Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lDmXtDs_DEIwiFG_HJsfPjImxYk.roa
File: lDmXtDs_DEIwiFG_HJsfPjImxYk.roa (raw, json)
Hash identifier: b1uqw4UGuzlF4kYECjttVQ88B0feJH9UmY8H+j99Kr8=
Subject key identifier: 94:39:97:B4:3B:3F:0C:42:30:88:51:BF:1C:9B:1F:3E:32:26:C5:89
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185C3B4C5C6D59DE9662250DA1D1D3B1D0A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lDmXtDs_DEIwiFG_HJsfPjImxYk.roa
Signing time: Wed 18 Jan 2023 07:08:02 +0000
ROA not before: Wed 18 Jan 2023 07:08:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 88.216.199.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.226.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
84.32.58.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
84.32.50.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
84.32.108.0/24 maxlen: 24
84.32.109.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c3:b4:c5:c6:d5:9d:e9:66:22:50:da:1d:1d:3b:1d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 18 07:08:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=943997b43b3f0c42308851bf1c9b1f3e3226c589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:89:a9:36:c7:8b:f5:dd:25:fc:bd:78:23:64:
b3:55:ec:82:b6:c9:61:80:fb:50:42:0f:0f:01:51:
8a:a8:bf:bb:e0:8f:aa:51:e8:8c:80:b3:bd:31:c5:
1c:38:c0:ef:e6:8a:b6:b9:bb:1b:9d:d1:96:b8:5d:
bc:eb:84:7e:f3:e0:b3:d4:37:d2:0d:7f:70:97:c9:
7f:0f:2e:77:9a:d1:fc:8f:fd:89:48:b4:ed:d1:e5:
61:17:50:5b:69:ea:4d:ce:d7:fd:6c:72:34:4c:2b:
47:84:8a:b4:9a:d8:c4:11:ea:ac:62:6d:fb:8f:a4:
3a:d4:ee:57:d8:ed:88:29:15:b7:8d:c7:12:ee:11:
8a:cb:26:99:e0:09:e0:77:98:c0:46:f4:db:f3:4c:
bc:fc:14:8f:46:1b:f2:d8:40:33:f4:37:c8:c4:d7:
d1:72:57:fe:3b:ee:49:d0:32:08:81:fb:18:2a:7f:
b1:fa:59:3b:78:97:5b:41:34:93:49:b6:79:5f:65:
9b:51:4c:21:a8:51:ec:05:3c:eb:eb:c2:a6:6a:a5:
26:4d:e4:1a:ca:0b:ce:60:fa:17:c0:9e:8f:76:70:
9d:5b:b3:7b:c4:55:84:20:91:93:76:bd:ef:a0:97:
75:35:4b:86:c9:8d:6e:fb:ae:e8:f2:82:68:39:86:
e4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:39:97:B4:3B:3F:0C:42:30:88:51:BF:1C:9B:1F:3E:32:26:C5:89
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lDmXtDs_DEIwiFG_HJsfPjImxYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.24.0/24
84.32.48.0/24
84.32.50.0/24
84.32.58.0/24
84.32.71.0/24
84.32.88.0/24
84.32.93.0/24
84.32.108.0/23
84.32.150.0/23
84.32.177.0/24
84.32.218.0/24
84.32.226.0/24
84.32.232.0/24
84.32.239.0/24
84.32.245.0/24
88.216.3.0/24
88.216.32.0/24
