Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/9M78azp1_Hk7TgGN9ETeSIVePWg.roa
File: 9M78azp1_Hk7TgGN9ETeSIVePWg.roa (raw, json)
Hash identifier: 3uMeERRy7qF3jsQ10MAw8JS1mAZTgCIcJ3c5hQUtbZM=
Subject key identifier: F4:CE:FC:6B:3A:75:FC:79:3B:4E:01:8D:F4:44:DE:48:85:5E:3D:68
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0188C1214B6C1AB6CEB354B5A74D2DDA02E8
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/9M78azp1_Hk7TgGN9ETeSIVePWg.roa
Signing time: Thu 15 Jun 2023 22:16:04 +0000
ROA not before: Thu 15 Jun 2023 22:16:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52116
IP address blocks: 178.253.207.0/24 maxlen: 24
178.253.213.0/24 maxlen: 24
188.255.130.0/24 maxlen: 24
178.253.210.0/24 maxlen: 24
178.253.219.0/24 maxlen: 24
178.253.214.0/24 maxlen: 24
188.255.140.0/24 maxlen: 24
178.253.222.0/24 maxlen: 24
93.186.64.0/24 maxlen: 24
93.186.67.0/24 maxlen: 24
93.186.71.0/24 maxlen: 24
93.186.72.0/24 maxlen: 24
188.255.208.0/24 maxlen: 24
188.255.213.0/24 maxlen: 24
188.255.219.0/24 maxlen: 24
188.255.238.0/24 maxlen: 24
188.255.246.0/24 maxlen: 24
188.255.244.0/23 maxlen: 23
212.69.6.0/24 maxlen: 24
188.255.248.0/24 maxlen: 24
188.255.252.0/24 maxlen: 24
212.69.7.0/24 maxlen: 24
188.255.247.0/24 maxlen: 24
188.255.250.0/23 maxlen: 23
178.253.236.0/24 maxlen: 24
178.253.240.0/24 maxlen: 24
81.18.50.0/24 maxlen: 24
81.18.49.0/24 maxlen: 24
81.18.55.0/24 maxlen: 24
81.18.52.0/23 maxlen: 23
188.255.185.0/24 maxlen: 24
81.18.61.0/24 maxlen: 24
188.255.190.0/24 maxlen: 24
79.175.103.0/24 maxlen: 24
79.175.116.0/24 maxlen: 24
79.175.118.0/24 maxlen: 24
79.175.115.0/24 maxlen: 24
188.255.254.0/24 maxlen: 24
212.69.12.0/24 maxlen: 24
188.255.255.0/24 maxlen: 24
178.219.11.0/24 maxlen: 24
178.219.8.0/23 maxlen: 23
185.47.89.0/24 maxlen: 24
185.47.88.0/24 maxlen: 24
185.47.90.0/24 maxlen: 24
77.105.31.0/24 maxlen: 24
80.74.173.0/24 maxlen: 24
77.105.11.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c1:21:4b:6c:1a:b6:ce:b3:54:b5:a7:4d:2d:da:02:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 15 22:16:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4cefc6b3a75fc793b4e018df444de48855e3d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ce:38:1f:25:76:8f:98:f0:20:c8:ec:44:55:
f3:a6:c8:dd:9a:1a:e5:86:90:d1:2f:99:b2:37:12:
bf:5f:ef:07:01:b9:df:3e:03:81:e8:2c:6f:e1:8e:
03:ab:c6:43:33:6a:cb:12:84:9f:41:04:8b:32:44:
4b:79:0d:b2:9b:98:50:68:0b:1e:7e:96:8e:0a:4e:
74:97:96:6e:c7:e4:be:af:d5:b8:72:01:1a:1c:07:
a3:11:92:16:51:ab:1e:bf:40:43:77:cc:b5:e0:0a:
2e:18:8c:98:9d:4e:17:b2:f2:70:72:52:bc:8a:a1:
d6:f7:a3:3f:4b:44:39:ec:85:24:68:ee:42:d5:95:
52:d7:c5:ad:96:52:6b:3a:95:94:97:a1:56:d1:4d:
86:e0:0b:d6:5d:fd:20:e7:7c:0c:9b:a9:82:43:fb:
5c:29:6b:0d:a0:ff:b3:0d:59:cc:88:16:1c:46:4d:
2e:e7:77:28:72:8c:2e:4f:0c:4c:00:c2:18:4e:4f:
6c:0c:14:41:81:30:42:4e:62:76:37:fc:cf:01:84:
c9:05:75:d3:7b:59:1e:7b:34:18:0e:8a:0f:78:a5:
0d:cb:bd:29:30:ab:34:89:ea:e1:7d:84:4b:31:ed:
8d:7f:f0:00:0e:7b:10:f1:c9:1f:56:ed:fd:17:fc:
65:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:CE:FC:6B:3A:75:FC:79:3B:4E:01:8D:F4:44:DE:48:85:5E:3D:68
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/9M78azp1_Hk7TgGN9ETeSIVePWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.11.0/24
