Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hyv6k7FDR-B2SgOlcjPl2_gqDsc.roa
File: hyv6k7FDR-B2SgOlcjPl2_gqDsc.roa (raw, json)
Hash identifier: 3yFkFmy8LvRBpK964aJk5BTsODuVPn3SEnDl1aNUGZs=
Subject key identifier: 87:2B:FA:93:B1:43:47:E0:76:4A:03:A5:72:33:E5:DB:F8:2A:0E:C7
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01875A4631A9D7091C3BF6203F1E5205D069
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hyv6k7FDR-B2SgOlcjPl2_gqDsc.roa
Signing time: Fri 07 Apr 2023 05:52:42 +0000
ROA not before: Fri 07 Apr 2023 05:52:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.106.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.157.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Apr 2023 07:19:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5a:46:31:a9:d7:09:1c:3b:f6:20:3f:1e:52:05:d0:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 7 05:52:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=872bfa93b14347e0764a03a57233e5dbf82a0ec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6a:cd:d6:b9:91:e2:c5:c7:74:32:87:04:81:
e3:c0:9f:9c:ee:16:04:62:16:fe:01:89:87:12:31:
55:80:7d:d5:9b:27:b7:e6:78:dd:76:c3:11:d8:13:
4f:4d:ab:bd:63:b1:0b:f7:61:9a:72:eb:0b:31:f6:
f1:58:f0:7b:ca:35:01:e2:b8:47:7b:91:91:d0:44:
71:d3:58:b9:a4:de:54:a7:1d:2a:8a:e6:81:a9:3b:
e6:0d:16:40:ab:b1:fd:71:10:67:23:59:64:ab:81:
56:dd:24:c0:8b:5c:fc:28:30:3a:14:b0:4f:0d:a6:
05:e7:f7:7e:00:e9:62:61:3b:40:68:de:1f:3a:c6:
1a:7f:08:91:a9:8b:39:40:f2:08:92:ee:c4:a2:29:
d9:2b:93:91:1c:6b:96:c9:d3:20:99:11:5c:50:fe:
bf:1a:88:92:be:a5:2b:d4:7f:90:28:ae:72:c3:fe:
25:5a:ef:40:00:18:10:5e:c1:d6:ad:b3:76:d7:2b:
64:bb:48:ef:df:fc:ef:4b:1c:74:63:5c:ea:09:4c:
ff:0b:ed:34:3e:c1:20:08:7b:c2:a1:37:39:6a:cb:
58:f6:06:c1:5d:14:f2:ed:2a:e0:0c:96:dc:06:93:
dd:f0:5a:fd:8a:7e:6e:51:1f:95:d1:92:dd:7b:74:
92:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2B:FA:93:B1:43:47:E0:76:4A:03:A5:72:33:E5:DB:F8:2A:0E:C7
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hyv6k7FDR-B2SgOlcjPl2_gqDsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.40.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.67.0/24
84.32.70.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.106.0/24
84.32.108.0/23
84.32.148.0/22
84.32.157.0/24
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.224.255
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0-84.32.253.255
88.216.1.0/24
88.216.3.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.189.0/24
88.216.212.0/24
88.216.215.0/24
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
