Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pG3ZgnIRLNrpQhUMrUSJ0B4cWcs.roa
File: pG3ZgnIRLNrpQhUMrUSJ0B4cWcs.roa (raw, json)
Hash identifier: 377gd1l4Oa1LYsaLpV/xUFT4QUASPvHYt4qKwSSRypg=
Subject key identifier: A4:6D:D9:82:72:11:2C:DA:E9:42:15:0C:AD:44:89:D0:1E:1C:59:CB
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01883FC6FB4413860A6CFA140B1DA998910E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pG3ZgnIRLNrpQhUMrUSJ0B4cWcs.roa
Signing time: Sun 21 May 2023 19:26:25 +0000
ROA not before: Sun 21 May 2023 19:26:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.217.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.213.0/24 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.208.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.107.0/24 maxlen: 24
88.216.108.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.105.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 May 2023 07:27:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:3f:c6:fb:44:13:86:0a:6c:fa:14:0b:1d:a9:98:91:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 21 19:26:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a46dd98272112cdae942150cad4489d01e1c59cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:06:e6:5f:95:ea:bb:fb:a5:a8:31:8a:b1:d0:
84:84:a1:72:8c:92:16:39:1b:4a:8c:79:f8:ed:bd:
fb:e8:8a:67:bc:7f:59:ee:c8:e4:17:22:15:48:3f:
65:ea:73:b6:c2:07:70:10:4a:5c:c7:35:d1:9a:f0:
ff:a3:9f:d7:b6:4d:da:a7:36:ef:37:89:cd:68:b5:
96:c1:bf:55:33:f7:ed:b1:c7:40:ef:f8:f1:7b:b1:
2e:34:20:b6:dd:ec:ba:5b:3f:03:1f:4b:ae:b4:8f:
ff:fc:59:77:12:5a:e4:4e:fb:32:66:db:a3:37:9c:
2b:8e:6f:92:5c:2e:c8:13:5d:0b:0f:2c:59:36:91:
ae:34:a5:0c:87:09:c1:7e:02:f9:4f:72:ff:fe:96:
2c:ef:65:b3:fe:a4:f4:c7:47:2b:5d:2b:0d:87:04:
f2:6f:0f:f5:b2:96:28:91:0e:cd:8d:90:3f:cd:e4:
c2:1c:27:3e:c4:22:d2:f9:29:c5:16:b8:d8:ed:e3:
75:2e:ce:70:d7:83:99:f0:0c:a7:14:89:5a:e7:93:
88:6c:8a:74:50:a3:73:b1:e5:1b:81:5c:1a:2e:8f:
21:f3:8d:3a:2c:4d:16:c5:6f:a5:84:93:fc:71:ab:
c4:cf:b7:29:e1:cd:ac:8f:57:ab:51:b1:32:9a:58:
da:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6D:D9:82:72:11:2C:DA:E9:42:15:0C:AD:44:89:D0:1E:1C:59:CB
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pG3ZgnIRLNrpQhUMrUSJ0B4cWcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.60.0/24
84.32.67.0-84.32.68.255
84.32.70.0/24
84.32.77.0/24
84.32.79.0/24
84.32.89.0/24
84.32.110.0/24
84.32.148.0/22
84.32.158.0/23
84.32.177.0/24
84.32.212.0/22
84.32.217.0-84.32.218.255
84.32.221.0/24
84.32.224.0/23
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.242.0/23
84.32.250.0-84.32.253.255
88.216.0.0/23
88.216.3.0/24
88.216.16.0/24
88.216.19.0/24
88.216.32.0/24
88.216.35.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.100.0/24
88.216.105.0/24
88.216.107.0-88.216.108.255
88.216.111.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.180.0/23
