Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/zQLYgwGSzNci7kv3saPobpq28wI.roa
File: zQLYgwGSzNci7kv3saPobpq28wI.roa (raw, json)
Hash identifier: mVtTPCWtOklCzGz+Ucj2zjAYqS8cj0qMvZxsoP901VE=
Subject key identifier: CD:02:D8:83:01:92:CC:D7:22:EE:4B:F7:B1:A3:E8:6E:9A:B6:F3:02
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01888B0BE376276CC851AAAF4F150CF8DF07
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/zQLYgwGSzNci7kv3saPobpq28wI.roa
Signing time: Mon 05 Jun 2023 10:13:12 +0000
ROA not before: Mon 05 Jun 2023 10:13:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.56.0/24 maxlen: 24
84.32.62.0/24 maxlen: 24
84.32.59.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Jun 2023 06:22:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8b:0b:e3:76:27:6c:c8:51:aa:af:4f:15:0c:f8:df:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 5 10:13:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd02d8830192ccd722ee4bf7b1a3e86e9ab6f302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0d:2d:2f:e3:ac:33:54:9d:df:8e:51:5e:d1:
97:ee:09:30:f9:9e:c5:c0:20:42:67:aa:6e:0a:61:
ad:72:26:28:41:24:7e:83:51:e5:a4:4f:65:41:c6:
2b:1a:04:59:d3:47:eb:89:96:22:42:70:85:4f:00:
e3:48:18:df:4f:62:c9:31:08:a5:3b:6a:0e:d8:2f:
a9:cd:1a:ab:09:b5:b8:7c:a1:60:9f:af:73:8e:2b:
a4:73:bb:41:19:54:cf:f3:cb:e1:f1:2c:19:b0:b9:
8b:ae:d8:b1:49:67:e7:4b:b3:20:58:f1:a6:ae:f3:
59:2e:87:74:5d:1c:d0:b5:51:f5:bf:6c:af:a5:b8:
c0:2a:ed:59:5d:be:0a:79:8a:5a:d7:8d:94:78:9b:
c7:7e:0e:ff:c3:5f:99:ca:db:fb:60:a9:bd:df:ac:
77:ad:8c:58:5d:9c:1d:2e:27:51:3c:f0:21:48:e3:
a5:11:66:9b:6a:a7:ff:b9:01:25:0e:2c:e6:e5:58:
70:06:47:37:1a:56:ef:79:ee:a8:22:7c:36:bb:3c:
68:41:bd:71:5e:d6:aa:7a:54:05:13:f3:c8:d7:1e:
28:2a:92:1d:e3:dc:65:3e:81:ac:8f:38:48:7e:94:
7f:6e:b2:4c:77:91:c1:34:c3:e7:65:22:74:4e:49:
c9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:02:D8:83:01:92:CC:D7:22:EE:4B:F7:B1:A3:E8:6E:9A:B6:F3:02
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/zQLYgwGSzNci7kv3saPobpq28wI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.30.0/24
84.32.46.0/24
84.32.56.0/24
84.32.59.0-84.32.60.255
84.32.62.0/24
84.32.65.0/24
84.32.67.0-84.32.68.255
84.32.79.0/24
84.32.89.0/24
84.32.108.0-84.32.110.255
84.32.148.0/22
84.32.158.0/23
84.32.177.0/24
84.32.212.0/24
84.32.214.0/23
84.32.221.0/24
84.32.224.0/24
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.243.0/24
84.32.250.0-84.32.253.255
88.216.0.0/24
88.216.3.0/24
88.216.16.0/24
88.216.32.0/24
88.216.35.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.100.0/24
88.216.111.0/24
88.216.130.0-88.216.132.255
88.216.134.0/23
88.216.180.0/24
88.216.183.0/24
