Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/gX-3OjUTuv3cCHUHVHvpz2twTw4.roa
File: gX-3OjUTuv3cCHUHVHvpz2twTw4.roa (raw, json)
Hash identifier: CAuqRzYxZyzIeceZrKVDtkFSj5qpxI7eEFy8J1obQII=
Subject key identifier: 81:7F:B7:3A:35:13:BA:FD:DC:08:75:07:54:7B:E9:CF:6B:70:4F:0E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185CF9FD97D9D826A60FBFD614AF5BC1931
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/gX-3OjUTuv3cCHUHVHvpz2twTw4.roa
Signing time: Fri 20 Jan 2023 14:40:37 +0000
ROA not before: Fri 20 Jan 2023 14:40:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 88.216.199.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.226.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
84.32.58.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
84.32.50.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
84.32.108.0/24 maxlen: 24
84.32.109.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:9f:d9:7d:9d:82:6a:60:fb:fd:61:4a:f5:bc:19:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 20 14:40:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=817fb73a3513bafddc087507547be9cf6b704f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a8:0f:ea:34:d8:23:70:c5:ad:00:9e:06:91:
74:a0:d4:c3:8e:8a:0f:c8:26:49:8a:c9:d4:98:90:
27:d9:6b:b0:13:14:c5:ee:89:8a:c2:de:23:34:92:
96:c0:86:14:79:50:15:02:23:5a:16:8e:ab:8a:ea:
e5:e2:bc:c9:a8:76:65:b0:8a:98:70:37:db:aa:67:
5f:36:c9:c1:cd:10:a7:16:41:19:f1:8c:9d:fb:f2:
67:dc:de:50:02:a3:26:32:cc:d7:43:1e:5a:35:35:
ac:a9:84:04:0a:7f:b9:e8:d2:d6:12:9b:9d:e0:8a:
f4:86:9e:fe:db:00:ae:2d:3e:47:7b:37:e4:76:f8:
6b:80:b1:33:22:fd:b4:9f:f3:38:a2:db:73:97:87:
0d:d4:3c:98:d5:a5:80:ff:34:83:88:d5:74:13:f6:
65:e5:ea:99:88:04:83:5d:18:91:02:0a:52:8e:04:
7e:bc:42:7b:57:46:c3:70:09:bb:17:e6:05:da:6f:
89:ff:64:ae:9c:f7:97:60:a9:97:53:51:58:27:2d:
ae:ec:5b:5e:cf:52:22:ca:ec:87:54:16:92:07:e4:
4a:11:32:b8:8a:02:53:73:0c:33:28:0f:78:60:b8:
70:e7:24:d0:56:02:cd:7d:87:6c:c4:41:b6:0a:82:
fd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:7F:B7:3A:35:13:BA:FD:DC:08:75:07:54:7B:E9:CF:6B:70:4F:0E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/gX-3OjUTuv3cCHUHVHvpz2twTw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.24.0/24
84.32.48.0/24
84.32.50.0/24
84.32.58.0/24
84.32.71.0/24
84.32.88.0/24
84.32.93.0/24
84.32.108.0/23
84.32.150.0/23
84.32.177.0/24
84.32.218.0/24
84.32.220.0/24
84.32.226.0/24
84.32.232.0/24
84.32.239.0/24
84.32.245.0/24
88.216.3.0/24
88.216.32.0/24
