Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/u2vrn6NJTt0G0rNoVysPx6dKEok.roa
File: u2vrn6NJTt0G0rNoVysPx6dKEok.roa (raw, json)
Hash identifier: C9v0NKZ4GU8ZlOINIpXeWTgxXWP4FIsqqFvrf2RaqW4=
Subject key identifier: BB:6B:EB:9F:A3:49:4E:DD:06:D2:B3:68:57:2B:0F:C7:A7:4A:12:89
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01875A95D85CE4A1B44AD2396C95144A62EF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/u2vrn6NJTt0G0rNoVysPx6dKEok.roa
Signing time: Fri 07 Apr 2023 07:19:42 +0000
ROA not before: Fri 07 Apr 2023 07:19:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.106.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.157.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Apr 2023 19:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5a:95:d8:5c:e4:a1:b4:4a:d2:39:6c:95:14:4a:62:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 7 07:19:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb6beb9fa3494edd06d2b368572b0fc7a74a1289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:53:90:3a:4b:4d:36:e1:bf:0f:a0:60:8b:40:
a8:a7:80:66:af:b0:73:54:5c:e2:9f:5a:8a:41:13:
e4:a9:0d:51:65:46:ea:a7:76:8e:ed:d1:e1:6b:df:
31:d4:7c:b8:7f:03:7b:47:e4:20:1f:36:ea:57:90:
6d:a0:be:fe:11:b5:27:76:65:dc:d4:eb:76:66:86:
bf:ef:d8:0f:81:79:ed:3c:5f:2e:d7:aa:70:30:c1:
4c:2f:48:6c:35:fa:9c:0d:fd:9d:9b:64:fe:31:9b:
f3:e0:2a:e4:e4:07:1f:21:d7:d9:41:9f:27:82:c5:
8a:9a:05:d9:13:59:3f:6e:d5:f6:23:09:19:2f:6d:
65:77:d6:00:5d:b0:62:eb:e4:36:eb:4d:b4:b2:c5:
84:ee:97:62:5a:47:d7:22:96:d4:72:3b:e3:f1:be:
f0:5d:88:d0:02:db:3e:f5:b8:1b:dd:0b:89:91:fd:
3b:d3:6c:f5:5a:c0:b0:58:55:d0:f0:b8:f9:05:11:
8b:22:b2:38:94:5d:19:db:27:17:f0:59:63:b6:30:
ee:93:a4:f2:93:43:55:1a:70:ea:67:32:2f:d6:a9:
13:a2:bb:5b:03:d3:2d:9c:3b:0c:af:c7:f9:16:08:
e5:d9:76:a4:eb:fd:95:41:b4:f8:64:22:94:77:dc:
ef:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:6B:EB:9F:A3:49:4E:DD:06:D2:B3:68:57:2B:0F:C7:A7:4A:12:89
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/u2vrn6NJTt0G0rNoVysPx6dKEok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.40.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.67.0/24
84.32.70.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.106.0/24
84.32.108.0/23
84.32.148.0/22
84.32.157.0/24
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.224.255
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0-84.32.253.255
88.216.1.0/24
88.216.3.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.189.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:bd:27:eb:15:5a:c1:19:55:8c:24:3a:f4:e7:69:9c:77:67:
ec:47:cc:2f:73:68:ba:90:b3:69:ba:9a:e0:9a:02:d2:28:77:
0f:27:9b:a6:55:d8:1b:5a:b3:23:bc:17:61:1a:0d:7c:fa:25:
98:49:ca:b8:12:3f:f1:28:fc:f9:dc:c1:af:0b:fd:62:70:71:
d2:64:5d:77:23:88:ef:b7:cc:4f:2c:d6:41:92:4d:67:22:5a:
8c:b8:0a:f9:b2:05:b1:36:46:a3:6e:a9:bb:60:2f:dd:a2:d3:
3d:5e:29:ab:5a:7d:9c:3d:91:ef:a2:3d:3c:bc:14:bb:8c:02:
ba:ee:3f:0f:a5:14:a9:49:cc:9f:7a:a0:23:f1:55:eb:18:92:
6f:44:78:23:65:dd:5f:97:49:5a:49:97:69:78:c3:39:1c:59:
e5:3d:c9:e1:5c:8e:1f:61:f7:a5:08:43:bf:be:57:0e:c0:f1:
82:00:bf:fe:c7:04:b2:91:46:ba:96:1c:e0:39:18:fc:03:72:
23:41:3a:7c:2c:3f:de:5e:e4:29:fa:9b:40:d0:cd:2f:7f:3e:
ac:ac:91:19:d0:3e:57:c2:0a:c5:06:a3:2b:1f:dc:79:8d:45:
64:44:f2:44:a3:67:10:4c:77:3d:a9:37:d1:f2:c6:ff:51:57:
49:2c:4d:7d
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgISAYdaldhc5KG0StI5bJUUSmLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDA3MDcxOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjZiZWI5ZmEzNDk0ZWRkMDZkMmIzNjg1NzJiMGZjN2E3NGExMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVOQOktNNuG/D6Bgi0Cop4Bmr7Bz
VFzin1qKQRPkqQ1RZUbqp3aO7dHha98x1Hy4fwN7R+QgHzbqV5BtoL7+EbUndmXc
1Ot2Zoa/79gPgXntPF8u16pwMMFML0hsNfqcDf2dm2T+MZvz4Crk5AcfIdfZQZ8n
gsWKmgXZE1k/btX2IwkZL21ld9YAXbBi6+Q26020ssWE7pdiWkfXIpbUcjvj8b7w
XYjQAts+9bgb3QuJkf0702z1WsCwWFXQ8Lj5BRGLIrI4lF0Z2ycX8FljtjDuk6Ty
k0NVGnDqZzIv1qkTortbA9MtnDsMr8f5Fgjl2Xak6/2VQbT4ZCKUd9zvKQIDAQAB
o4IDKzCCAycwHQYDVR0OBBYEFLtr65+jSU7dBtKzaFcrD8enShKJMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdTJ2cm42TkpUdDBHMHJOb1Z5c1B4NmRLRW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPwYIKwYBBQUHAQcBAf8EggEuMIIBKjCCASYEAgABMIIB
HgMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgKAMEAFQgLgMEAFQgOQMEAFQgPAMEAFQg
QwMEAFQgRgMEAFQgTQMEAFQgTwMEAFQgWAMEAFQgagMEAVQgbAMEAlQglAMEAFQg
nQMEAVQgrgMEAFQgsQMEAFQgswMEAFQg1AMEAVQg1gMEAFQg2gMEAFQg3TAMAwQA
VCDfAwQAVCDgAwQAVCDoMAwDBABUIO8DBABUIPAwDAMEAVQg8gMEAVQg9DAMAwQB
VCD6AwQBVCD8AwQAWNgBAwQAWNgDAwQAWNgVAwQAWNggAwQAWNgkAwQBWNhcAwQA
WNhvAwQAWNiAMAwDBAFY2IIDBABY2IQDBABY2L0DBAJY2NQDBABY2NwDBAJY2Ogw
DQYJKoZIhvcNAQELBQADggEBAH69J+sVWsEZVYwkOvTnaZx3Z+xHzC9zaLqQs2m6
muCaAtIodw8nm6ZV2BtasyO8F2EaDXz6JZhJyrgSP/Eo/Pncwa8L/WJwcdJkXXcj
iO+3zE8s1kGSTWciWoy4CvmyBbE2RqNuqbtgL92i0z1eKatafZw9ke+iPTy8FLuM
ArruPw+lFKlJzJ96oCPxVesYkm9EeCNl3V+XSVpJl2l4wzkcWeU9yeFcjh9h96UI
Q7++Vw7A8YIAv/7HBLKRRrqWHOA5GPwDciNBOnwsP95e5Cn6m0DQzS9/PqyskRnQ
PlfCCsUGoysf3HmNRWRE8kSjZxBMdz2pN9Hyxv9RV0ksTX0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org