Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ygyZ6v3gR83VoZYBPh_LH1jh9uw.roa
File: ygyZ6v3gR83VoZYBPh_LH1jh9uw.roa (raw, json)
Hash identifier: kgjY3bVriaQ2QZ+EsjDfwjl9+x+qlKEPjX8FeZztu1E=
Subject key identifier: CA:0C:99:EA:FD:E0:47:CD:D5:A1:96:01:3E:1F:CB:1F:58:E1:F6:EC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01863BA05531CBF002D01ED12A3C2BDE405D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ygyZ6v3gR83VoZYBPh_LH1jh9uw.roa
Signing time: Fri 10 Feb 2023 14:00:08 +0000
ROA not before: Fri 10 Feb 2023 14:00:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.190.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.133.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.255.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.78.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Feb 2023 14:58:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3b:a0:55:31:cb:f0:02:d0:1e:d1:2a:3c:2b:de:40:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 10 14:00:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca0c99eafde047cdd5a196013e1fcb1f58e1f6ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:27:40:e1:84:dd:90:ed:f3:2f:bd:66:78:42:
92:f5:b4:ff:03:09:ec:32:cf:ec:c8:11:38:87:4c:
13:7d:2f:09:26:db:d2:ad:c0:9a:d9:9b:0b:43:9b:
a7:87:5e:1f:b1:01:3a:9b:6f:51:fb:49:f6:2a:bc:
70:57:47:7c:d2:c1:81:1c:ed:f6:c1:3f:07:c8:40:
89:fb:d0:82:75:b1:df:bc:c1:15:d6:e7:15:f0:d7:
87:6d:92:db:45:d2:f2:af:f4:ae:ab:69:4c:73:77:
b4:28:80:11:eb:99:11:14:93:a3:fc:94:f6:ca:cb:
d5:a8:47:59:22:8d:be:49:84:35:bd:7b:c0:24:3d:
c3:a0:0a:54:9e:a6:2d:33:35:c5:ce:0f:3a:02:45:
1b:c8:c4:42:a4:a3:60:d9:a9:29:6a:8d:42:53:33:
e1:28:86:43:9e:46:bd:7c:13:cb:a1:67:f3:c0:d3:
ba:c1:37:99:5c:2f:a9:31:e2:45:40:e3:dc:82:49:
19:e4:bd:34:bc:91:0d:13:00:9c:ec:75:0a:09:05:
0f:6f:d8:5b:10:3a:e8:3e:8f:a5:3b:95:f0:ef:cc:
f6:30:83:5e:97:39:71:e1:74:b7:ef:ff:c4:a0:12:
9c:09:5b:5d:ed:c7:e1:13:d6:4b:a2:6d:40:6d:ee:
07:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:0C:99:EA:FD:E0:47:CD:D5:A1:96:01:3E:1F:CB:1F:58:E1:F6:EC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ygyZ6v3gR83VoZYBPh_LH1jh9uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.30.0/24
84.32.46.0/24
84.32.76.0/22
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.220.0-84.32.222.255
84.32.240.0/24
84.32.243.0/24
84.32.252.0/23
84.32.255.0/24
88.216.17.0/24
88.216.93.0/24
88.216.128.0/23
88.216.132.0-88.216.134.255
88.216.190.0/24
88.216.213.0/24
