Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/kzn696qA_vXUZLkXgLLfWRBUH7U.roa
File: kzn696qA_vXUZLkXgLLfWRBUH7U.roa (raw, json)
Hash identifier: BSCKVcPj1ZtYO6BwvZ/2ikK0E4fPoDVMmTgR+1FBOlg=
Subject key identifier: 93:39:FA:F7:AA:80:FE:F5:D4:64:B9:17:80:B2:DF:59:10:54:1F:B5
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188328CE4977668616FF2D9FA715FE712C9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/kzn696qA_vXUZLkXgLLfWRBUH7U.roa
Signing time: Fri 19 May 2023 05:47:54 +0000
ROA not before: Fri 19 May 2023 05:47:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.213.0/24 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.208.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.107.0/24 maxlen: 24
88.216.108.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.105.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:32:8c:e4:97:76:68:61:6f:f2:d9:fa:71:5f:e7:12:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 19 05:47:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9339faf7aa80fef5d464b91780b2df5910541fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e3:95:96:da:1f:a0:d3:6f:d9:93:64:46:e6:
8c:02:06:32:5d:ad:43:08:01:16:40:1f:c7:e8:f4:
48:36:b3:35:71:2d:12:54:f1:3b:cd:dd:92:05:ad:
b0:20:04:09:ae:a2:b5:ff:56:b5:f2:44:02:48:0b:
08:0d:72:d3:24:4e:b8:f9:90:1c:c3:7b:a7:b0:eb:
70:a4:1f:7c:93:2e:48:ee:0a:31:3f:b1:86:af:12:
78:8b:5f:cb:b3:39:66:8c:16:04:70:ed:10:da:94:
24:38:2f:1f:d1:b9:bd:a8:a4:41:28:70:4e:6e:3b:
98:dd:f5:73:c4:81:cf:5f:6d:79:c1:1a:7c:67:79:
1d:2d:19:e9:aa:c5:59:a6:54:53:87:95:b0:8d:c5:
dd:77:db:1d:b4:6f:5b:bb:ae:ed:98:88:86:d3:42:
aa:54:ca:c6:b5:1a:5a:b6:72:81:53:18:8d:5a:91:
47:53:36:0a:d3:d8:44:49:6f:10:6f:41:01:3d:14:
b9:2f:78:34:42:db:3b:91:64:74:06:12:ef:c9:f3:
3d:d5:37:c1:ff:ea:3c:41:34:56:ae:42:77:09:de:
90:17:bd:66:70:e0:57:75:30:cb:65:7a:b0:3f:74:
08:a6:9a:78:a4:b4:9d:78:5d:45:5a:cd:a9:52:33:
3d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:39:FA:F7:AA:80:FE:F5:D4:64:B9:17:80:B2:DF:59:10:54:1F:B5
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/kzn696qA_vXUZLkXgLLfWRBUH7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.60.0/24
84.32.67.0-84.32.68.255
84.32.70.0/24
84.32.77.0/24
84.32.79.0/24
84.32.89.0/24
84.32.110.0/24
84.32.148.0/22
84.32.158.0/23
84.32.177.0/24
84.32.212.0/22
84.32.218.0/24
84.32.221.0/24
84.32.224.0/23
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.242.0/23
84.32.250.0-84.32.253.255
88.216.0.0/23
88.216.3.0/24
88.216.16.0/24
88.216.32.0/24
88.216.35.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.100.0/24
88.216.105.0/24
88.216.107.0-88.216.108.255
88.216.111.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.180.0/23
88.216.183.0/24
