Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/yvRmCW-_q_d9F-oZb20BhndQIho.roa
File: yvRmCW-_q_d9F-oZb20BhndQIho.roa (raw, json)
Hash identifier: DXxAMkBtkwPndEE6q7KBPfuMmpHrJKyaWl0t8w2x/bA=
Subject key identifier: CA:F4:66:09:6F:BF:AB:F7:7D:17:EA:19:6F:6D:01:86:77:50:22:1A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018B9439EA79B59FD8BB0BA4B093C46A8BBB
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/yvRmCW-_q_d9F-oZb20BhndQIho.roa
Signing time: Fri 03 Nov 2023 08:08:25 +0000
ROA not before: Fri 03 Nov 2023 08:08:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.182.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.208.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
84.32.236.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
84.32.249.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
88.216.66.0/24 maxlen: 24
88.216.67.0/24 maxlen: 24
84.32.178.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:39:ea:79:b5:9f:d8:bb:0b:a4:b0:93:c4:6a:8b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 3 08:08:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caf466096fbfabf77d17ea196f6d01867750221a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:61:f3:63:16:03:06:8b:a3:7c:da:49:e5:fb:
5c:7a:a6:a5:a7:f3:d0:84:45:31:51:41:60:12:e5:
d7:ee:dc:2c:e5:89:7b:7a:2d:17:9c:5c:5c:55:e6:
ee:99:23:a6:82:99:d7:83:e8:30:54:96:50:bb:e9:
7c:5f:af:07:6e:9c:b3:01:01:36:1e:e8:74:3d:e8:
a0:b8:32:f9:ec:f2:49:7d:ee:d6:a3:ed:55:86:fb:
e0:c4:8d:0e:a9:f6:8e:c6:55:03:2f:07:17:11:c9:
6a:eb:ff:b5:65:2a:cb:ac:ec:5e:de:cc:12:68:9a:
51:5c:0f:ff:eb:41:ca:9a:e0:78:c7:ae:91:fe:45:
d2:e0:31:4d:30:d1:70:7f:31:4e:a8:97:d2:3b:42:
38:7e:56:1d:4c:74:c9:ea:38:98:65:c2:7b:71:e6:
b6:da:48:49:a6:84:25:fe:1e:22:1e:be:7e:70:00:
c2:05:c1:04:8f:da:44:b9:aa:0f:03:e4:07:21:f1:
56:88:24:f3:b4:7f:4b:9d:5d:3f:6e:c5:5b:57:e5:
0c:1b:e3:53:5c:5f:47:29:bb:35:62:8f:e3:89:12:
98:41:09:71:1f:29:75:ad:87:d0:dc:98:f0:20:61:
87:b9:e9:cc:1b:0b:ca:bf:ef:28:7b:99:15:57:69:
0b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F4:66:09:6F:BF:AB:F7:7D:17:EA:19:6F:6D:01:86:77:50:22:1A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/yvRmCW-_q_d9F-oZb20BhndQIho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.66.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.210.0/24
84.32.214.0/23
84.32.236.0/24
84.32.244.0/22
84.32.249.0/24
88.216.22.0/23
88.216.43.0-88.216.45.255
88.216.66.0/23
88.216.93.0/24
88.216.129.0-88.216.132.255
88.216.134.0/23
88.216.180.0/22
88.216.187.0-88.216.191.255
88.216.197.0-88.216.198.255
88.216.208.0/24