77.105.31.0/24
79.175.103.0/24
79.175.115.0-79.175.116.255
79.175.118.0/24
80.74.173.0/24
81.18.49.0-81.18.50.255
81.18.52.0/23
81.18.55.0/24
81.18.61.0/24
93.186.64.0/24
93.186.67.0/24
93.186.71.0-93.186.72.255
178.219.8.0/23
178.219.11.0/24
178.253.207.0/24
178.253.210.0/24
178.253.213.0-178.253.214.255
178.253.219.0/24
178.253.222.0/24
178.253.236.0/24
178.253.240.0/24
185.47.88.0-185.47.90.255
188.255.130.0/24
188.255.140.0/24
188.255.185.0/24
188.255.190.0/24
188.255.208.0/24
188.255.213.0/24
188.255.219.0/24
188.255.238.0/24
188.255.244.0-188.255.248.255
188.255.250.0-188.255.252.255
188.255.254.0/23
212.69.6.0/23
212.69.12.0/24
Signature Algorithm: sha256WithRSAEncryption
55:a7:b9:aa:4d:9d:56:df:5d:ed:ca:6e:1f:49:66:7e:04:56:
95:22:dd:60:cc:ee:81:1d:78:51:c2:02:39:67:5f:f9:fd:3d:
60:cb:4c:b1:9b:57:38:3f:a5:b2:ef:ca:52:2d:6d:04:a4:a5:
cf:07:47:0d:12:20:5b:1b:d5:e4:f4:0f:41:a6:a7:66:fd:77:
34:6d:c2:e5:37:a4:3d:5d:15:b8:bf:c4:f0:19:1e:00:ca:6e:
1f:3c:45:03:37:50:b2:99:06:67:a3:d5:ad:eb:85:e9:9b:3f:
a9:2c:0a:6c:c2:41:f3:89:71:3f:ef:e7:f9:e3:4d:ed:30:ae:
b4:1c:bb:5a:e6:ab:0b:84:cc:1c:8c:8e:ca:10:45:96:96:39:
70:97:40:b7:e0:8d:ff:b4:81:2c:c9:d2:75:fd:75:db:bb:00:
0d:da:50:84:b7:92:35:2c:0e:45:7c:88:c0:a7:7d:92:b6:ba:
f8:45:87:39:91:79:c4:af:27:11:f6:d7:26:3e:b7:f0:d5:2e:
a9:28:bd:37:d2:63:b5:9d:ac:84:f3:e5:4f:22:1c:28:15:80:
84:66:b3:39:84:5a:94:47:25:62:1f:04:97:a4:3f:34:16:39:
9d:be:32:02:68:7c:2d:dc:1b:a3:d6:b5:eb:b7:f5:34:76:13:
4d:22:96:bf
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAYjBIUtsGrbOs1S1p00t2gLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNjE1MjIxNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGNlZmM2YjNhNzVmYzc5M2I0ZTAxOGRmNDQ0ZGU0ODg1NWUzZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc44HyV2j5jwIMjsRFXzpsjdmhrl
hpDRL5myNxK/X+8HAbnfPgOB6Cxv4Y4Dq8ZDM2rLEoSfQQSLMkRLeQ2ym5hQaAse
fpaOCk50l5Zux+S+r9W4cgEaHAejEZIWUasev0BDd8y14AouGIyYnU4XsvJwclK8
iqHW96M/S0Q57IUkaO5C1ZVS18WtllJrOpWUl6FW0U2G4AvWXf0g53wMm6mCQ/tc
KWsNoP+zDVnMiBYcRk0u53cocowuTwxMAMIYTk9sDBRBgTBCTmJ2N/zPAYTJBXXT
e1keezQYDooPeKUNy70pMKs0ierhfYRLMe2Nf/AADnsQ8ckfVu39F/xlfQIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFPTO/Gs6dfx5O04BjfRE3kiFXj1oMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvOU03OGF6cDFfSGs3VGdHTjlFVGVTSVZlUFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEAE1pCwMEAE1pHwMEAE+vZzAMAwQAT69zAwQAT690AwQAT692AwQAUEqtMAwD
BABREjEDBABREjIDBAFREjQDBABREjcDBABREj0DBABdukADBABdukMwDAMEAF26
RwMEAF26SAMEAbLbCAMEALLbCwMEALL9zwMEALL90jAMAwQAsv3VAwQAsv3WAwQA
sv3bAwQAsv3eAwQAsv3sAwQAsv3wMAwDBAO5L1gDBAC5L1oDBAC8/4IDBAC8/4wD
BAC8/7kDBAC8/74DBAC8/9ADBAC8/9UDBAC8/9sDBAC8/+4wDAMEArz/9AMEALz/
+DAMAwQBvP/6AwQAvP/8AwQBvP/+AwQB1EUGAwQA1EUMMA0GCSqGSIb3DQEBCwUA
A4IBAQBVp7mqTZ1W313tym4fSWZ+BFaVIt1gzO6BHXhRwgI5Z1/5/T1gy0yxm1c4
P6Wy78pSLW0EpKXPB0cNEiBbG9Xk9A9Bpqdm/Xc0bcLlN6Q9XRW4v8TwGR4Aym4f
PEUDN1CymQZno9Wt64Xpmz+pLApswkHziXE/7+f5403tMK60HLta5qsLhMwcjI7K
EEWWljlwl0C34I3/tIEsydJ1/XXbuwAN2lCEt5I1LA5FfIjAp32Strr4RYc5kXnE
rycR9tcmPrfw1S6pKL030mO1nayE8+VPIhwoFYCEZrM5hFqURyViHwSXpD80Fjmd
vjICaHwt3Buj1rXrt/U0dhNNIpa/
-----END CERTIFICATE-----
Generated at Thu Oct 5 13:40:34 2023 by rpki-client on console-ams.rpki-client.org