88.216.183.0/24
88.216.188.0/23
88.216.197.0/24
88.216.208.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/21
Signature Algorithm: sha256WithRSAEncryption
3d:09:cc:c7:fa:4b:3b:5a:aa:b8:c8:f5:f0:54:67:e8:e3:6f:
f6:bc:73:8a:47:f9:a3:f2:91:5e:91:a3:bd:44:12:1a:e9:b8:
90:1a:94:f0:7a:0b:f0:b4:0b:31:e0:08:b5:16:8d:83:87:fc:
9e:27:49:6c:6c:24:3c:07:2c:19:68:95:b7:a3:de:c5:a7:91:
ad:0d:79:26:af:cf:f9:2c:fc:b8:21:20:9e:f2:a6:44:cf:38:
35:5a:4a:b3:1d:db:37:f5:04:ac:fa:5d:ea:6f:e6:49:c7:3c:
8d:21:30:51:1a:b7:9f:da:94:37:ce:4a:6a:e0:d8:2b:d3:49:
cd:f4:4d:cf:95:ee:ea:2a:2d:1b:3e:d0:5a:c5:5e:b4:55:c3:
a8:14:1f:8e:2c:49:a9:e9:87:3b:6e:26:c8:7c:93:8c:c6:ba:
9f:c0:6a:6c:85:66:d3:b2:46:f5:9d:40:a9:30:12:12:91:a1:
76:22:16:1c:67:eb:08:ab:9b:79:10:1e:c7:d3:12:8b:8a:ac:
e8:9e:31:3b:91:2f:48:aa:ab:ae:c5:cd:6a:fd:cd:cf:20:31:
be:28:f0:60:ec:f7:ee:a4:93:cb:95:55:89:a9:c2:7f:60:28:
dd:1d:d7:c2:54:88:82:09:8e:ef:16:12:7d:9e:68:70:aa:e2:
d5:7a:a8:38
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAYg/xvtEE4YKbPoUCx2pmJEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNTIxMTkyNjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZkZDk4MjcyMTEyY2RhZTk0MjE1MGNhZDQ0ODlkMDFlMWM1OWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQbmX5Xqu/ulqDGKsdCEhKFyjJIW
ORtKjHn47b376IpnvH9Z7sjkFyIVSD9l6nO2wgdwEEpcxzXRmvD/o5/Xtk3apzbv
N4nNaLWWwb9VM/ftscdA7/jxe7EuNCC23ey6Wz8DH0uutI///Fl3ElrkTvsyZtuj
N5wrjm+SXC7IE10LDyxZNpGuNKUMhwnBfgL5T3L//pYs72Wz/qT0x0crXSsNhwTy
bw/1spYokQ7NjZA/zeTCHCc+xCLS+SnFFrjY7eN1Ls5w14OZ8AynFIla55OIbIp0
UKNzseUbgVwaLo8h8406LE0WxW+lhJP8cavEz7cp4c2sj1erUbEymljaEwIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFKRt2YJyESza6UIVDK1EidAeHFnLMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcEczWmduSVJMTnJwUWhVTXJVU0owQjRjV2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCCAVYEAgABMIIB
TgMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgLgMEAFQgPDAMAwQAVCBDAwQAVCBEAwQA
VCBGAwQAVCBNAwQAVCBPAwQAVCBZAwQAVCBuAwQCVCCUAwQBVCCeAwQAVCCxAwQC
VCDUMAwDBABUINkDBABUINoDBABUIN0DBAFUIOAwDAMEAFQg5wMEAFQg6AMEAFQg
6zAMAwQAVCDvAwQAVCDwAwQBVCDyMAwDBAFUIPoDBAFUIPwDBAFY2AADBABY2AMD
BABY2BADBABY2BMDBABY2CADBABY2CMDBAFY2CwwDAMEA1jYOAMEAVjYQAMEAFjY
ZAMEAFjYaTAMAwQAWNhrAwQAWNhsAwQAWNhvMAwDBAFY2IIDBABY2IQDBAFY2IYD
BAFY2LQDBABY2LcDBAFY2LwDBABY2MUDBABY2NADBAJY2NQDBABY2NwDBANY2Ogw
DQYJKoZIhvcNAQELBQADggEBAD0JzMf6SztaqrjI9fBUZ+jjb/a8c4pH+aPykV6R
o71EEhrpuJAalPB6C/C0CzHgCLUWjYOH/J4nSWxsJDwHLBlolbej3sWnka0NeSav
z/ks/LghIJ7ypkTPODVaSrMd2zf1BKz6Xepv5knHPI0hMFEat5/alDfOSmrg2CvT
Sc30Tc+V7uoqLRs+0FrFXrRVw6gUH44sSanphztuJsh8k4zGup/AamyFZtOyRvWd
QKkwEhKRoXYiFhxn6wirm3kQHsfTEouKrOieMTuRL0iqq67FzWr9zc8gMb4o8GDs
9+6kk8uVVYmpwn9gKN0d18JUiIIJju8WEn2eaHCq4tV6qDg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:35 2024 by rpki-client on console-fra.rpki-client.org