88.216.46.0/24
88.216.92.0/24
88.216.134.0/24
88.216.199.0/24
88.216.210.0/23
Signature Algorithm: sha256WithRSAEncryption
50:ab:ae:b8:31:9a:96:9e:a9:3b:0d:9e:97:53:05:c5:f2:39:
28:d3:59:e5:66:52:a7:c1:51:20:d0:89:40:9c:b9:82:a2:67:
a7:3f:1b:fb:e7:27:98:fd:2d:0b:18:99:f1:f2:99:67:0f:c8:
e2:cc:8c:2b:5d:a2:f8:35:ae:1d:16:86:71:b6:b8:d3:85:60:
a4:b5:1c:d1:e9:13:9a:b2:6c:f8:b1:b4:94:33:37:35:7c:b9:
6f:9a:fe:cf:2f:22:3a:e8:47:3b:f7:39:20:45:14:e4:50:a3:
23:73:2a:9f:13:9d:ac:05:17:74:19:cf:57:6d:07:23:10:9a:
da:5e:b7:89:c6:84:3f:e8:bb:8f:d8:ac:93:29:48:0c:34:a8:
5f:7e:68:96:ef:3d:97:ff:c8:36:2d:e9:05:be:39:c7:0c:c6:
7f:d1:df:be:0d:61:a4:4a:86:28:ce:6a:c3:e0:68:2f:29:19:
53:c5:db:5d:42:e2:93:b3:9b:30:75:cd:01:f2:80:52:cc:00:
fb:3e:c4:8f:71:9a:f5:57:66:cf:32:8a:d2:da:ab:6b:6f:43:
37:55:a7:aa:91:4c:6f:33:f0:71:de:8f:07:e6:b4:5a:a6:ba:
25:27:d5:84:12:c7:f9:a5:26:88:19:b6:78:75:76:8a:14:fe:
3e:34:50:5e
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYXPn9l9nYJqYPv9YUr1vBkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTIwMTQ0MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTdmYjczYTM1MTNiYWZkZGMwODc1MDc1NDdiZTljZjZiNzA0ZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApagP6jTYI3DFrQCeBpF0oNTDjooP
yCZJisnUmJAn2WuwExTF7omKwt4jNJKWwIYUeVAVAiNaFo6riurl4rzJqHZlsIqY
cDfbqmdfNsnBzRCnFkEZ8Yyd+/Jn3N5QAqMmMszXQx5aNTWsqYQECn+56NLWEpud
4Ir0hp7+2wCuLT5HezfkdvhrgLEzIv20n/M4ottzl4cN1DyY1aWA/zSDiNV0E/Zl
5eqZiASDXRiRAgpSjgR+vEJ7V0bDcAm7F+YF2m+J/2SunPeXYKmXU1FYJy2u7Fte
z1IiyuyHVBaSB+RKETK4igJTcwwzKA94YLhw5yTQVgLNfYdsxEG2CoL9IwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFIF/tzo1E7r93Ah1B1R76c9rcE8OMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZ1gtM09qVVR1djNjQ0hVSFZIdnB6MnR3VHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBABU
IAgDBABUIAoDBABUIBgDBABUIDADBABUIDIDBABUIDoDBABUIEcDBABUIFgDBABU
IF0DBAFUIGwDBAFUIJYDBABUILEDBABUINoDBABUINwDBABUIOIDBABUIOgDBABU
IO8DBABUIPUDBABY2AMDBABY2CADBABY2C4DBABY2FwDBABY2IYDBABY2McDBAFY
2NIwDQYJKoZIhvcNAQELBQADggEBAFCrrrgxmpaeqTsNnpdTBcXyOSjTWeVmUqfB
USDQiUCcuYKiZ6c/G/vnJ5j9LQsYmfHymWcPyOLMjCtdovg1rh0WhnG2uNOFYKS1
HNHpE5qybPixtJQzNzV8uW+a/s8vIjroRzv3OSBFFORQoyNzKp8TnawFF3QZz1dt
ByMQmtpet4nGhD/ou4/YrJMpSAw0qF9+aJbvPZf/yDYt6QW+OccMxn/R374NYaRK
hijOasPgaC8pGVPF211C4pOzmzB1zQHygFLMAPs+xI9xmvVXZs8yitLaq2tvQzdV
p6qRTG8z8HHejwfmtFqmuiUn1YQSx/mlJogZtnh1dooU/j40UF4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:49 2023 by rpki-client on console-fra.rpki-client.org