Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rRD23EYnjrL5XE8x4vQWl0-z4VI.roa
File: rRD23EYnjrL5XE8x4vQWl0-z4VI.roa (raw, json)
Hash identifier: 52IHfPGW/Yi7OQ3ni6Hw5pzrsU3taNHtN44NSZAEHtA=
Subject key identifier: AD:10:F6:DC:46:27:8E:B2:F9:5C:4F:31:E2:F4:16:97:4F:B3:E1:52
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018B770DD120881BA3C7D01BC014C3EA5FE5
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rRD23EYnjrL5XE8x4vQWl0-z4VI.roa
Signing time: Sat 28 Oct 2023 16:11:16 +0000
ROA not before: Sat 28 Oct 2023 16:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.249.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.178.0/23 maxlen: 24
84.32.210.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.182.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.208.0/24 maxlen: 24
88.216.110.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.107.0/24 maxlen: 24
88.216.109.0/24 maxlen: 24
88.216.106.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.223.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.66.0/24 maxlen: 24
88.216.67.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.102.0/24 maxlen: 24
88.216.104.0/24 maxlen: 24
88.216.105.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.33.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.42.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Oct 2023 18:24:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:77:0d:d1:20:88:1b:a3:c7:d0:1b:c0:14:c3:ea:5f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 28 16:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad10f6dc46278eb2f95c4f31e2f416974fb3e152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:67:2d:62:76:ea:ac:02:55:c3:c8:46:d7:f2:
41:91:f5:e3:62:6f:5d:e3:96:0f:b4:e0:a1:db:85:
5e:76:a5:ad:f2:fe:41:f4:12:7e:2b:ba:9d:50:e0:
5e:93:42:b9:03:6b:ef:b7:1c:7e:05:2b:0c:0c:51:
2d:7e:7f:6c:0e:d8:c9:8e:59:51:09:3a:3c:dd:f4:
35:01:4e:e1:3c:5e:a3:53:70:aa:cc:b9:06:43:42:
b9:44:c6:88:43:68:3b:06:ca:a4:58:a8:d7:c2:9a:
6e:4f:98:1d:6b:35:0d:ca:4f:b4:48:30:00:47:3a:
1c:84:90:1c:d1:0a:34:49:1f:f5:ee:f0:b8:76:8e:
35:fd:92:69:cc:f7:69:a6:2d:1a:09:64:85:62:a3:
94:be:f7:1c:76:53:8f:8a:43:1f:f2:c7:79:8e:88:
cf:ce:72:d6:15:f8:07:c9:1f:57:37:e2:6e:7b:7d:
be:e6:04:aa:8d:df:62:88:e3:bb:15:f1:e4:37:63:
0e:63:35:00:e4:a6:73:70:63:9f:84:4b:c0:01:34:
40:71:47:05:d4:eb:e1:5f:23:79:3c:58:14:b6:2f:
27:48:e5:ce:c9:9d:e6:fb:5f:82:1a:f9:92:d1:4e:
95:20:8b:a7:47:ed:40:a2:8d:79:c7:22:36:f4:bf:
38:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:10:F6:DC:46:27:8E:B2:F9:5C:4F:31:E2:F4:16:97:4F:B3:E1:52
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rRD23EYnjrL5XE8x4vQWl0-z4VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.66.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.210.0/24
84.32.214.0/23
84.32.244.0/22
84.32.249.0/24
88.216.0.0/23
88.216.3.0/24
88.216.16.0/24
88.216.22.0/23
88.216.33.0/24
88.216.35.0/24
88.216.38.0/24
88.216.40.0/24
88.216.42.0-88.216.45.255
88.216.47.0/24
