Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mQlt1kRRyAZz-NXYmyJln631ZeY.roa
File: mQlt1kRRyAZz-NXYmyJln631ZeY.roa (raw, json)
Hash identifier: /sXqHSJPOM/sMkAa9YRJzo+cgjM5SFRBhHFyO2mumk8=
Subject key identifier: 99:09:6D:D6:44:51:C8:06:73:F8:D5:D8:9B:22:65:9F:AD:F5:65:E6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186743F189D5996A23FABEB37DC99A5F0C4
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mQlt1kRRyAZz-NXYmyJln631ZeY.roa
Signing time: Tue 21 Feb 2023 13:52:17 +0000
ROA not before: Tue 21 Feb 2023 13:52:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.186.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.108.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.32.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.109.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Feb 2023 13:53:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:3f:18:9d:59:96:a2:3f:ab:eb:37:dc:99:a5:f0:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 21 13:52:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99096dd64451c80673f8d5d89b22659fadf565e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2f:71:f7:4d:0a:09:a0:ab:db:00:ce:cd:2c:
09:af:c8:b8:6c:e1:c0:4f:27:4e:7f:bb:66:c1:6e:
67:7f:d9:49:62:eb:41:58:12:d7:d9:75:db:0e:8c:
6a:cb:b3:a8:45:39:bf:79:17:35:63:e2:28:3b:c0:
10:b0:22:57:ab:4d:cb:20:b2:19:40:73:21:9d:5d:
6b:97:df:84:65:7a:9b:ca:03:6b:4e:01:27:b7:c5:
03:a1:cb:67:09:41:e2:69:85:ea:b9:92:9a:2d:73:
a6:fd:c9:4e:fb:3c:d6:9c:f7:d6:b8:05:03:ab:da:
ab:31:be:60:bc:47:ba:05:bd:a7:61:b5:25:05:1a:
a6:63:c9:ee:86:a3:97:ac:b5:1f:23:df:39:f3:55:
af:c3:06:33:8c:2b:28:7d:54:a8:ab:cc:a0:ac:ed:
ae:33:e7:c3:19:dd:4a:6d:f2:56:c4:2a:63:f1:2e:
92:0a:20:6c:2f:4d:13:41:78:cb:31:dc:db:b1:d2:
7d:df:8a:11:6b:49:2b:04:5d:65:d1:91:cf:72:48:
72:8b:a6:3c:ad:ee:2e:16:26:16:6c:17:e0:40:16:
a0:91:6c:7d:aa:0d:5b:86:7b:27:8c:d3:92:64:b7:
55:fa:bf:69:83:ef:24:bd:b0:98:9e:dc:0f:de:49:
19:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:09:6D:D6:44:51:C8:06:73:F8:D5:D8:9B:22:65:9F:AD:F5:65:E6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mQlt1kRRyAZz-NXYmyJln631ZeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.30.0/24
84.32.32.0/24
84.32.46.0/24
84.32.76.0/23
84.32.79.0/24
84.32.109.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.221.0-84.32.222.255
84.32.229.0/24
84.32.239.0-84.32.240.255
84.32.242.0/23
84.32.252.0/23
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.93.0/24
88.216.108.0/24
88.216.128.0/24
88.216.132.0-88.216.134.255
88.216.186.0/24
88.216.189.0-88.216.190.255
88.216.215.0/24
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
04:6e:5c:d9:25:6e:74:99:bb:d1:7f:06:14:fe:0b:ed:61:f9:
82:b6:7e:12:93:9a:b2:b4:a7:6f:f2:13:ab:ab:bc:c5:72:95:
a3:15:8b:81:98:2e:68:c8:b9:b1:3f:2e:65:51:a1:b3:bc:30:
a7:aa:b8:89:df:33:bc:41:02:be:5e:98:9f:23:a4:88:14:49:
03:06:1f:ea:f2:56:ef:67:d8:38:1a:6d:76:bc:c3:38:18:4a:
24:39:75:2f:34:fc:9f:da:82:b3:31:ba:53:ae:66:23:bb:f0:
96:05:4f:b3:5d:b9:76:27:41:e6:60:20:89:f7:dd:75:64:48:
69:c7:37:ae:ae:23:6c:e1:87:29:6a:fc:25:82:6c:42:39:ac:
91:42:46:ad:f0:33:b3:4d:90:b7:88:bf:5a:36:1f:71:cd:ab:
e9:b5:0f:31:04:37:3a:a9:93:50:5c:91:65:f7:04:50:73:0f:
04:f4:f5:41:77:71:bc:f5:26:27:fd:f8:8a:2a:b2:60:dd:56:
11:77:d3:9b:08:4b:d9:55:85:5a:a4:5d:58:5b:a2:1b:49:fa:
d3:ea:10:9b:3c:5c:e3:11:66:80:8d:27:be:81:62:69:2b:8a:
45:e4:f1:33:ef:11:96:c3:ce:b9:83:6d:2e:c6:31:b3:ce:b6:
dd:af:37:0f
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAYZ0PxidWZaiP6vrN9yZpfDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjIxMTM1MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTA5NmRkNjQ0NTFjODA2NzNmOGQ1ZDg5YjIyNjU5ZmFkZjU2NWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAty9x900KCaCr2wDOzSwJr8i4bOHA
TydOf7tmwW5nf9lJYutBWBLX2XXbDoxqy7OoRTm/eRc1Y+IoO8AQsCJXq03LILIZ
QHMhnV1rl9+EZXqbygNrTgEnt8UDoctnCUHiaYXquZKaLXOm/clO+zzWnPfWuAUD
q9qrMb5gvEe6Bb2nYbUlBRqmY8nuhqOXrLUfI98581WvwwYzjCsofVSoq8ygrO2u
M+fDGd1KbfJWxCpj8S6SCiBsL00TQXjLMdzbsdJ934oRa0krBF1l0ZHPckhyi6Y8
re4uFiYWbBfgQBagkWx9qg1bhnsnjNOSZLdV+r9pg+8kvbCYntwP3kkZ2wIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFJkJbdZEUcgGc/jV2JsiZZ+t9WXmMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbVFsdDFrUlJ5QVp6LU5YWW15SmxuNjMxWmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAJU
IBgDBABUIB4DBABUICADBABUIC4DBAFUIEwDBABUIE8DBABUIG0DBABUILMDBABU
INQDBAFUINYwDAMEAFQg3QMEAFQg3gMEAFQg5TAMAwQAVCDvAwQAVCDwAwQBVCDy
AwQBVCD8AwQAWNgRAwQAWNgVAwQAWNggAwQAWNhdAwQAWNhsAwQAWNiAMAwDBAJY
2IQDBABY2IYDBABY2LowDAMEAFjYvQMEAFjYvgMEAFjY1wMEAFjY3DANBgkqhkiG
9w0BAQsFAAOCAQEABG5c2SVudJm70X8GFP4L7WH5grZ+EpOasrSnb/ITq6u8xXKV
oxWLgZguaMi5sT8uZVGhs7wwp6q4id8zvEECvl6YnyOkiBRJAwYf6vJW72fYOBpt
drzDOBhKJDl1LzT8n9qCszG6U65mI7vwlgVPs125didB5mAgiffddWRIacc3rq4j
bOGHKWr8JYJsQjmskUJGrfAzs02Qt4i/WjYfcc2r6bUPMQQ3OqmTUFyRZfcEUHMP
BPT1QXdxvPUmJ/34iiqyYN1WEXfTmwhL2VWFWqRdWFuiG0n60+oQmzxc4xFmgI0n
voFiaSuKReTxM+8RlsPOuYNtLsYxs8623a83Dw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org