Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/s3BsM6K_TWde1KiXDmGK3EPd6LA.roa
File: s3BsM6K_TWde1KiXDmGK3EPd6LA.roa (raw, json)
Hash identifier: K3RSNuZTfOk692GC859bLVG7vcTNck5SzCRMRjVii6M=
Subject key identifier: B3:70:6C:33:A2:BF:4D:67:5E:D4:A8:97:0E:61:8A:DC:43:DD:E8:B0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188DC5EDDA1FB5A2BFD94B80E4446CD4AC2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/s3BsM6K_TWde1KiXDmGK3EPd6LA.roa
Signing time: Wed 21 Jun 2023 05:13:04 +0000
ROA not before: Wed 21 Jun 2023 05:13:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.56.0/24 maxlen: 24
84.32.62.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.31.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.178.0/23 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.184.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.109.0/24 maxlen: 24
88.216.106.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.214.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dc:5e:dd:a1:fb:5a:2b:fd:94:b8:0e:44:46:cd:4a:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 21 05:13:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3706c33a2bf4d675ed4a8970e618adc43dde8b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d3:e3:97:67:3e:a7:50:54:1e:c9:02:08:51:
a8:d2:6d:e5:93:4e:09:bd:1f:b1:6f:86:40:c4:d7:
96:12:28:9b:ef:a1:8a:1b:9f:68:5d:c4:39:81:21:
f4:3c:a4:50:67:ab:b8:68:b9:df:3d:de:0f:db:77:
2f:9e:85:52:be:84:a4:ab:f1:67:60:0f:d2:5b:95:
81:03:da:53:a5:fb:b3:e9:b1:de:b9:e5:02:b6:b1:
9e:3d:f2:ce:19:9e:bd:27:92:b7:10:39:8d:89:18:
4b:60:03:c0:02:65:4d:fb:61:53:27:06:d6:30:ae:
be:c5:d4:a4:d7:15:20:3a:4e:27:15:c8:38:db:b4:
66:68:5c:15:cc:62:f4:a5:30:f8:10:e2:82:33:d4:
8b:54:e5:40:54:48:f6:72:35:4c:d0:e7:02:09:75:
2d:75:91:ed:3c:4b:b2:70:f8:ea:cb:9c:c9:0a:d6:
85:2f:10:7c:bb:0e:92:cb:b6:6f:a5:ab:30:14:ea:
76:03:f4:94:ab:30:0a:c8:e6:c0:9d:4d:9e:e2:9b:
e9:0d:9e:24:20:19:ac:62:7c:08:10:18:e0:3f:6e:
b9:d8:b4:bc:67:69:7d:c1:28:84:d6:75:98:96:38:
75:80:6d:5a:45:d9:f8:77:5e:16:10:d7:63:18:fc:
fe:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:70:6C:33:A2:BF:4D:67:5E:D4:A8:97:0E:61:8A:DC:43:DD:E8:B0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/s3BsM6K_TWde1KiXDmGK3EPd6LA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.31.0/24
84.32.42.0/24
84.32.46.0/24
84.32.56.0/24
84.32.60.0/24
84.32.62.0/24
84.32.65.0/24
84.32.67.0-84.32.68.255
84.32.79.0/24
84.32.92.0/24
84.32.108.0-84.32.110.255
84.32.148.0/22
84.32.153.0/24
84.32.156.0/22
84.32.178.0/23
84.32.214.0/23
84.32.221.0/24
84.32.224.0/24
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.243.0/24
84.32.246.0/23
84.32.250.0-84.32.253.255
88.216.0.0/24
88.216.3.0/24
88.216.16.0/24
88.216.22.0/23
88.216.32.0/24
88.216.35.0/24
88.216.38.0-88.216.40.255
88.216.44.0/23
88.216.56.0/24
88.216.58.0-88.216.65.255
88.216.100.0/23
88.216.106.0/24
88.216.109.0/24
