Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xeE15c7iI1YTTcrLa4Com4pqD7E.roa
File: xeE15c7iI1YTTcrLa4Com4pqD7E.roa (raw, json)
Hash identifier: fbKqXQeBm3LGyzRwG8t+pgzIO3wl3OpuuD3Oi/Yv+jU=
Subject key identifier: C5:E1:35:E5:CE:E2:23:56:13:4D:CA:CB:6B:80:A8:9B:8A:6A:0F:B1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0186E42C8176C478F587A4C0A0925CFBDAF0
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xeE15c7iI1YTTcrLa4Com4pqD7E.roa
Signing time: Wed 15 Mar 2023 07:29:27 +0000
ROA not before: Wed 15 Mar 2023 07:29:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.199.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Mar 2023 09:10:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:2c:81:76:c4:78:f5:87:a4:c0:a0:92:5c:fb:da:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 15 07:29:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5e135e5cee22356134dcacb6b80a89b8a6a0fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d9:96:15:89:d2:31:c9:a6:a2:62:76:0b:eb:
6c:18:2f:a3:bd:45:14:d6:71:78:5c:de:09:3c:ad:
5d:85:a8:9d:34:ea:8b:a0:5c:2e:31:6c:d7:29:a0:
d5:74:4d:c4:13:44:91:fc:65:f4:43:59:d6:0f:a5:
60:8e:74:95:37:e8:1d:ff:3e:18:17:91:72:33:4c:
8a:43:19:24:8e:96:5f:1d:d3:7e:f8:19:e4:78:59:
03:12:5f:56:d5:fb:b3:0f:cf:55:fa:fc:46:50:d6:
f0:ab:8f:f1:6c:3f:68:f4:13:af:46:13:e6:94:22:
90:ae:d2:bd:9b:d3:01:c9:78:31:49:a0:c5:28:fb:
91:91:a7:6e:58:95:e1:b9:df:37:fa:e1:29:25:84:
ac:dc:e3:b9:76:53:b1:05:3e:49:26:7f:fe:ea:60:
76:d4:cb:d6:00:bf:5d:b4:a4:6e:2b:10:40:84:ec:
4a:0b:10:9e:51:26:93:cd:20:5f:e1:b8:95:02:42:
76:44:c1:d1:f2:28:7f:60:1d:94:57:81:4f:1f:1a:
9a:9e:87:2e:80:b9:54:d0:13:51:07:65:bc:51:62:
50:9c:6a:8c:80:53:f7:2a:71:00:be:51:d4:8a:0a:
ce:7a:ab:eb:4e:f4:30:88:ca:b3:74:ae:b7:ca:a4:
ea:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E1:35:E5:CE:E2:23:56:13:4D:CA:CB:6B:80:A8:9B:8A:6A:0F:B1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xeE15c7iI1YTTcrLa4Com4pqD7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.71.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.148.0/22
84.32.174.0/24
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.221.0-84.32.222.255
84.32.224.0/24
84.32.227.0/24
84.32.229.0/24
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.252.0/23
88.216.3.0/24
88.216.17.0/24
88.216.21.0/24
88.216.32.0/24
88.216.36.0/24
88.216.92.0/23
88.216.111.0/24
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.186.0/24
88.216.189.0/24
88.216.199.0/24
88.216.215.0/24
88.216.228.0-88.216.235.255
