Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hBLig7OeA3x3KL8XuQqwZz26IMg.roa
File: hBLig7OeA3x3KL8XuQqwZz26IMg.roa (raw, json)
Hash identifier: Ioc4yA8tRgaUqI84RdJSX08HB5/IOt2WZqpH+qN9eq0=
Subject key identifier: 84:12:E2:83:B3:9E:03:7C:77:28:BF:17:B9:0A:B0:67:3D:BA:20:C8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0187E89CF105412F8CB81D564707118488ED
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hBLig7OeA3x3KL8XuQqwZz26IMg.roa
Signing time: Thu 04 May 2023 21:13:32 +0000
ROA not before: Thu 04 May 2023 21:13:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.9.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.108.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e8:9c:f1:05:41:2f:8c:b8:1d:56:47:07:11:84:88:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 4 21:13:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8412e283b39e037c7728bf17b90ab0673dba20c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:62:e8:d6:c4:09:3e:55:88:4a:27:7c:9f:5d:
79:0c:1a:ea:40:7f:d8:67:19:86:88:83:31:db:61:
63:0c:3c:6d:1e:58:af:04:16:bb:bb:5f:40:ff:e4:
4b:9c:01:88:3f:e9:2d:c6:a7:15:06:04:fc:b1:f1:
8b:f7:3d:72:17:ea:b5:a0:e4:a9:9f:03:6b:f0:63:
d8:3b:21:33:24:84:0c:f2:9c:2b:51:76:91:a4:b7:
bd:d1:5c:f4:a4:92:75:4e:82:80:63:73:03:16:6a:
bd:91:c6:b8:9f:ef:92:f9:0b:a1:43:a2:19:c9:a6:
51:97:cb:03:96:0e:a3:c4:64:74:c7:18:55:35:bd:
4a:7f:05:9d:68:89:1e:0a:23:fc:78:10:05:8d:a7:
2e:15:6c:5a:40:b3:22:cf:3a:b8:19:8e:bc:9c:b7:
91:b2:8b:9e:37:33:f5:5a:75:4c:e4:03:39:60:ad:
ab:36:67:57:9d:69:40:d1:04:e6:57:43:89:e2:a2:
b0:f0:55:f3:c2:49:0a:40:0d:d1:dd:2f:c8:8c:1f:
9a:0c:4a:27:b0:8b:ff:05:17:d6:55:66:47:71:ba:
8c:dc:31:9b:ad:38:33:4b:57:dd:11:b7:6e:10:84:
8d:c8:6f:6c:3c:35:64:20:90:c5:1f:b7:ea:41:2a:
c0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:12:E2:83:B3:9E:03:7C:77:28:BF:17:B9:0A:B0:67:3D:BA:20:C8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hBLig7OeA3x3KL8XuQqwZz26IMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/23
84.32.15.0/24
84.32.24.0/22
84.32.30.0/24
84.32.44.0/24
84.32.46.0/23
84.32.57.0/24
84.32.60.0/24
84.32.67.0-84.32.68.255
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.108.0-84.32.110.255
84.32.148.0-84.32.154.255
84.32.156.0/24
84.32.158.0/23
84.32.174.0/23
84.32.177.0-84.32.178.255
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.225.255
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.242.0/23
84.32.251.0-84.32.253.255
88.216.0.0/23
88.216.3.0/24
88.216.16.0/24
88.216.32.0/24
88.216.35.0/24
88.216.41.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.100.0/24
88.216.108.0/24
88.216.111.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.183.0/24
88.216.188.0/23
88.216.197.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/21