86:c7:67:d0:ea:8c:5c:4b:2d:6c:24:55:02:f8:c9:3f:5c:d6:
e7:69:f6:6e:e2:ee:c0:62:01:fa:83:17:fd:ab:28:2c:d3:c4:
3b:ee:99:8b:b3:91:e2:16:70:09:29:c5:cd:9b:3e:04:10:5a:
77:47:3b:b9:b7:f3:ed:a5:5b:74:75:e9:a6:a2:67:46:28:19:
1d:5f:fc:fb:e5:d6:07:1c:44:26:8d:07:90:70:3d:20:75:57:
58:88:06:b8:de:98:72:1e:4c:a5:aa:c3:a3:8d:37:57:ec:1a:
19:cf:64:23:be:fc:f2:c1:db:1e:ca:48:b6:ec:e4:44:54:45:
4e:94:87:83:d4:02:62:25:b6:89:31:50:c6:32:07:af:3a:8a:
92:f1:3c:52:36:4c:9f:c4:b1:55:9a:78:63:6d:63:06:e4:48:
f6:cb:d2:50:12:b6:1e:c5:99:2d:65:80:71:41:8a:f0:f6:d4:
71:ab:8c:74:45:74:8e:31:1c:d7:6d:4a:cc:40:05:48:d0:4d:
32:db:61:de:e7:df:91:6a:5c:f0:87:46:81:3b:90:0e:57:d2:
27:49:8b:62:59:bb:e8:e7:59:ad:7a:3b:c7:30:14:3e:be:e6:
90:17:6e:f2:58:34:5d:78:89:08:60:9b:0f:11:04:cf:b3:6f:
17:a3:82:dd
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgISAYdaRjGp1wkcO/YgPx5SBdBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDA3MDU1MjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJiZmE5M2IxNDM0N2UwNzY0YTAzYTU3MjMzZTVkYmY4MmEwZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2rN1rmR4sXHdDKHBIHjwJ+c7hYE
Yhb+AYmHEjFVgH3Vmye35njddsMR2BNPTau9Y7EL92GacusLMfbxWPB7yjUB4rhH
e5GR0ERx01i5pN5Upx0qiuaBqTvmDRZAq7H9cRBnI1lkq4FW3STAi1z8KDA6FLBP
DaYF5/d+AOliYTtAaN4fOsYafwiRqYs5QPIIku7EoinZK5ORHGuWydMgmRFcUP6/
GoiSvqUr1H+QKK5yw/4lWu9AABgQXsHWrbN21ytku0jv3/zvSxx0Y1zqCUz/C+00
PsEgCHvCoTc5astY9gbBXRTy7SrgDJbcBpPd8Fr9in5uUR+V0ZLde3SSmQIDAQAB
o4IDMTCCAy0wHQYDVR0OBBYEFIcr+pOxQ0fgdkoDpXIz5dv4Kg7HMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaHl2Nms3RkRSLUIyU2dPbGNqUGwyX2dxRHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRQYIKwYBBQUHAQcBAf8EggE0MIIBMDCCASwEAgABMIIB
JAMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgKAMEAFQgLgMEAFQgOQMEAFQgPAMEAFQg
QwMEAFQgRgMEAFQgTQMEAFQgTwMEAFQgWAMEAFQgagMEAVQgbAMEAlQglAMEAFQg
nQMEAVQgrgMEAFQgsQMEAFQgswMEAFQg1AMEAVQg1gMEAFQg2gMEAFQg3TAMAwQA
VCDfAwQAVCDgAwQAVCDoMAwDBABUIO8DBABUIPAwDAMEAVQg8gMEAVQg9DAMAwQB
VCD6AwQBVCD8AwQAWNgBAwQAWNgDAwQAWNgVAwQAWNggAwQAWNgkAwQBWNhcAwQA
WNhvAwQAWNiAMAwDBAFY2IIDBABY2IQDBABY2L0DBABY2NQDBABY2NcDBABY2NwD
BAJY2OgwDQYJKoZIhvcNAQELBQADggEBAIbHZ9DqjFxLLWwkVQL4yT9c1udp9m7i
7sBiAfqDF/2rKCzTxDvumYuzkeIWcAkpxc2bPgQQWndHO7m38+2lW3R16aaiZ0Yo
GR1f/Pvl1gccRCaNB5BwPSB1V1iIBrjemHIeTKWqw6ONN1fsGhnPZCO+/PLB2x7K
SLbs5ERURU6Uh4PUAmIltokxUMYyB686ipLxPFI2TJ/EsVWaeGNtYwbkSPbL0lAS
th7FmS1lgHFBivD21HGrjHRFdI4xHNdtSsxABUjQTTLbYd7n35FqXPCHRoE7kA5X
0idJi2JZu+jnWa16O8cwFD6+5pAXbvJYNF14iQhgmw8RBM+zbxejgt0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:30 2024 by rpki-client on console-ams.rpki-client.org