Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tCD9IC3fo5e1LUj8OmFGXwL86EE.roa
File: tCD9IC3fo5e1LUj8OmFGXwL86EE.roa (raw, json)
Hash identifier: zWEMIALOT7qCmUOPQVvkxRxgdTcqrc5Yiu7c3CPihwc=
Subject key identifier: B4:20:FD:20:2D:DF:A3:97:B5:2D:48:FC:3A:61:46:5F:02:FC:E8:41
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186C718244CEA51ABCCB8947C44F5FCD8CF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tCD9IC3fo5e1LUj8OmFGXwL86EE.roa
Signing time: Thu 09 Mar 2023 15:58:13 +0000
ROA not before: Thu 09 Mar 2023 15:58:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.186.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.199.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.173.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c7:18:24:4c:ea:51:ab:cc:b8:94:7c:44:f5:fc:d8:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 9 15:58:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b420fd202ddfa397b52d48fc3a61465f02fce841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:76:3a:2b:d7:c6:ee:e0:ec:af:3a:a9:4e:88:
8a:ea:ba:56:ee:17:73:f6:c7:e1:dc:e8:b5:0b:c6:
79:d6:95:89:18:67:97:43:bc:12:25:f1:c5:b2:61:
74:c7:f3:87:c6:49:22:74:38:bf:c4:f2:d2:a0:62:
16:dd:1f:50:ef:3e:24:98:67:c2:93:bc:9f:f4:cd:
70:a6:72:f7:9e:7c:eb:2a:e3:65:eb:b8:da:85:d5:
07:4d:a3:68:a0:68:a2:ea:d9:e6:3c:99:1b:c4:97:
02:ba:03:9e:4d:59:bd:53:57:b3:fb:aa:bd:3e:35:
bc:03:49:6a:dd:62:bf:cd:73:4a:8e:52:32:da:56:
11:c5:12:1a:0e:7a:14:f0:ad:37:94:e1:86:2c:5e:
c5:c0:a4:54:8d:07:67:8d:03:9a:44:40:bf:3a:26:
c9:95:d2:04:d4:78:88:ff:3d:84:79:ea:22:47:ea:
07:37:66:5c:dc:c4:f1:6c:29:ba:35:c1:e8:42:dc:
48:da:48:97:a0:25:4c:3e:c3:93:37:03:02:e1:35:
f3:a9:ab:d8:00:ef:59:30:1c:ea:50:f0:75:b5:72:
51:54:22:96:44:78:d0:de:d2:09:3e:24:cb:80:c1:
90:ae:3d:2d:c6:7c:dc:10:aa:0b:ab:4d:e3:68:6d:
81:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:20:FD:20:2D:DF:A3:97:B5:2D:48:FC:3A:61:46:5F:02:FC:E8:41
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tCD9IC3fo5e1LUj8OmFGXwL86EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.71.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.148.0/22
84.32.173.0-84.32.174.255
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.221.0-84.32.222.255
84.32.229.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0/23
84.32.245.0/24
84.32.252.0/23
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.92.0/23
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.186.0/24
88.216.189.0/24
88.216.199.0/24
88.216.215.0/24
88.216.228.0-88.216.235.255