88.216.111.0/24
88.216.130.0/23
88.216.134.0/23
88.216.180.0/24
88.216.183.0-88.216.184.255
88.216.188.0/23
88.216.197.0/24
88.216.212.0/22
88.216.220.0/24
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
4f:84:b6:f7:90:7c:17:83:e5:54:fa:91:3c:5a:bd:46:ff:8f:
be:39:9b:77:b6:38:bf:41:b1:9e:da:5f:f0:45:f6:5f:a6:41:
f8:22:45:78:f7:0f:94:0c:78:95:28:43:d1:62:29:7a:9e:a0:
db:ee:43:ca:f5:c0:4f:c1:9a:43:b4:a8:92:95:e1:3f:dd:e2:
93:6f:a9:d2:17:43:2d:da:b9:ad:93:4f:db:68:bc:85:bb:15:
e7:f7:06:8d:45:cb:37:29:79:f5:5d:9c:d7:52:a7:63:fd:cc:
47:7e:5c:b1:0d:7c:f0:4c:f3:e2:95:8a:cf:80:20:18:9a:e4:
17:48:de:f9:7c:8d:c3:53:23:e3:42:74:de:b4:ed:76:79:83:
89:2a:07:69:a7:ab:e6:fb:83:ec:c0:b2:a3:64:af:c4:65:d6:
30:08:d7:32:15:7e:67:10:88:75:93:63:ce:2a:69:80:a0:30:
06:d3:fa:7c:55:aa:f4:31:e0:8f:cc:c9:f6:ef:ef:c9:75:85:
c8:fb:e1:45:bf:01:ab:ce:90:e3:fd:60:ce:ba:c8:a7:fd:75:
7f:1f:f3:ce:73:7a:d8:48:6f:34:80:28:6d:2d:62:44:2c:13:
71:a1:33:25:7c:22:d8:f5:f8:38:d6:76:d8:c9:00:cf:f1:ef:
80:bb:fb:c0
-----BEGIN CERTIFICATE-----
MIIGdzCCBV+gAwIBAgISAYjcXt2h+1or/ZS4DkRGzUrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjIxMDUxMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzcwNmMzM2EyYmY0ZDY3NWVkNGE4OTcwZTYxOGFkYzQzZGRlOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNPjl2c+p1BUHskCCFGo0m3lk04J
vR+xb4ZAxNeWEiib76GKG59oXcQ5gSH0PKRQZ6u4aLnfPd4P23cvnoVSvoSkq/Fn
YA/SW5WBA9pTpfuz6bHeueUCtrGePfLOGZ69J5K3EDmNiRhLYAPAAmVN+2FTJwbW
MK6+xdSk1xUgOk4nFcg427RmaFwVzGL0pTD4EOKCM9SLVOVAVEj2cjVM0OcCCXUt
dZHtPEuycPjqy5zJCtaFLxB8uw6Sy7ZvpaswFOp2A/SUqzAKyObAnU2e4pvpDZ4k
IBmsYnwIEBjgP2652LS8Z2l9wSiE1nWYljh1gG1aRdn4d14WENdjGPz+8QIDAQAB
o4IDgzCCA38wHQYDVR0OBBYEFLNwbDOiv01nXtSolw5hitxD3eiwMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvczNCc002S19UV2RlMUtpWERtR0szRVBkNkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlwYIKwYBBQUHAQcBAf8EggGGMIIBgjCCAX4EAgABMIIB
dgMEAFQgCDAMAwQCVCAUAwQCVCAYAwQAVCAfAwQAVCAqAwQAVCAuAwQAVCA4AwQA
VCA8AwQAVCA+AwQAVCBBMAwDBABUIEMDBABUIEQDBABUIE8DBABUIFwwDAMEAlQg
bAMEAFQgbgMEAlQglAMEAFQgmQMEAlQgnAMEAVQgsgMEAVQg1gMEAFQg3QMEAFQg
4DAMAwQAVCDnAwQAVCDoAwQAVCDrMAwDBABUIO8DBABUIPADBABUIPMDBAFUIPYw
DAMEAVQg+gMEAVQg/AMEAFjYAAMEAFjYAwMEAFjYEAMEAVjYFgMEAFjYIAMEAFjY
IzAMAwQBWNgmAwQAWNgoAwQBWNgsAwQAWNg4MAwDBAFY2DoDBAFY2EADBAFY2GQD
BABY2GoDBABY2G0DBABY2G8DBAFY2IIDBAFY2IYDBABY2LQwDAMEAFjYtwMEAFjY
uAMEAVjYvAMEAFjYxQMEAljY1AMEAFjY3DAMAwQCWNjsAwQDWNjwMA0GCSqGSIb3
DQEBCwUAA4IBAQBPhLb3kHwXg+VU+pE8Wr1G/4++OZt3tji/QbGe2l/wRfZfpkH4
IkV49w+UDHiVKEPRYil6nqDb7kPK9cBPwZpDtKiSleE/3eKTb6nSF0Mt2rmtk0/b
aLyFuxXn9waNRcs3KXn1XZzXUqdj/cxHflyxDXzwTPPilYrPgCAYmuQXSN75fI3D
UyPjQnTetO12eYOJKgdpp6vm+4PswLKjZK/EZdYwCNcyFX5nEIh1k2POKmmAoDAG
0/p8Var0MeCPzMn27+/JdYXI++FFvwGrzpDj/WDOusin/XV/H/POc3rYSG80gCht
LWJELBNxoTMlfCLY9fg41nbYyQDP8e+Au/vA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:33 2023 by rpki-client on console-ams.rpki-client.org