Signature Algorithm: sha256WithRSAEncryption
65:58:e0:5c:91:4f:9c:2b:e0:8a:93:f3:df:03:69:cb:70:0f:
31:ca:94:7b:77:f0:6b:98:6f:12:f7:bf:67:74:a0:5b:54:a4:
16:74:ed:90:eb:19:27:25:fd:c3:3e:6d:87:9b:1c:b0:0a:70:
d4:43:01:00:82:06:e5:dc:c9:18:3d:b0:f1:09:56:56:d6:3d:
83:cf:20:1f:22:9c:cd:af:45:0b:ea:86:c4:46:ca:12:24:95:
49:18:9b:30:a2:dd:b2:ad:a9:54:d8:5a:a4:8f:0e:18:d8:d7:
6d:28:e2:41:e4:06:69:5c:bb:7f:98:ab:68:6f:91:0a:5b:86:
cc:88:f9:47:af:4e:35:88:45:bc:83:c6:3c:a1:01:cc:c6:29:
6e:d1:00:bc:ed:2a:f8:25:14:68:9b:68:1c:a4:8c:1a:63:1a:
de:de:39:e1:ae:b2:83:91:0f:f3:d3:d9:3f:1b:41:9a:75:96:
58:91:77:70:95:43:53:91:15:28:92:92:2b:76:9a:a2:9c:c4:
46:b7:44:2d:a2:40:41:f0:a0:b6:0b:16:d8:e6:29:e2:2f:55:
ab:fa:fd:49:8a:22:4b:dd:7b:16:c5:f3:db:41:61:1e:69:5f:
fa:2d:17:5e:00:d5:0f:3f:e9:ab:bf:4c:91:0e:5a:11:4f:14:
bf:07:12:da
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAYbkLIF2xHj1h6TAoJJc+9rwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzE1MDcyOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWUxMzVlNWNlZTIyMzU2MTM0ZGNhY2I2YjgwYTg5YjhhNmEwZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNmWFYnSMcmmomJ2C+tsGC+jvUUU
1nF4XN4JPK1dhaidNOqLoFwuMWzXKaDVdE3EE0SR/GX0Q1nWD6VgjnSVN+gd/z4Y
F5FyM0yKQxkkjpZfHdN++BnkeFkDEl9W1fuzD89V+vxGUNbwq4/xbD9o9BOvRhPm
lCKQrtK9m9MByXgxSaDFKPuRkaduWJXhud83+uEpJYSs3OO5dlOxBT5JJn/+6mB2
1MvWAL9dtKRuKxBAhOxKCxCeUSaTzSBf4biVAkJ2RMHR8ih/YB2UV4FPHxqanocu
gLlU0BNRB2W8UWJQnGqMgFP3KnEAvlHUigrOeqvrTvQwiMqzdK63yqTqbwIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFMXhNeXO4iNWE03Ky2uAqJuKag+xMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveGVFMTVjN2lJMVlUVGNyTGE0Q29tNHBxRDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAFQgCAMEAFQgCgMEAlQgGAMEAFQgHgMEAFQgLgMEAFQgRwMEAFQgTQMEAFQg
TwMEAFQgWAMEAlQglAMEAFQgrgMEAFQgsQMEAFQgswMEAFQg1AMEAVQg1jAMAwQA
VCDdAwQAVCDeAwQAVCDgAwQAVCDjAwQAVCDlAwQAVCDoMAwDBABUIO8DBABUIPAw
DAMEAVQg8gMEAVQg9AMEAVQg/AMEAFjYAwMEAFjYEQMEAFjYFQMEAFjYIAMEAFjY
JAMEAVjYXAMEAFjYbwMEAFjYgDAMAwQAWNiDAwQBWNiEAwQAWNi6AwQAWNi9AwQA
WNjHAwQAWNjXMAwDBAJY2OQDBAJY2OgwDQYJKoZIhvcNAQELBQADggEBAGVY4FyR
T5wr4IqT898DactwDzHKlHt38GuYbxL3v2d0oFtUpBZ07ZDrGScl/cM+bYebHLAK
cNRDAQCCBuXcyRg9sPEJVlbWPYPPIB8inM2vRQvqhsRGyhIklUkYmzCi3bKtqVTY
WqSPDhjY120o4kHkBmlcu3+Yq2hvkQpbhsyI+UevTjWIRbyDxjyhAczGKW7RALzt
KvglFGibaBykjBpjGt7eOeGusoORD/PT2T8bQZp1lliRd3CVQ1ORFSiSkit2mqKc
xEa3RC2iQEHwoLYLFtjmKeIvVav6/UmKIkvdexbF89tBYR5pX/otF14A1Q8/6au/
TJEOWhFPFL8HEto=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:33 2024 by rpki-client on console-ams.rpki-client.org