Signature Algorithm: sha256WithRSAEncryption
31:e3:96:ee:20:92:d7:63:4e:c8:a0:c7:84:fb:41:77:71:7b:
ec:57:73:1a:b8:1d:80:ed:d6:4a:d7:49:51:da:dd:2c:c7:ef:
36:8e:79:60:9d:39:53:8f:d5:6f:c2:91:b7:f5:7d:61:75:27:
a3:e0:c7:63:c3:7f:1b:1d:2f:43:ba:88:8c:71:5c:ff:90:5e:
44:86:43:ca:fa:e3:90:8c:dc:6d:2a:f5:f5:fd:32:23:e1:9a:
45:76:7c:29:d2:6d:e8:50:87:5f:8a:76:15:1c:31:dc:4c:ad:
d3:32:69:62:12:9f:e7:f3:8e:ad:d3:21:c6:b7:f1:e8:12:85:
45:8c:b7:58:fc:f1:e0:39:59:8d:1d:8e:11:98:6c:5e:59:69:
61:ca:80:d0:22:63:4e:67:2e:30:0f:94:09:ec:d2:97:bb:dd:
cb:af:2c:3a:b5:2c:1a:31:e5:6d:ff:06:b6:82:41:79:91:87:
84:9d:07:32:93:e8:5b:42:c6:f2:b1:71:92:c5:e4:ef:bc:4e:
7d:ec:73:b3:33:94:a5:2d:e5:6f:7e:5b:5b:c6:6b:02:f0:af:
79:1b:f8:2b:0e:a8:26:10:6c:3f:61:ba:17:a3:50:17:ad:a8:
05:7e:6d:96:9a:7c:00:45:93:c1:d9:1c:6b:65:4e:98:c4:1d:
8a:63:ad:4a
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYbHGCRM6lGrzLiUfET1/NjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzA5MTU1ODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDIwZmQyMDJkZGZhMzk3YjUyZDQ4ZmMzYTYxNDY1ZjAyZmNlODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHY6K9fG7uDsrzqpToiK6rpW7hdz
9sfh3Oi1C8Z51pWJGGeXQ7wSJfHFsmF0x/OHxkkidDi/xPLSoGIW3R9Q7z4kmGfC
k7yf9M1wpnL3nnzrKuNl67jahdUHTaNooGii6tnmPJkbxJcCugOeTVm9U1ez+6q9
PjW8A0lq3WK/zXNKjlIy2lYRxRIaDnoU8K03lOGGLF7FwKRUjQdnjQOaREC/OibJ
ldIE1HiI/z2EeeoiR+oHN2Zc3MTxbCm6NcHoQtxI2kiXoCVMPsOTNwMC4TXzqavY
AO9ZMBzqUPB1tXJRVCKWRHjQ3tIJPiTLgMGQrj0txnzcEKoLq03jaG2BeQIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFLQg/SAt36OXtS1I/DphRl8C/OhBMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdENEOUlDM2ZvNWUxTFVqOE9tRkdYd0w4NkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQA
VCAIAwQAVCAKAwQCVCAYAwQAVCAeAwQAVCAuAwQAVCBHAwQAVCBNAwQAVCBPAwQA
VCBYAwQCVCCUMAwDBABUIK0DBABUIK4DBABUILMDBABUINQDBAFUINYwDAMEAFQg
3QMEAFQg3gMEAFQg5QMEAFQg6DAMAwQAVCDvAwQAVCDwAwQBVCDyAwQAVCD1AwQB
VCD8AwQAWNgDAwQAWNgRAwQAWNgVAwQAWNggAwQBWNhcAwQAWNiAMAwDBABY2IMD
BAFY2IQDBABY2LoDBABY2L0DBABY2McDBABY2NcwDAMEAljY5AMEAljY6DANBgkq
hkiG9w0BAQsFAAOCAQEAMeOW7iCS12NOyKDHhPtBd3F77FdzGrgdgO3WStdJUdrd
LMfvNo55YJ05U4/Vb8KRt/V9YXUno+DHY8N/Gx0vQ7qIjHFc/5BeRIZDyvrjkIzc
bSr19f0yI+GaRXZ8KdJt6FCHX4p2FRwx3Eyt0zJpYhKf5/OOrdMhxrfx6BKFRYy3
WPzx4DlZjR2OEZhsXllpYcqA0CJjTmcuMA+UCezSl7vdy68sOrUsGjHlbf8GtoJB
eZGHhJ0HMpPoW0LG8rFxksXk77xOfexzszOUpS3lb35bW8ZrAvCveRv4Kw6oJhBs
P2G6F6NQF62oBX5tlpp8AEWTwdkca2VOmMQdimOtSg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:34 2023 by rpki-client on console-ams.rpki-client.org