Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oRY3EFXmU4hYPPall9kLrsb2p04.roa
File: oRY3EFXmU4hYPPall9kLrsb2p04.roa (raw, json)
Hash identifier: Tdp110DAhCXeneYuW4LTZ0I9UyJ433B3nEjPqYo3W9E=
Subject key identifier: A1:16:37:10:55:E6:53:88:58:3C:F6:A5:97:D9:0B:AE:C6:F6:A7:4E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186FF14F100FEB55B621305C58DA2A9B6A4
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oRY3EFXmU4hYPPall9kLrsb2p04.roa
Signing time: Mon 20 Mar 2023 12:53:27 +0000
ROA not before: Mon 20 Mar 2023 12:53:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ff:14:f1:00:fe:b5:5b:62:13:05:c5:8d:a2:a9:b6:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 20 12:53:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a116371055e65388583cf6a597d90baec6f6a74e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:72:bd:4c:ab:fc:5b:9e:98:84:ad:65:26:2c:
29:d0:2a:b2:ef:52:18:2f:db:bd:cc:9c:c9:14:3f:
42:6f:37:4a:2c:96:64:9b:7d:7c:f0:9e:9b:1c:31:
84:77:51:05:8e:8e:e1:bf:f0:68:22:e4:05:68:68:
06:69:23:bf:47:72:5b:a3:99:d4:11:98:d2:ad:e6:
ff:3e:0e:2a:f1:88:9e:a4:d9:39:38:f0:f2:5a:26:
24:b0:a9:6d:ad:4b:01:6b:4e:db:ad:ff:2a:f5:58:
cb:e0:62:73:68:56:33:10:02:f8:d5:43:84:ad:3c:
38:40:43:2d:2c:b2:ba:1f:0c:9e:ff:fa:fa:1c:82:
38:18:f6:9d:3b:45:78:7d:89:33:06:20:80:69:ec:
e8:22:28:1e:98:b9:00:c2:7f:f0:6f:04:e6:14:26:
fe:39:7e:1f:33:02:c4:41:40:df:3f:2a:19:11:12:
7c:e4:65:2b:93:fe:e2:bb:9d:23:91:ee:69:d5:99:
bb:12:3f:61:66:2e:27:d6:81:bc:e6:0d:f1:03:0f:
f1:5a:0c:0c:16:11:21:c0:a8:73:29:51:11:26:b3:
0c:3a:e1:94:00:63:17:aa:0e:d4:45:52:9d:49:77:
7c:e8:b6:0b:58:80:61:a6:35:bf:7e:cf:8a:2c:70:
50:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:16:37:10:55:E6:53:88:58:3C:F6:A5:97:D9:0B:AE:C6:F6:A7:4E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oRY3EFXmU4hYPPall9kLrsb2p04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.71.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.148.0/22
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.224.0/24
84.32.227.0/24
84.32.229.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.252.0/23
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.186.0/24
88.216.189.0/24
88.216.215.0/24
88.216.228.0-88.216.235.255
Signature Algorithm: sha256WithRSAEncryption
02:25:ab:d8:02:57:7e:45:07:a2:a1:8c:5b:cf:34:9b:09:a4:
28:b9:ba:5d:84:88:0e:b1:2a:b8:d7:f9:a9:33:68:5d:31:fc:
39:b0:7e:06:6b:44:26:45:c2:a4:98:d3:7b:45:cf:b1:39:9d:
61:ab:2a:0d:b4:f6:80:6b:1d:5c:53:2d:a6:c0:b3:fe:b3:72:
b7:5c:ed:6b:d2:22:4e:d4:a8:bd:3b:d1:e1:d3:43:6f:53:3d:
42:1c:f5:1e:90:18:cd:39:d6:d5:ab:e1:42:7b:1a:c9:6f:66:
de:c0:ce:34:78:fe:6d:fa:7d:46:42:92:0a:d7:8d:68:ee:e1:
e2:c7:a2:ed:93:ad:00:69:1e:83:c1:bd:ac:25:e1:15:81:a0:
16:52:d4:a8:1b:21:9e:85:00:3a:b8:f3:80:5c:eb:b3:b6:d9:
43:49:32:de:97:1f:99:e4:17:87:85:87:3d:94:b5:92:62:23:
f9:19:d0:45:bc:e2:ee:eb:33:7d:4f:f9:b2:c1:98:e9:50:97:
65:e7:13:80:53:82:2d:db:a4:22:41:4e:e6:4f:57:4b:0d:dd:
53:41:97:43:e6:82:29:86:a3:3d:57:88:ac:1c:37:99:a1:f6:
e2:22:d0:b6:b4:b9:bb:0c:12:33:05:1a:0e:2b:e7:39:34:9b:
fa:6a:bf:f0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAYb/FPEA/rVbYhMFxY2iqbakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzIwMTI1MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTE2MzcxMDU1ZTY1Mzg4NTgzY2Y2YTU5N2Q5MGJhZWM2ZjZhNzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonK9TKv8W56YhK1lJiwp0Cqy71IY
L9u9zJzJFD9CbzdKLJZkm3188J6bHDGEd1EFjo7hv/BoIuQFaGgGaSO/R3Jbo5nU
EZjSreb/Pg4q8YiepNk5OPDyWiYksKltrUsBa07brf8q9VjL4GJzaFYzEAL41UOE
rTw4QEMtLLK6Hwye//r6HII4GPadO0V4fYkzBiCAaezoIigemLkAwn/wbwTmFCb+
OX4fMwLEQUDfPyoZERJ85GUrk/7iu50jke5p1Zm7Ej9hZi4n1oG85g3xAw/xWgwM
FhEhwKhzKVERJrMMOuGUAGMXqg7URVKdSXd86LYLWIBhpjW/fs+KLHBQLQIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFKEWNxBV5lOIWDz2pZfZC67G9qdOMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvb1JZM0VGWG1VNGhZUFBhbGw5a0xyc2IycDA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB/wQCAAEwgfgD
BABUIAgDBAJUIBgDBABUIB4DBABUIC4DBABUIEcDBABUIE0DBABUIE8DBABUIFgD
BAJUIJQDBAFUIK4DBABUILEDBABUILMDBABUINQDBAFUINYDBABUINoDBABUIN0D
BABUIOADBABUIOMDBABUIOUDBABUIOgwDAMEAFQg7wMEAFQg8DAMAwQBVCDyAwQB
VCD0AwQBVCD8AwQAWNgDAwQAWNgRAwQAWNgVAwQAWNggAwQAWNgkAwQBWNhcAwQA
WNhvAwQAWNiAMAwDBABY2IMDBAFY2IQDBABY2LoDBABY2L0DBABY2NcwDAMEAljY
5AMEAljY6DANBgkqhkiG9w0BAQsFAAOCAQEAAiWr2AJXfkUHoqGMW880mwmkKLm6
XYSIDrEquNf5qTNoXTH8ObB+BmtEJkXCpJjTe0XPsTmdYasqDbT2gGsdXFMtpsCz
/rNyt1zta9IiTtSovTvR4dNDb1M9Qhz1HpAYzTnW1avhQnsayW9m3sDONHj+bfp9
RkKSCteNaO7h4sei7ZOtAGkeg8G9rCXhFYGgFlLUqBshnoUAOrjzgFzrs7bZQ0ky
3pcfmeQXh4WHPZS1kmIj+RnQRbzi7uszfU/5ssGY6VCXZecTgFOCLdukIkFO5k9X
Sw3dU0GXQ+aCKYajPVeIrBw3maH24iLQtrS5uwwSMwUaDivnOTSb+mq/8A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:33 2023 by rpki-client on console-ams.rpki-client.org