Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wpmBqqWxpsT6zMS5wHLktidd054.roa
File: wpmBqqWxpsT6zMS5wHLktidd054.roa (raw, json)
Hash identifier: m5hQWn581vrGDgqhU0Z8CPG54MtQAukWsRyg7RMh4OM=
Subject key identifier: C2:99:81:AA:A5:B1:A6:C4:FA:CC:C4:B9:C0:72:E4:B6:27:5D:D3:9E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186D57531B40AAC213E74E778836D5F0EE7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wpmBqqWxpsT6zMS5wHLktidd054.roa
Signing time: Sun 12 Mar 2023 10:54:32 +0000
ROA not before: Sun 12 Mar 2023 10:54:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.173.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.199.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Mar 2023 07:05:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d5:75:31:b4:0a:ac:21:3e:74:e7:78:83:6d:5f:0e:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 12 10:54:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c29981aaa5b1a6c4faccc4b9c072e4b6275dd39e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:08:c9:9d:f0:dc:1d:b6:9b:f2:ae:58:b3:0b:
a2:0f:e5:07:bf:70:77:f5:23:6d:4f:5e:e2:2d:41:
ae:d1:15:9f:d1:e8:51:47:ed:4c:bd:a7:51:46:fe:
14:67:5d:2e:37:90:33:73:fc:75:3c:ac:90:e1:4f:
7b:e7:ec:03:ab:31:09:ec:0f:2c:12:8a:d4:9a:33:
36:21:44:ca:9c:c0:9d:73:56:14:92:8e:fb:5f:80:
92:7c:54:bd:63:57:ea:56:27:f8:c5:4e:12:bc:99:
c8:46:0a:f7:be:a4:1b:ad:6d:77:71:7b:4b:3a:b3:
bb:fe:93:ef:cf:e0:91:80:1f:fc:61:e5:4f:6e:fc:
30:7c:fc:51:69:b6:84:85:59:60:65:b9:f5:06:0c:
1a:9e:8d:00:da:13:dd:55:65:b8:1b:b9:1a:51:b6:
51:1a:8c:b9:a2:32:22:4b:3b:0b:4d:6f:a8:03:00:
98:37:99:19:90:df:66:25:93:6a:ae:f5:96:dc:eb:
7d:39:d3:a7:0e:35:4b:47:66:59:e7:4b:eb:b3:4b:
b8:d9:4e:c7:d4:96:15:e0:61:00:76:73:92:9e:8d:
29:ce:cd:79:82:e9:1a:22:e9:0a:61:35:e4:27:86:
c9:db:5d:c0:27:02:b8:3e:b3:d1:4c:31:19:f5:a2:
8a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:99:81:AA:A5:B1:A6:C4:FA:CC:C4:B9:C0:72:E4:B6:27:5D:D3:9E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/wpmBqqWxpsT6zMS5wHLktidd054.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.71.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.148.0/22
84.32.173.0-84.32.174.255
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.221.0-84.32.222.255
84.32.227.0/24
84.32.229.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.252.0/23
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.181.0/24
88.216.186.0/24
88.216.189.0/24
88.216.199.0/24
88.216.215.0/24
88.216.228.0-88.216.235.255
