zg2zCpIIqYMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZHpjNjRpZ05zS1FnaXRRYl9PRGJNS2tnaXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgwYIKwYBBQUHAQcBAf8EggFyMIIBbjCCAWoEAgABMIIB
YgMEAFQgCDAMAwQCVCAUAwQCVCAYAwQBVCAeAwQAVCAqAwQAVCAuAwQAVCA4AwQA
VCA8AwQAVCA+AwQAVCBBMAwDBABUIEMDBABUIEQDBABUIE8DBABUIFkwDAMEAlQg
bAMEAFQgbgMEAlQglAMEAFQgmQMEAVQgngMEAVQgsgMEAFQg1AMEAVQg1gMEAFQg
3QMEAFQg4DAMAwQAVCDnAwQAVCDoAwQAVCDrMAwDBABUIO8DBABUIPADBABUIPMD
BAFUIPYwDAMEAVQg+gMEAVQg/AMEAFjYAAMEAFjYAwMEAFjYEAMEAVjYFgMEAFjY
IAMEAFjYIzAMAwQBWNgmAwQAWNgoAwQBWNgsMAwDBANY2DgDBAFY2EADBAFY2GQD
BABY2G8DBAFY2IIDBAFY2IYDBABY2LQDBABY2LcDBAFY2LwDBABY2MUDBAJY2NQD
BABY2NwwDAMEAljY7AMEA1jY8DANBgkqhkiG9w0BAQsFAAOCAQEAmwuHJJFrMvKE
NtFj7lVk4aCz4OiqsYdtL+X00bpKicGVMyEZ84KnHNeKlDMlRhQijXzyf5GrZgtG
dtu7HJ+/EVjAhYjdTL1ffrZG2KcqwY7tPPZ8cUsXXDxNtErCOlMgQG308CbuHNV7
clOUehDHPgmvJmN9m2/o9rEo4cTwt0zIBBC7jlVzkMKZ5Rn0uYFKLUqpmESdrEC1
MYaoxqpDG6tu54fdtKZUZafYQT6FZTsJg94bI1cM6lfaXR+YCTrWkaGpocnhmROM
Zxjm1+K7dQQgTUFE2i4kUnFDfVx0nNn0s5u6PSH7CJqGehuijk18uJbQ3nkO2IZN
N4mn9wCutw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org