88.216.46.0/24
88.216.92.0/24
88.216.134.0/24
88.216.199.0/24
88.216.210.0/23
Signature Algorithm: sha256WithRSAEncryption
93:de:26:0b:21:a9:df:3a:99:b2:85:bb:e7:e9:a6:0c:ff:9f:
7d:8f:68:ae:16:89:74:7f:75:f5:8e:26:a1:9e:66:d3:45:08:
d2:31:dc:b4:a5:14:5c:32:b1:77:c6:0a:78:b0:27:55:a4:ea:
66:28:50:a6:b7:7f:4e:5a:a7:40:6c:f0:c0:bf:ce:87:46:a9:
3b:f4:20:95:1f:49:fa:a1:4c:79:c3:bd:18:f3:eb:a7:70:a9:
21:a5:db:94:47:02:34:a2:34:1d:09:21:dc:23:9a:ff:4c:d5:
5c:96:99:1e:73:0e:14:ca:69:d4:bc:e8:52:f1:59:e7:86:9e:
b2:fd:af:0a:fc:23:19:61:36:87:17:af:e8:bc:07:0f:08:c9:
5f:37:53:5b:2f:58:14:f8:17:7e:aa:c8:2f:c0:c7:1d:40:e5:
82:05:24:75:be:b3:69:4c:c2:ca:8f:ce:26:7f:ca:e8:3d:24:
f7:19:00:c1:94:df:40:29:a4:c2:20:2d:9f:86:93:1e:54:14:
16:4f:09:c0:38:72:53:8a:ee:14:6a:16:a1:21:9f:3c:d7:3b:
c0:17:af:f9:64:2f:ff:6b:8f:30:96:e2:9b:75:00:c5:3f:f0:
1a:f2:d6:fd:b1:f7:eb:d7:67:30:8b:2f:51:ec:10:71:af:17:
4f:a9:fc:72
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYXDtMXG1Z3pZiJQ2h0dOx0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTE4MDcwODAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDM5OTdiNDNiM2YwYzQyMzA4ODUxYmYxYzliMWYzZTMyMjZjNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYmpNseL9d0l/L14I2SzVeyCtslh
gPtQQg8PAVGKqL+74I+qUeiMgLO9McUcOMDv5oq2ubsbndGWuF2864R+8+Cz1DfS
DX9wl8l/Dy53mtH8j/2JSLTt0eVhF1BbaepNztf9bHI0TCtHhIq0mtjEEeqsYm37
j6Q61O5X2O2IKRW3jccS7hGKyyaZ4Angd5jARvTb80y8/BSPRhvy2EAz9DfIxNfR
clf+O+5J0DIIgfsYKn+x+lk7eJdbQTSTSbZ5X2WbUUwhqFHsBTzr68KmaqUmTeQa
ygvOYPoXwJ6PdnCdW7N7xFWEIJGTdr3voJd1NUuGyY1u+67o8oJoOYbk5QIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFJQ5l7Q7PwxCMIhRvxybHz4yJsWJMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbERtWHREc19ERUl3aUZHX0hKc2ZQaklteFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBABU
IAgDBABUIAoDBABUIBgDBABUIDADBABUIDIDBABUIDoDBABUIEcDBABUIFgDBABU
IF0DBAFUIGwDBAFUIJYDBABUILEDBABUINoDBABUIOIDBABUIOgDBABUIO8DBABU
IPUDBABY2AMDBABY2CADBABY2C4DBABY2FwDBABY2IYDBABY2McDBAFY2NIwDQYJ
KoZIhvcNAQELBQADggEBAJPeJgshqd86mbKFu+fppgz/n32PaK4WiXR/dfWOJqGe
ZtNFCNIx3LSlFFwysXfGCniwJ1Wk6mYoUKa3f05ap0Bs8MC/zodGqTv0IJUfSfqh
THnDvRjz66dwqSGl25RHAjSiNB0JIdwjmv9M1VyWmR5zDhTKadS86FLxWeeGnrL9
rwr8IxlhNocXr+i8Bw8IyV83U1svWBT4F36qyC/Axx1A5YIFJHW+s2lMwsqPziZ/
yug9JPcZAMGU30AppMIgLZ+Gkx5UFBZPCcA4clOK7hRqFqEhnzzXO8AXr/lkL/9r
jzCW4pt1AMU/8Bry1v2x9+vXZzCLL1HsEHGvF0+p/HI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:32 2023 by rpki-client on console-ams.rpki-client.org