Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mRdooxJm4WQgjBgYGVBBhvbfO_w.roa
File: mRdooxJm4WQgjBgYGVBBhvbfO_w.roa (raw, json)
Hash identifier: fjDWuGk5HSpC10FbyVjQWNXIfGQVA3kYVr1pJsjaryY=
Subject key identifier: 99:17:68:A3:12:66:E1:64:20:8C:18:18:19:50:41:86:F6:DF:3B:FC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188C2F34AB72097E875AC253DA25B8AD248
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mRdooxJm4WQgjBgYGVBBhvbfO_w.roa
Signing time: Fri 16 Jun 2023 06:45:04 +0000
ROA not before: Fri 16 Jun 2023 06:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.56.0/24 maxlen: 24
84.32.62.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.31.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.178.0/23 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.214.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Jun 2023 05:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c2:f3:4a:b7:20:97:e8:75:ac:25:3d:a2:5b:8a:d2:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 16 06:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=991768a31266e164208c181819504186f6df3bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:11:85:9a:98:66:42:1f:2c:78:5a:65:2d:ca:
22:22:67:fb:f7:33:0a:a0:e1:c0:28:8d:3a:9c:06:
9c:eb:63:a5:e2:e2:e5:66:cb:7a:b4:9c:70:1e:ed:
75:0a:eb:a2:b1:f1:91:f8:8e:6d:a9:e9:d1:ef:29:
7c:5c:d1:43:fc:99:11:a9:7e:5c:13:05:07:05:f3:
86:25:c5:30:e5:ef:a0:f6:6b:d7:ed:8f:b0:64:26:
da:17:be:1b:76:e2:54:4f:e5:d6:18:7f:82:88:fb:
a6:aa:48:63:04:20:89:3e:86:44:21:ae:11:bc:42:
1e:3a:ed:91:a4:b8:f9:93:3c:ff:34:a1:7d:b2:25:
cb:48:d1:30:ed:93:4d:e5:6f:54:e7:e8:ea:48:1b:
17:6e:c0:5a:ba:57:cb:c3:5a:b2:21:5b:c4:51:92:
7f:67:42:5a:c9:80:95:db:b3:c6:b9:68:a5:68:2f:
da:41:5a:e9:ed:67:e7:bf:86:23:08:e0:cd:f1:0b:
c5:1f:45:a8:81:3f:94:3b:a3:2e:a2:42:6e:a5:f0:
c7:66:df:0e:47:15:e5:06:b3:0f:2d:41:e3:86:50:
7d:f4:92:0e:4b:d0:b1:4e:76:29:8c:70:b5:f7:22:
36:1c:c4:35:b7:37:19:9e:79:c2:67:7a:83:89:ef:
c4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:17:68:A3:12:66:E1:64:20:8C:18:18:19:50:41:86:F6:DF:3B:FC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mRdooxJm4WQgjBgYGVBBhvbfO_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.31.0/24
84.32.42.0/24
84.32.46.0/24
84.32.56.0/24
84.32.60.0/24
84.32.62.0/24
84.32.65.0/24
84.32.67.0-84.32.68.255
84.32.79.0/24
84.32.92.0/24
84.32.108.0-84.32.110.255
84.32.148.0/22
84.32.153.0/24
84.32.156.0/22
84.32.178.0/23
84.32.214.0/23
84.32.221.0/24
84.32.224.0/24
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.243.0/24
84.32.246.0/23
84.32.250.0-84.32.253.255
88.216.0.0/24
88.216.3.0/24
88.216.16.0/24
88.216.22.0/23
88.216.32.0/24
88.216.35.0/24
88.216.38.0-88.216.40.255
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.100.0/23
88.216.111.0/24
88.216.130.0/23
88.216.134.0/23
