Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/khHH5fuDW8TdlpDq5y-GrJ218Fc.roa
File: khHH5fuDW8TdlpDq5y-GrJ218Fc.roa (raw, json)
Hash identifier: YPdbDHQdZbLpCCTHqMFyue7ot96yBy1dluGEjvZTl3o=
Subject key identifier: 92:11:C7:E5:FB:83:5B:C4:DD:96:90:EA:E7:2F:86:AC:9D:B5:F0:57
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018682296A8D977D1225470DB48EE640C06C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/khHH5fuDW8TdlpDq5y-GrJ218Fc.roa
Signing time: Fri 24 Feb 2023 06:43:17 +0000
ROA not before: Fri 24 Feb 2023 06:43:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.186.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.199.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Feb 2023 21:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:29:6a:8d:97:7d:12:25:47:0d:b4:8e:e6:40:c0:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 24 06:43:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9211c7e5fb835bc4dd9690eae72f86ac9db5f057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a5:71:89:7c:cb:a4:6d:c5:3b:d7:a5:69:4f:
d8:3c:9d:c8:a1:be:2d:b2:bf:e8:7f:e8:27:a2:c9:
8c:26:38:31:92:95:1e:c2:92:75:34:08:c9:f2:72:
d1:1c:38:fb:b4:2a:eb:0d:6f:4d:a7:cc:af:eb:c3:
bd:4d:d8:0d:d3:e4:dc:da:80:5d:1c:d3:6f:62:85:
36:65:15:6e:24:d4:f0:48:88:82:f1:35:42:80:ed:
31:3d:bc:7c:90:e2:5b:2e:a7:9a:26:d0:76:0f:e8:
68:43:a5:22:13:97:64:fa:c0:c4:5a:99:58:ba:b9:
af:05:85:7e:4c:86:d4:bd:ec:e2:b6:f3:5c:b2:2f:
af:75:e5:a3:12:c3:9c:fe:4b:95:fd:58:cd:19:f4:
02:f4:b4:d0:70:f7:6b:ad:44:53:3f:38:6c:67:74:
54:29:19:57:0f:78:0b:80:ab:43:f1:76:e2:89:a0:
fd:be:4c:35:c8:a7:01:93:e9:e1:58:f7:18:0b:72:
7c:40:c2:07:c0:8b:dd:1d:75:9e:6f:1d:b8:0a:b7:
96:30:e3:f4:71:95:7f:c1:5e:00:e9:54:11:e3:11:
f3:7f:83:0c:f1:f1:80:11:d3:6b:2a:5c:41:5c:2b:
a3:34:48:80:4b:19:77:ed:2a:3f:2c:11:2a:40:2c:
c4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:11:C7:E5:FB:83:5B:C4:DD:96:90:EA:E7:2F:86:AC:9D:B5:F0:57
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/khHH5fuDW8TdlpDq5y-GrJ218Fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.71.0/24
84.32.76.0/23
84.32.79.0/24
84.32.88.0/24
84.32.150.0/23
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.221.0-84.32.222.255
84.32.229.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0/23
84.32.245.0/24
84.32.252.0/23
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.92.0/23
88.216.128.0/24
88.216.132.0-88.216.134.255
88.216.186.0/24
88.216.189.0-88.216.190.255
88.216.199.0/24
88.216.215.0/24