88.216.188.0/23
88.216.197.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:93:76:d6:9e:b1:c5:0f:24:df:9e:b2:bd:04:09:e8:88:ca:
d9:5a:75:f8:ce:29:4c:6b:a1:cc:95:74:89:d9:bb:83:81:43:
fd:14:f9:81:60:4c:f5:be:86:be:a3:2c:c8:92:3a:a5:00:f8:
5c:38:0d:ca:d3:b9:ba:f9:74:25:2e:63:04:9e:d7:a7:f5:11:
dd:5c:94:4c:80:ff:6e:b4:31:38:3d:09:c8:18:25:de:ea:5f:
19:93:50:c2:ae:94:99:c5:ba:b1:52:7a:24:dc:eb:13:0f:b3:
5d:10:e2:b8:38:20:c9:4d:c8:0a:df:2e:e1:4b:2f:3b:23:2b:
2f:07:03:bc:12:32:7e:41:a5:83:99:5f:2f:ac:d0:5f:69:bc:
32:98:16:38:57:a2:03:d1:5d:ef:b3:c3:13:99:53:2a:9c:9e:
97:06:8c:aa:52:bb:dc:bd:53:cf:4c:ee:16:1a:6e:49:15:f8:
94:cc:00:88:9d:9b:7b:43:1e:ad:cc:8c:87:6f:16:77:67:c0:
9b:0b:0c:fd:33:16:62:db:7b:bb:ba:9e:47:ed:55:8c:1d:21:
c4:8f:36:a7:b0:a9:b8:c8:ea:62:05:d8:23:c6:0c:cf:f1:99:
88:25:6f:f1:83:02:ee:59:bd:ab:7d:6b:e7:4b:e9:1d:d8:54:
d4:01:70:fd
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAYiLC+N2J2zIUaqvTxUM+N8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjA1MTAxMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDAyZDg4MzAxOTJjY2Q3MjJlZTRiZjdiMWEzZTg2ZTlhYjZmMzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ0tL+OsM1Sd345RXtGX7gkw+Z7F
wCBCZ6puCmGtciYoQSR+g1HlpE9lQcYrGgRZ00friZYiQnCFTwDjSBjfT2LJMQil
O2oO2C+pzRqrCbW4fKFgn69zjiukc7tBGVTP88vh8SwZsLmLrtixSWfnS7MgWPGm
rvNZLod0XRzQtVH1v2yvpbjAKu1ZXb4KeYpa142UeJvHfg7/w1+Zytv7YKm936x3
rYxYXZwdLidRPPAhSOOlEWabaqf/uQElDizm5VhwBkc3Glbvee6oInw2uzxoQb1x
XtaqelQFE/PI1x4oKpId49xlPoGsjzhIfpR/brJMd5HBNMPnZSJ0TknJBQIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFM0C2IMBkszXIu5L97Gj6G6atvMCMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvelFMWWd3R1N6TmNpN2t2M3NhUG9icHEyOHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZQYIKwYBBQUHAQcBAf8EggFUMIIBUDCCAUwEAgABMIIB
RAMEAFQgCDAMAwQCVCAUAwQCVCAYAwQAVCAeAwQAVCAuAwQAVCA4MAwDBABUIDsD
BABUIDwDBABUID4DBABUIEEwDAMEAFQgQwMEAFQgRAMEAFQgTwMEAFQgWTAMAwQC
VCBsAwQAVCBuAwQCVCCUAwQBVCCeAwQAVCCxAwQAVCDUAwQBVCDWAwQAVCDdAwQA
VCDgMAwDBABUIOcDBABUIOgDBABUIOswDAMEAFQg7wMEAFQg8AMEAFQg8zAMAwQB
VCD6AwQBVCD8AwQAWNgAAwQAWNgDAwQAWNgQAwQAWNggAwQAWNgjAwQBWNgsMAwD
BANY2DgDBAFY2EADBABY2GQDBABY2G8wDAMEAVjYggMEAFjYhAMEAVjYhgMEAFjY
tAMEAFjYtwMEAVjYvAMEAFjYxQMEAljY1AMEAFjY3AMEA1jY6DANBgkqhkiG9w0B
AQsFAAOCAQEATpN21p6xxQ8k356yvQQJ6IjK2Vp1+M4pTGuhzJV0idm7g4FD/RT5
gWBM9b6GvqMsyJI6pQD4XDgNytO5uvl0JS5jBJ7Xp/UR3VyUTID/brQxOD0JyBgl
3upfGZNQwq6UmcW6sVJ6JNzrEw+zXRDiuDggyU3ICt8u4UsvOyMrLwcDvBIyfkGl
g5lfL6zQX2m8MpgWOFeiA9Fd77PDE5lTKpyelwaMqlK73L1Tz0zuFhpuSRX4lMwA
iJ2be0MercyMh28Wd2fAmwsM/TMWYtt7u7qeR+1VjB0hxI82p7CpuMjqYgXYI8YM
z/GZiCVv8YMC7lm9q31r50vpHdhU1AFw/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org