88.216.58.0/24
88.216.64.0/22
88.216.93.0/24
88.216.95.0/24
88.216.101.0-88.216.102.255
88.216.104.0/22
88.216.109.0-88.216.111.255
88.216.128.0-88.216.132.255
88.216.134.0/23
88.216.180.0/22
88.216.187.0-88.216.191.255
88.216.197.0-88.216.198.255
88.216.208.0/24
88.216.211.0-88.216.215.255
88.216.220.0/24
88.216.223.0/24
88.216.228.0/22
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:eb:ed:41:b7:95:65:fc:48:9e:f1:1b:f7:bc:50:61:53:c8:
0d:69:c9:a4:01:20:36:b3:e7:f0:75:92:38:f9:cc:ff:4e:71:
e1:15:50:5c:fd:4d:64:5d:1c:0d:87:ef:b5:21:5e:20:b6:f3:
37:ba:1a:d7:98:ad:14:b7:8b:da:88:ab:3d:37:86:31:42:62:
fc:59:17:5a:75:9f:1e:e9:7c:4f:f9:0a:36:b0:03:96:60:19:
61:1d:3b:a0:72:e3:7c:ce:79:23:7b:67:b5:9f:7a:dc:68:17:
87:e5:6e:89:b3:20:ad:84:04:ac:ab:8b:e5:7d:e3:74:b1:c2:
89:0d:0e:88:c7:5b:d7:c8:32:a6:71:b6:96:69:99:87:74:d3:
dd:36:20:84:f1:ae:d2:83:20:e7:51:c8:f8:21:d8:46:5d:31:
a6:17:ec:74:f9:3d:16:0c:aa:2a:74:b5:93:ae:45:4e:d4:5c:
68:1c:f1:b4:91:cb:35:44:6b:13:ba:6f:ab:41:5b:d2:01:c5:
a5:76:3c:f0:7b:f1:28:b4:46:8d:e1:07:4a:fa:5b:f4:83:a8:
d2:ed:66:da:cc:b4:a2:65:63:35:4a:33:53:25:51:b9:89:9d:
bf:71:17:7a:65:66:99:ff:43:13:0c:ad:57:be:a4:5a:62:5f:
b5:18:38:49
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgISAYt3DdEgiBujx9AbwBTD6l/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMDI4MTYxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDEwZjZkYzQ2Mjc4ZWIyZjk1YzRmMzFlMmY0MTY5NzRmYjNlMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomctYnbqrAJVw8hG1/JBkfXjYm9d
45YPtOCh24VedqWt8v5B9BJ+K7qdUOBek0K5A2vvtxx+BSsMDFEtfn9sDtjJjllR
CTo83fQ1AU7hPF6jU3CqzLkGQ0K5RMaIQ2g7BsqkWKjXwppuT5gdazUNyk+0SDAA
RzochJAc0Qo0SR/17vC4do41/ZJpzPdppi0aCWSFYqOUvvccdlOPikMf8sd5jojP
znLWFfgHyR9XN+Jue32+5gSqjd9iiOO7FfHkN2MOYzUA5KZzcGOfhEvAATRAcUcF
1OvhXyN5PFgUti8nSOXOyZ3m+1+CGvmS0U6VIIunR+1Aoo15xyI29L84LQIDAQAB
o4IDPTCCAzkwHQYDVR0OBBYEFK0Q9txGJ46y+VxPMeL0FpdPs+FSMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvclJEMjNFWW5qckw1WEU4eDR2UVdsMC16NFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUQYIKwYBBQUHAQcBAf8EggFAMIIBPDCCATgEAgABMIIB
MAMEAFQgCDAMAwQCVCAUAwQCVCAYAwQBVCAuAwQAVCBCAwQAVCBfAwQCVCCUAwQB
VCCuAwQBVCCyAwQAVCDSAwQBVCDWAwQCVCD0AwQAVCD5AwQBWNgAAwQAWNgDAwQA
WNgQAwQBWNgWAwQAWNghAwQAWNgjAwQAWNgmAwQAWNgoMAwDBAFY2CoDBAFY2CwD
BABY2C8DBABY2DoDBAJY2EADBABY2F0DBABY2F8wDAMEAFjYZQMEAFjYZgMEAljY
aDAMAwQAWNhtAwQEWNhgMAwDBAdY2IADBABY2IQDBAFY2IYDBAJY2LQwDAMEAFjY
uwMEBljYgDAMAwQAWNjFAwQAWNjGAwQAWNjQMAwDBABY2NMDBANY2NADBABY2NwD
BABY2N8DBAJY2OQDBAJY2OwwDQYJKoZIhvcNAQELBQADggEBAA7r7UG3lWX8SJ7x
G/e8UGFTyA1pyaQBIDaz5/B1kjj5zP9OceEVUFz9TWRdHA2H77UhXiC28ze6GteY
rRS3i9qIqz03hjFCYvxZF1p1nx7pfE/5CjawA5ZgGWEdO6By43zOeSN7Z7Wfetxo
F4flbomzIK2EBKyri+V943SxwokNDojHW9fIMqZxtpZpmYd00902IITxrtKDIOdR
yPgh2EZdMaYX7HT5PRYMqip0tZOuRU7UXGgc8bSRyzVEaxO6b6tBW9IBxaV2PPB7
8Si0Ro3hB0r6W/SDqNLtZtrMtKJlYzVKM1MlUbmJnb9xF3plZpn/QxMMrVe+pFpi
X7UYOEk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:32 2024 by rpki-client on console-ams.rpki-client.org