Signature Algorithm: sha256WithRSAEncryption
06:90:3d:62:79:62:98:a4:9f:f9:e4:7f:3c:4f:1a:c5:a3:b9:
01:c5:a8:38:0e:a0:7a:1e:f6:09:ec:5f:7b:66:4e:00:4c:28:
95:7d:82:8e:73:7d:5b:05:6a:49:ec:a3:cb:56:7f:d6:b7:4f:
21:85:6e:d9:07:30:75:0f:d6:1d:ce:7d:66:39:7b:42:b7:51:
2c:88:1d:ec:5f:a7:69:b5:24:91:4e:42:f1:f8:60:1f:3b:ac:
81:d5:b2:38:25:e2:13:cd:75:3a:95:24:86:3e:6c:e5:0a:a5:
5c:34:85:ba:12:ff:94:c0:3b:4f:60:0d:3a:60:0a:a6:96:61:
cb:d1:14:b2:4c:c4:34:55:a5:75:47:f5:e7:14:29:24:7d:51:
fc:e0:df:d7:f3:11:c9:48:e3:1b:41:d4:b1:70:5b:b0:55:99:
a0:b2:da:ab:eb:38:db:4a:8e:9f:41:2d:32:fe:20:dd:31:36:
89:62:8a:83:d6:eb:4a:02:4f:2c:b5:03:36:a3:b2:a8:a4:2d:
52:ec:18:c4:3a:d0:d0:61:1c:d1:a9:62:b3:7e:6a:32:ca:77:
5f:a8:f5:da:c8:2a:32:13:ed:01:2c:48:d5:07:a0:18:3f:ca:
17:86:a6:cc:c0:6a:77:06:64:7a:09:56:40:f8:54:7d:a3:19:
24:40:96:92
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAYbVdTG0CqwhPnTneINtXw7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzEyMTA1NDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjk5ODFhYWE1YjFhNmM0ZmFjY2M0YjljMDcyZTRiNjI3NWRkMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwjJnfDcHbab8q5YswuiD+UHv3B3
9SNtT17iLUGu0RWf0ehRR+1MvadRRv4UZ10uN5Azc/x1PKyQ4U975+wDqzEJ7A8s
EorUmjM2IUTKnMCdc1YUko77X4CSfFS9Y1fqVif4xU4SvJnIRgr3vqQbrW13cXtL
OrO7/pPvz+CRgB/8YeVPbvwwfPxRabaEhVlgZbn1Bgwano0A2hPdVWW4G7kaUbZR
Goy5ojIiSzsLTW+oAwCYN5kZkN9mJZNqrvWW3Ot9OdOnDjVLR2ZZ50vrs0u42U7H
1JYV4GEAdnOSno0pzs15gukaIukKYTXkJ4bJ213AJwK4PrPRTDEZ9aKKTQIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFMKZgaqlsabE+szEucBy5LYnXdOeMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvd3BtQnFxV3hwc1Q2ek1TNXdITGt0aWRkMDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMEAFQgCAMEAFQgCgMEAlQgGAMEAFQgHgMEAFQgLgMEAFQgRwMEAFQgTQMEAFQg
TwMEAFQgWAMEAlQglDAMAwQAVCCtAwQAVCCuAwQAVCCxAwQAVCCzAwQAVCDUAwQB
VCDWMAwDBABUIN0DBABUIN4DBABUIOMDBABUIOUDBABUIOgwDAMEAFQg7wMEAFQg
8DAMAwQBVCDyAwQBVCD0AwQBVCD8AwQAWNgDAwQAWNgRAwQAWNgVAwQAWNggAwQA
WNgkAwQBWNhcAwQAWNiAMAwDBABY2IMDBAFY2IQDBABY2LUDBABY2LoDBABY2L0D
BABY2McDBABY2NcwDAMEAljY5AMEAljY6DANBgkqhkiG9w0BAQsFAAOCAQEABpA9
YnlimKSf+eR/PE8axaO5AcWoOA6geh72Cexfe2ZOAEwolX2CjnN9WwVqSeyjy1Z/
1rdPIYVu2QcwdQ/WHc59Zjl7QrdRLIgd7F+nabUkkU5C8fhgHzusgdWyOCXiE811
OpUkhj5s5QqlXDSFuhL/lMA7T2ANOmAKppZhy9EUskzENFWldUf15xQpJH1R/ODf
1/MRyUjjG0HUsXBbsFWZoLLaq+s420qOn0EtMv4g3TE2iWKKg9brSgJPLLUDNqOy
qKQtUuwYxDrQ0GEc0alis35qMsp3X6j12sgqMhPtASxI1QegGD/KF4amzMBqdwZk
eglWQPhUfaMZJECWkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org