Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/u4J0Xxmb6JyKCZRgjhxve6FiRKE.roa
File: u4J0Xxmb6JyKCZRgjhxve6FiRKE.roa (raw, json)
Hash identifier: HT16Edx8KevE7551x9pb0+WCTGB4/e+4n47HmJt7Vik=
Subject key identifier: BB:82:74:5F:19:9B:E8:9C:8A:09:94:60:8E:1C:6F:7B:A1:62:44:A1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186FDF82CFACB48A527C79948B09D986273
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/u4J0Xxmb6JyKCZRgjhxve6FiRKE.roa
Signing time: Mon 20 Mar 2023 07:42:25 +0000
ROA not before: Mon 20 Mar 2023 07:42:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Mar 2023 12:51:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fd:f8:2c:fa:cb:48:a5:27:c7:99:48:b0:9d:98:62:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 20 07:42:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb82745f199be89c8a0994608e1c6f7ba16244a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f5:00:c7:68:65:dd:d1:95:98:bd:da:31:d9:
a6:81:18:d8:ad:49:6f:93:74:ff:6b:d2:ac:34:35:
06:a5:1d:53:05:fd:dc:04:07:e5:fd:ba:45:23:e7:
1f:28:6d:a3:2e:56:94:4c:d4:7b:1e:4f:4f:06:45:
38:d7:62:d8:1e:f5:07:f7:12:7f:5b:2f:98:a8:c9:
af:66:c7:c0:62:01:3f:d1:35:a7:9f:5a:62:e5:2d:
81:21:02:e3:bd:01:18:26:b8:3b:78:3b:e5:81:96:
a1:eb:ed:0f:77:13:a1:82:81:7e:38:dd:00:b3:31:
03:60:09:ba:cb:6c:55:30:33:30:f2:c8:80:68:e6:
ee:70:65:7f:95:13:48:80:a0:43:48:a1:fb:9a:6d:
5f:24:07:bf:68:d6:71:aa:64:38:45:af:46:5e:11:
5a:d3:e3:08:b2:d0:f0:14:92:96:6e:de:56:d6:da:
f2:f7:b3:4b:08:ad:b9:86:2f:1c:ef:14:33:04:6c:
4d:76:d8:a9:42:fb:2a:fb:94:39:58:89:dd:5f:c7:
9a:95:c8:d4:47:0f:d9:ff:47:8a:3f:7a:5b:b9:65:
99:99:c3:2b:3b:ac:34:fd:03:8b:f1:89:a8:45:26:
5b:06:36:4a:45:28:a4:dc:87:a0:62:56:07:ee:60:
01:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:82:74:5F:19:9B:E8:9C:8A:09:94:60:8E:1C:6F:7B:A1:62:44:A1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/u4J0Xxmb6JyKCZRgjhxve6FiRKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.71.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.148.0/22
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.221.0/24
84.32.224.0/24
84.32.227.0/24
84.32.229.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.252.0/23
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.186.0/24
88.216.189.0/24
88.216.215.0/24
88.216.228.0-88.216.235.255
Signature Algorithm: sha256WithRSAEncryption
87:3f:8c:12:a4:35:1c:80:5b:c8:9e:75:51:b8:02:66:bc:6d:
85:c9:90:e7:78:65:55:d2:f0:e2:55:4c:f9:8b:e8:32:8e:c3:
d8:77:db:eb:0a:7d:a2:10:bd:af:6f:91:ac:c3:ee:5e:87:64:
46:13:4e:95:0b:37:0d:2b:79:84:1c:a0:10:10:b9:b6:7b:de:
61:1f:7d:3b:c6:e9:f9:39:42:5c:fc:e1:17:30:d4:dc:4a:62:
b3:d9:32:f5:c3:71:c4:56:cb:bd:c2:26:b6:5f:e4:d2:4f:53:
47:56:83:7b:6c:5c:96:44:74:3f:91:a5:c4:fa:c7:e9:b4:ef:
31:69:78:7e:26:bf:bd:b3:ea:05:f8:7c:a3:60:39:ca:97:84:
31:92:a5:cc:05:20:1b:f8:c3:de:19:cf:95:be:34:90:e7:65:
30:23:26:06:37:0a:89:fc:ce:80:17:51:75:0e:43:d9:c0:7d:
e5:80:0b:5c:da:58:2c:1d:13:30:6a:96:92:dc:fa:f7:19:2e:
b0:ee:ee:67:bd:f0:86:80:23:e0:a2:e3:91:23:01:a3:f6:75:
a3:d3:30:85:92:dc:54:e7:39:0d:7c:75:0b:78:0c:78:d4:bb:
00:32:5a:30:24:7d:31:00:2e:7c:7d:68:1c:d4:ba:0d:88:50:
e0:35:5c:9b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAYb9+Cz6y0ilJ8eZSLCdmGJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzIwMDc0MjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjgyNzQ1ZjE5OWJlODljOGEwOTk0NjA4ZTFjNmY3YmExNjI0NGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvUAx2hl3dGVmL3aMdmmgRjYrUlv
k3T/a9KsNDUGpR1TBf3cBAfl/bpFI+cfKG2jLlaUTNR7Hk9PBkU412LYHvUH9xJ/
Wy+YqMmvZsfAYgE/0TWnn1pi5S2BIQLjvQEYJrg7eDvlgZah6+0PdxOhgoF+ON0A
szEDYAm6y2xVMDMw8siAaObucGV/lRNIgKBDSKH7mm1fJAe/aNZxqmQ4Ra9GXhFa
0+MIstDwFJKWbt5W1try97NLCK25hi8c7xQzBGxNdtipQvsq+5Q5WIndX8ealcjU
Rw/Z/0eKP3pbuWWZmcMrO6w0/QOL8YmoRSZbBjZKRSik3IegYlYH7mABGwIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFLuCdF8Zm+icigmUYI4cb3uhYkShMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdTRKMFh4bWI2SnlLQ1pSZ2poeHZlNkZpUktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB/wQCAAEwgfgD
BABUIAgDBABUIAoDBAJUIBgDBABUIB4DBABUIC4DBABUIEcDBABUIE0DBABUIE8D
BABUIFgDBAJUIJQDBAFUIK4DBABUILEDBABUILMDBABUINQDBAFUINYDBABUIN0D
BABUIOADBABUIOMDBABUIOUDBABUIOgwDAMEAFQg7wMEAFQg8DAMAwQBVCDyAwQB
VCD0AwQBVCD8AwQAWNgDAwQAWNgRAwQAWNgVAwQAWNggAwQAWNgkAwQBWNhcAwQA
WNhvAwQAWNiAMAwDBABY2IMDBAFY2IQDBABY2LoDBABY2L0DBABY2NcwDAMEAljY
5AMEAljY6DANBgkqhkiG9w0BAQsFAAOCAQEAhz+MEqQ1HIBbyJ51UbgCZrxthcmQ
53hlVdLw4lVM+YvoMo7D2Hfb6wp9ohC9r2+RrMPuXodkRhNOlQs3DSt5hBygEBC5
tnveYR99O8bp+TlCXPzhFzDU3Epis9ky9cNxxFbLvcImtl/k0k9TR1aDe2xclkR0
P5GlxPrH6bTvMWl4fia/vbPqBfh8o2A5ypeEMZKlzAUgG/jD3hnPlb40kOdlMCMm
BjcKifzOgBdRdQ5D2cB95YALXNpYLB0TMGqWktz69xkusO7uZ73whoAj4KLjkSMB
o/Z1o9MwhZLcVOc5DXx1C3gMeNS7ADJaMCR9MQAufH1oHNS6DYhQ4DVcmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org