88.216.211.0-88.216.215.255
88.216.220.0/24
88.216.223.0/24
88.216.228.0/22
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
52:4c:2a:74:39:eb:1f:99:16:d6:3e:53:ff:d7:12:b1:0a:f3:
8c:12:7f:5f:26:26:7f:d8:a1:74:45:77:d2:e6:00:bc:ae:5f:
49:51:ab:dc:4b:5e:ca:a9:bf:2f:1e:b2:47:7f:75:77:45:e4:
81:21:96:19:98:66:08:c3:68:cf:8e:86:89:3e:c0:d4:ea:bc:
95:ae:52:c6:35:ca:88:a0:e1:04:8a:13:a0:d9:10:2e:7c:16:
a8:f2:49:8d:c7:92:2f:e7:88:e8:24:47:aa:52:88:95:e9:f3:
4a:eb:5c:e2:46:ca:c7:64:9c:bf:f9:18:8a:4e:29:4e:fc:f2:
ff:1e:95:61:4f:f0:f5:97:b4:fc:5e:10:2d:ad:da:d3:10:a7:
a4:c8:e6:82:66:ce:9a:02:62:cc:85:53:63:43:d9:65:59:45:
27:23:94:70:5b:29:e0:c6:ff:28:d2:01:19:ae:51:8c:58:b5:
01:17:b5:58:1b:c6:ea:13:e4:f3:4b:d2:72:fe:e9:93:6f:89:
bb:0c:1d:25:98:5c:a6:b4:c1:e9:c6:20:2c:2f:34:3f:04:69:
c4:f3:da:6b:be:77:bf:0e:78:56:01:19:1c:6b:04:5a:4f:36:
66:71:b3:8f:bb:51:20:b3:93:51:52:27:f8:91:05:1e:da:96:
9e:44:60:bb
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYuUOep5tZ/YuwuksJPEaou7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMTAzMDgwODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWY0NjYwOTZmYmZhYmY3N2QxN2VhMTk2ZjZkMDE4Njc3NTAyMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mHzYxYDBoujfNpJ5ftceqalp/PQ
hEUxUUFgEuXX7tws5Yl7ei0XnFxcVebumSOmgpnXg+gwVJZQu+l8X68HbpyzAQE2
Huh0PeiguDL57PJJfe7Wo+1VhvvgxI0OqfaOxlUDLwcXEclq6/+1ZSrLrOxe3swS
aJpRXA//60HKmuB4x66R/kXS4DFNMNFwfzFOqJfSO0I4flYdTHTJ6jiYZcJ7cea2
2khJpoQl/h4iHr5+cADCBcEEj9pEuaoPA+QHIfFWiCTztH9LnV0/bsVbV+UMG+NT
XF9HKbs1Yo/jiRKYQQlxHyl1rYfQ3JjwIGGHuenMGwvKv+8oe5kVV2kLWQIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFMr0Zglvv6v3fRfqGW9tAYZ3UCIaMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveXZSbUNXLV9xX2Q5Ri1vWmIyMEJobmRRSWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgDBABU
IAgwDAMEAlQgFAMEAlQgGAMEAVQgLgMEAFQgQgMEAFQgXwMEAlQglAMEAVQgrgME
AVQgsgMEAFQg0gMEAVQg1gMEAFQg7AMEAlQg9AMEAFQg+QMEAVjYFjAMAwQAWNgr
AwQBWNgsAwQBWNhCAwQAWNhdMAwDBABY2IEDBABY2IQDBAFY2IYDBAJY2LQwDAME
AFjYuwMEBljYgDAMAwQAWNjFAwQAWNjGAwQAWNjQMAwDBABY2NMDBANY2NADBABY
2NwDBABY2N8DBAJY2OQDBAJY2OwwDQYJKoZIhvcNAQELBQADggEBAFJMKnQ56x+Z
FtY+U//XErEK84wSf18mJn/YoXRFd9LmALyuX0lRq9xLXsqpvy8eskd/dXdF5IEh
lhmYZgjDaM+Ohok+wNTqvJWuUsY1yoig4QSKE6DZEC58FqjySY3Hki/niOgkR6pS
iJXp80rrXOJGysdknL/5GIpOKU788v8elWFP8PWXtPxeEC2t2tMQp6TI5oJmzpoC
YsyFU2ND2WVZRScjlHBbKeDG/yjSARmuUYxYtQEXtVgbxuoT5PNL0nL+6ZNvibsM
HSWYXKa0wenGICwvND8EacTz2mu+d78OeFYBGRxrBFpPNmZxs4+7USCzk1FSJ/iR
BR7alp5EYLs=
-----END CERTIFICATE-----
Generated at Sat Nov 4 19:17:36 2023 by rpki-client on console-fra.rpki-client.org