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
31:71:da:0d:a0:74:e6:89:1a:94:79:dd:f0:e2:fc:df:8f:fa:
3f:de:20:91:22:3e:d1:5b:8a:ad:94:fa:fe:d8:24:0d:ca:66:
71:84:34:ba:2b:db:69:59:4d:c4:6c:2d:16:bb:ce:0d:d8:e0:
5a:bb:ca:eb:b3:2e:9c:c9:6a:9f:46:f4:c8:41:de:96:8a:09:
7c:f0:f6:de:9f:ad:fa:0e:6a:b8:38:e4:92:1e:78:1c:19:f4:
2f:08:15:dc:6b:0c:4c:d0:0d:c5:c3:c1:10:26:f4:66:03:2d:
51:d5:e6:ae:4c:4b:8d:e9:cd:58:3a:c0:d8:9d:79:8d:1d:d4:
1b:95:fa:3f:33:c7:fb:8f:ab:48:2c:65:65:0c:bc:7c:ad:0a:
1a:88:27:7a:10:57:57:e0:12:9d:b0:73:bf:62:b9:b4:64:ab:
30:4b:97:29:c6:b4:59:14:9d:37:dd:a3:ea:13:06:0c:e3:29:
9c:0e:6b:30:ae:86:2f:1d:13:88:98:5e:37:a1:39:c4:2b:16:
1e:4a:e5:b3:f9:4a:91:47:4e:fe:f4:e2:fc:cb:11:2d:4a:e7:
35:fc:ec:3d:89:e0:5c:ee:33:c4:dc:56:52:0b:e5:01:ea:68:
ac:11:14:4b:00:a0:32:cb:ea:f1:c3:6e:29:31:81:50:25:1c:
d1:b4:cf:cd
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYaCKWqNl30SJUcNtI7mQMBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjI0MDY0MzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjExYzdlNWZiODM1YmM0ZGQ5NjkwZWFlNzJmODZhYzlkYjVmMDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKVxiXzLpG3FO9elaU/YPJ3Iob4t
sr/of+gnosmMJjgxkpUewpJ1NAjJ8nLRHDj7tCrrDW9Np8yv68O9TdgN0+Tc2oBd
HNNvYoU2ZRVuJNTwSIiC8TVCgO0xPbx8kOJbLqeaJtB2D+hoQ6UiE5dk+sDEWplY
urmvBYV+TIbUvezitvNcsi+vdeWjEsOc/kuV/VjNGfQC9LTQcPdrrURTPzhsZ3RU
KRlXD3gLgKtD8XbiiaD9vkw1yKcBk+nhWPcYC3J8QMIHwIvdHXWebx24CreWMOP0
cZV/wV4A6VQR4xHzf4MM8fGAEdNrKlxBXCujNEiASxl37So/LBEqQCzEiQIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFJIRx+X7g1vE3ZaQ6ucvhqydtfBXMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEva2hISDVmdURXOFRkbHBEcTV5LUdySjIxOEZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBABU
IAgDBABUIAoDBAJUIBgDBABUIB4DBABUIC4DBABUIEcDBAFUIEwDBABUIE8DBABU
IFgDBAFUIJYDBABUILMDBABUINQDBAFUINYwDAMEAFQg3QMEAFQg3gMEAFQg5QME
AFQg6DAMAwQAVCDvAwQAVCDwAwQBVCDyAwQAVCD1AwQBVCD8AwQAWNgDAwQAWNgR
AwQAWNgVAwQAWNggAwQBWNhcAwQAWNiAMAwDBAJY2IQDBABY2IYDBABY2LowDAME
AFjYvQMEAFjYvgMEAFjYxwMEAFjY1wMEAFjY3DANBgkqhkiG9w0BAQsFAAOCAQEA
MXHaDaB05okalHnd8OL834/6P94gkSI+0VuKrZT6/tgkDcpmcYQ0uivbaVlNxGwt
FrvODdjgWrvK67MunMlqn0b0yEHelooJfPD23p+t+g5quDjkkh54HBn0LwgV3GsM
TNANxcPBECb0ZgMtUdXmrkxLjenNWDrA2J15jR3UG5X6PzPH+4+rSCxlZQy8fK0K
GognehBXV+ASnbBzv2K5tGSrMEuXKca0WRSdN92j6hMGDOMpnA5rMK6GLx0TiJhe
N6E5xCsWHkrls/lKkUdO/vTi/MsRLUrnNfzsPYngXO4zxNxWUgvlAeporBEUSwCg
Msvq8cNuKTGBUCUc0bTPzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:30 2024 by rpki-client on console-ams.rpki-client.org