88.216.180.0/24
88.216.183.0/24
88.216.188.0/23
88.216.197.0/24
88.216.212.0/22
88.216.220.0/24
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
5a:56:8c:f2:6b:1d:0b:79:fc:a0:89:3a:ee:08:2a:9b:b4:bd:
4d:a6:47:ad:58:78:93:83:b9:7c:4c:41:7c:d4:5e:78:ec:a4:
2b:1b:ae:a2:04:57:28:63:64:70:5e:45:ac:fd:7e:02:04:46:
da:81:12:25:b2:b9:5a:ef:96:ae:c4:97:69:7d:c1:20:a5:a7:
1f:86:c2:30:60:a0:10:f6:c4:41:d4:4b:fc:37:b1:ec:f3:32:
e6:45:37:d0:6f:82:7b:fb:04:b0:43:31:55:a9:8e:2b:b6:21:
c1:03:72:c2:48:48:d3:95:f1:ec:3a:57:2e:70:00:69:c7:1b:
09:a7:a5:f9:c2:ad:72:da:af:d3:89:f9:1c:54:91:fa:8c:73:
3d:ba:54:c1:46:77:f7:1b:98:07:87:67:6d:08:c8:3a:8d:0b:
11:3b:ca:ba:64:88:18:f5:7f:25:60:59:4e:94:ef:21:30:c4:
3b:35:4c:23:a8:75:23:51:24:98:98:94:54:e3:c7:fa:e9:8a:
c1:2e:df:2b:ba:53:43:74:21:0a:7a:df:73:57:ea:1f:e0:ec:
4e:a7:f7:f9:e5:54:c7:92:b5:26:18:7c:e1:a2:cd:a6:66:00:
f3:78:5e:7e:0d:f8:4e:58:a1:3a:6e:af:44:ff:3a:86:30:95:
c7:50:c2:45
-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgISAYjC80q3IJfodawlPaJbitJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjE2MDY0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTE3NjhhMzEyNjZlMTY0MjA4YzE4MTgxOTUwNDE4NmY2ZGYzYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBGFmphmQh8seFplLcoiImf79zMK
oOHAKI06nAac62Ol4uLlZst6tJxwHu11CuuisfGR+I5tqenR7yl8XNFD/JkRqX5c
EwUHBfOGJcUw5e+g9mvX7Y+wZCbaF74bduJUT+XWGH+CiPumqkhjBCCJPoZEIa4R
vEIeOu2RpLj5kzz/NKF9siXLSNEw7ZNN5W9U5+jqSBsXbsBaulfLw1qyIVvEUZJ/
Z0JayYCV27PGuWilaC/aQVrp7Wfnv4YjCODN8QvFH0WogT+UO6MuokJupfDHZt8O
RxXlBrMPLUHjhlB99JIOS9CxTnYpjHC19yI2HMQ1tzcZnnnCZ3qDie/EVwIDAQAB
o4IDaTCCA2UwHQYDVR0OBBYEFJkXaKMSZuFkIIwYGBlQQYb23zv8MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbVJkb294Sm00V1FnakJnWUdWQkJodmJmT193LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfQYIKwYBBQUHAQcBAf8EggFsMIIBaDCCAWQEAgABMIIB
XAMEAFQgCDAMAwQCVCAUAwQCVCAYAwQAVCAfAwQAVCAqAwQAVCAuAwQAVCA4AwQA
VCA8AwQAVCA+AwQAVCBBMAwDBABUIEMDBABUIEQDBABUIE8DBABUIFwwDAMEAlQg
bAMEAFQgbgMEAlQglAMEAFQgmQMEAlQgnAMEAVQgsgMEAVQg1gMEAFQg3QMEAFQg
4DAMAwQAVCDnAwQAVCDoAwQAVCDrMAwDBABUIO8DBABUIPADBABUIPMDBAFUIPYw
DAMEAVQg+gMEAVQg/AMEAFjYAAMEAFjYAwMEAFjYEAMEAVjYFgMEAFjYIAMEAFjY
IzAMAwQBWNgmAwQAWNgoAwQBWNgsMAwDBANY2DgDBAFY2EADBAFY2GQDBABY2G8D
BAFY2IIDBAFY2IYDBABY2LQDBABY2LcDBAFY2LwDBABY2MUDBAJY2NQDBABY2Nww
DAMEAljY7AMEA1jY8DANBgkqhkiG9w0BAQsFAAOCAQEAWlaM8msdC3n8oIk67ggq
m7S9TaZHrVh4k4O5fExBfNReeOykKxuuogRXKGNkcF5FrP1+AgRG2oESJbK5Wu+W
rsSXaX3BIKWnH4bCMGCgEPbEQdRL/Dex7PMy5kU30G+Ce/sEsEMxVamOK7YhwQNy
wkhI05Xx7DpXLnAAaccbCael+cKtctqv04n5HFSR+oxzPbpUwUZ39xuYB4dnbQjI
Oo0LETvKumSIGPV/JWBZTpTvITDEOzVMI6h1I1EkmJiUVOPH+umKwS7fK7pTQ3Qh
Cnrfc1fqH+DsTqf3+eVUx5K1Jhh84aLNpmYA83hefg34TlihOm6vRP86hjCVx1DC
RQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:35 2024 by rpki-client on console-fra.rpki-client.org