88.216.188.0/23
88.216.197.0/24
88.216.208.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:cd:41:36:32:50:65:18:9b:33:e6:10:a2:c9:46:af:d6:18:
e6:01:17:6c:71:97:cf:c3:19:40:6f:78:49:28:d8:cf:84:c8:
66:f9:6e:5f:b1:be:c4:e7:16:b9:82:08:14:98:3c:ab:8f:11:
ea:f4:20:8a:7f:8e:db:81:85:d2:a5:e5:8d:e7:6d:11:88:22:
82:be:cc:16:db:74:04:6a:f7:09:c1:9b:a1:e9:96:d4:eb:7f:
1f:ac:2a:7a:14:9a:f6:79:2f:a7:15:18:cb:2c:8b:20:56:8c:
63:b0:75:6d:74:70:b9:01:ad:2f:e6:f5:cc:d9:ea:de:be:a2:
35:45:4f:f1:72:86:e1:f8:2e:df:29:72:2f:a5:bd:8b:db:a9:
fb:18:ab:cc:8e:b0:d6:87:74:8f:89:f8:e6:59:4b:d3:85:7b:
85:ab:27:d8:57:d4:9e:88:58:31:3c:83:62:8d:7d:03:59:d6:
1c:75:fb:58:31:50:d9:ee:d3:3b:79:df:ee:7f:ff:e7:c3:5b:
25:bf:4b:3d:fc:49:6b:c5:8e:ee:4f:82:0b:77:bd:0d:61:21:
5f:7d:92:b3:b6:1c:5f:cc:3b:9a:1a:f5:c5:57:fc:00:00:40:
89:ef:10:50:cf:a0:da:2b:04:f4:4a:71:5f:c9:0c:0f:50:9b:
b1:b6:82:3e
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAYgyjOSXdmhhb/LZ+nFf5xLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTE5MDU0NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzM5ZmFmN2FhODBmZWY1ZDQ2NGI5MTc4MGIyZGY1OTEwNTQxZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+OVltofoNNv2ZNkRuaMAgYyXa1D
CAEWQB/H6PRINrM1cS0SVPE7zd2SBa2wIAQJrqK1/1a18kQCSAsIDXLTJE64+ZAc
w3unsOtwpB98ky5I7goxP7GGrxJ4i1/LszlmjBYEcO0Q2pQkOC8f0bm9qKRBKHBO
bjuY3fVzxIHPX215wRp8Z3kdLRnpqsVZplRTh5WwjcXdd9sdtG9bu67tmIiG00Kq
VMrGtRpatnKBUxiNWpFHUzYK09hESW8Qb0EBPRS5L3g0Qts7kWR0BhLvyfM91TfB
/+o8QTRWrkJ3Cd6QF71mcOBXdTDLZXqwP3QIppp4pLSdeF1FWs2pUjM9lQIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFJM5+veqgP711GS5F4Cy31kQVB+1MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEva3puNjk2cUFfdlhVWkxrWGdMTGZXUkJVSDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCAUgEAgABMIIB
QAMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgLgMEAFQgPDAMAwQAVCBDAwQAVCBEAwQA
VCBGAwQAVCBNAwQAVCBPAwQAVCBZAwQAVCBuAwQCVCCUAwQBVCCeAwQAVCCxAwQC
VCDUAwQAVCDaAwQAVCDdAwQBVCDgMAwDBABUIOcDBABUIOgDBABUIOswDAMEAFQg
7wMEAFQg8AMEAVQg8jAMAwQBVCD6AwQBVCD8AwQBWNgAAwQAWNgDAwQAWNgQAwQA
WNggAwQAWNgjAwQBWNgsMAwDBANY2DgDBAFY2EADBABY2GQDBABY2GkwDAMEAFjY
awMEAFjYbAMEAFjYbzAMAwQBWNiCAwQAWNiEAwQBWNiGAwQBWNi0AwQAWNi3AwQB
WNi8AwQAWNjFAwQAWNjQAwQCWNjUAwQAWNjcAwQDWNjoMA0GCSqGSIb3DQEBCwUA
A4IBAQCNzUE2MlBlGJsz5hCiyUav1hjmARdscZfPwxlAb3hJKNjPhMhm+W5fsb7E
5xa5gggUmDyrjxHq9CCKf47bgYXSpeWN520RiCKCvswW23QEavcJwZuh6ZbU638f
rCp6FJr2eS+nFRjLLIsgVoxjsHVtdHC5Aa0v5vXM2erevqI1RU/xcobh+C7fKXIv
pb2L26n7GKvMjrDWh3SPifjmWUvThXuFqyfYV9SeiFgxPINijX0DWdYcdftYMVDZ
7tM7ed/uf//nw1slv0s9/ElrxY7uT4ILd70NYSFffZKzthxfzDuaGvXFV/wAAECJ
7xBQz6DaKwT0SnFfyQwPUJuxtoI+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:32 2023 by rpki-client on console-ams.rpki-client.org