88.216.215.0/24
88.216.220.0/24
88.216.228.0-88.216.239.255
Signature Algorithm: sha256WithRSAEncryption
8f:28:72:9e:52:42:94:3a:74:db:25:4c:21:42:b3:17:89:c4:
fe:1c:c4:5d:01:47:18:10:51:d4:cd:4c:37:1e:7c:47:d0:6e:
4b:dd:11:97:45:3a:b8:67:95:1e:a2:35:88:b7:7e:53:dd:fb:
1b:17:fb:23:70:a2:ea:e0:2f:03:30:bb:e4:bb:d4:31:53:fe:
a8:3f:d2:52:cf:e0:b3:4a:02:b0:e9:88:2c:57:1d:f0:c5:8d:
3e:6a:d3:ee:5d:81:ea:f5:c4:c6:3f:46:ee:c6:c7:b1:4d:dd:
10:4b:cc:65:92:7b:c9:2f:f8:77:4b:0c:72:44:df:ff:6d:b6:
3a:02:28:a4:d0:6d:65:c4:d6:a3:14:6a:e7:3b:91:04:e3:9b:
7d:76:8b:d3:50:85:54:e5:30:8b:25:76:e7:fe:28:d7:bf:36:
de:7c:7d:b7:3c:8e:a8:4b:aa:97:98:26:a8:f0:83:20:49:e0:
29:16:37:61:ef:92:e6:35:c8:3d:ec:b5:bb:0c:f8:ad:af:a2:
c5:aa:84:41:f9:c2:a1:13:6d:b7:f0:c9:19:23:c2:f2:da:29:
12:6e:6b:27:80:89:3c:77:f9:81:3c:88:f0:6a:6c:38:cb:57:
d7:96:27:7c:82:2b:39:54:b8:5d:bf:a1:90:cc:93:46:08:7a:
b7:71:86:a8
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYY7oFUxy/AC0B7RKjwr3kBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjEwMTQwMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTBjOTllYWZkZTA0N2NkZDVhMTk2MDEzZTFmY2IxZjU4ZTFmNmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSdA4YTdkO3zL71meEKS9bT/Awns
Ms/syBE4h0wTfS8JJtvSrcCa2ZsLQ5unh14fsQE6m29R+0n2KrxwV0d80sGBHO32
wT8HyECJ+9CCdbHfvMEV1ucV8NeHbZLbRdLyr/Suq2lMc3e0KIAR65kRFJOj/JT2
ysvVqEdZIo2+SYQ1vXvAJD3DoApUnqYtMzXFzg86AkUbyMRCpKNg2akpao1CUzPh
KIZDnka9fBPLoWfzwNO6wTeZXC+pMeJFQOPcgkkZ5L00vJENEwCc7HUKCQUPb9hb
EDroPo+lO5Xw78z2MINelzlx4XS37//EoBKcCVtd7cfhE9ZLom1Abe4H2wIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFMoMmer94EfN1aGWAT4fyx9Y4fbsMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveWd5WjZ2M2dSODNWb1pZQlBoX0xIMWpoOXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAJU
IBgDBABUIB4DBABUIC4DBAJUIEwDBABUILMDBABUINQDBAFUINYwDAMEAlQg3AME
AFQg3gMEAFQg8AMEAFQg8wMEAVQg/AMEAFQg/wMEAFjYEQMEAFjYXQMEAVjYgDAM
AwQCWNiEAwQAWNiGAwQAWNi+AwQAWNjVAwQAWNjXAwQAWNjcMAwDBAJY2OQDBARY
2OAwDQYJKoZIhvcNAQELBQADggEBAI8ocp5SQpQ6dNslTCFCsxeJxP4cxF0BRxgQ
UdTNTDcefEfQbkvdEZdFOrhnlR6iNYi3flPd+xsX+yNwourgLwMwu+S71DFT/qg/
0lLP4LNKArDpiCxXHfDFjT5q0+5dger1xMY/Ru7Gx7FN3RBLzGWSe8kv+HdLDHJE
3/9ttjoCKKTQbWXE1qMUauc7kQTjm312i9NQhVTlMIslduf+KNe/Nt58fbc8jqhL
qpeYJqjwgyBJ4CkWN2HvkuY1yD3stbsM+K2vosWqhEH5wqETbbfwyRkjwvLaKRJu
ayeAiTx3+YE8iPBqbDjLV9eWJ3yCKzlUuF2/oZDMk0YIerdxhqg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:33 2024 by rpki-client on console-ams.rpki-client.org