Signature Algorithm: sha256WithRSAEncryption
07:29:9b:3e:eb:f2:d9:ca:51:63:21:94:8c:f5:45:bd:4c:17:
1e:56:1f:09:eb:89:a2:83:e3:e4:f2:db:92:7e:ca:73:32:a5:
ee:fe:eb:1b:2f:6f:95:21:15:7a:46:21:9a:93:3c:54:b4:6b:
cf:1a:f9:7b:fb:ff:b0:32:48:e8:c8:82:06:60:a7:d8:83:a2:
b9:5b:4c:73:32:39:50:38:b4:a8:da:70:b8:29:cd:c3:c5:27:
d0:97:cc:c8:0e:6e:0d:fd:af:7c:02:ea:f8:c6:06:50:70:b6:
61:46:81:95:fb:65:1b:4a:8c:98:c4:f7:ca:47:1b:b6:42:16:
d7:16:17:f3:13:18:9a:c7:79:7f:27:89:5d:c4:b4:00:79:1c:
79:63:c2:3f:01:49:55:c6:46:e1:03:58:be:e2:23:db:75:34:
38:eb:e0:8b:38:b2:a0:24:e2:50:cc:63:bf:d7:a5:64:e4:de:
8e:89:20:c2:48:12:da:8a:fd:34:e7:21:38:de:c7:78:e8:0b:
76:38:fc:b7:2c:e0:c5:28:40:52:d2:c4:03:b6:7d:d7:54:13:
c3:7d:f3:84:a4:b1:0b:cd:3d:20:dd:bb:09:11:6b:c9:52:aa:
10:9d:9f:81:e1:88:80:57:fd:a1:e1:62:41:35:7c:54:51:7c:
2f:3f:0f:fd
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgISAYfonPEFQS+MuB1WRwcRhIjtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTA0MjExMzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDEyZTI4M2IzOWUwMzdjNzcyOGJmMTdiOTBhYjA2NzNkYmEyMGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmLo1sQJPlWISid8n115DBrqQH/Y
ZxmGiIMx22FjDDxtHlivBBa7u19A/+RLnAGIP+ktxqcVBgT8sfGL9z1yF+q1oOSp
nwNr8GPYOyEzJIQM8pwrUXaRpLe90Vz0pJJ1ToKAY3MDFmq9kca4n++S+QuhQ6IZ
yaZRl8sDlg6jxGR0xxhVNb1KfwWdaIkeCiP8eBAFjacuFWxaQLMizzq4GY68nLeR
soueNzP1WnVM5AM5YK2rNmdXnWlA0QTmV0OJ4qKw8FXzwkkKQA3R3S/IjB+aDEon
sIv/BRfWVWZHcbqM3DGbrTgzS1fdEbduEISNyG9sPDVkIJDFH7fqQSrAFwIDAQAB
o4IDdzCCA3MwHQYDVR0OBBYEFIQS4oOzngN8dyi/F7kKsGc9uiDIMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaEJMaWc3T2VBM3gzS0w4WHVRcXdaejI2SU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBiwYIKwYBBQUHAQcBAf8EggF6MIIBdjCCAXIEAgABMIIB
agMEAVQgCAMEAFQgDwMEAlQgGAMEAFQgHgMEAFQgLAMEAVQgLgMEAFQgOQMEAFQg
PDAMAwQAVCBDAwQAVCBEAwQAVCBNAwQAVCBPAwQAVCBYMAwDBAJUIGwDBABUIG4w
DAMEAlQglAMEAFQgmgMEAFQgnAMEAVQgngMEAVQgrjAMAwQAVCCxAwQAVCCyAwQA
VCDUAwQBVCDWAwQAVCDaAwQAVCDdMAwDBABUIN8DBAFUIOAwDAMEAFQg5wMEAFQg
6AMEAFQg6zAMAwQAVCDvAwQAVCDwAwQBVCDyMAwDBABUIPsDBAFUIPwDBAFY2AAD
BABY2AMDBABY2BADBABY2CADBABY2CMDBABY2CkDBAFY2CwwDAMEA1jYOAMEAVjY
QAMEAFjYZAMEAFjYbAMEAFjYbzAMAwQBWNiCAwQAWNiEAwQBWNiGAwQAWNi3AwQB
WNi8AwQAWNjFAwQCWNjUAwQAWNjcAwQDWNjoMA0GCSqGSIb3DQEBCwUAA4IBAQAH
KZs+6/LZylFjIZSM9UW9TBceVh8J64mig+Pk8tuSfspzMqXu/usbL2+VIRV6RiGa
kzxUtGvPGvl7+/+wMkjoyIIGYKfYg6K5W0xzMjlQOLSo2nC4Kc3DxSfQl8zIDm4N
/a98Aur4xgZQcLZhRoGV+2UbSoyYxPfKRxu2QhbXFhfzExiax3l/J4ldxLQAeRx5
Y8I/AUlVxkbhA1i+4iPbdTQ46+CLOLKgJOJQzGO/16Vk5N6OiSDCSBLaiv005yE4
3sd46At2OPy3LODFKEBS0sQDtn3XVBPDffOEpLELzT0g3bsJEWvJUqoQnZ+B4YiA
V/2h4WJBNXxUUXwvPw/9
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:32 2023 by rpki-client on console-ams.rpki-client.org