Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/CtwKEgIUAHLJD1O12A3jaSjoukA.roa
File: CtwKEgIUAHLJD1O12A3jaSjoukA.roa (raw, json)
Hash identifier: vE3uUqocDKBRH2COHdjE1rOYLNGEnWClb2h+ZRVzyH8=
Subject key identifier: 0A:DC:0A:12:02:14:00:72:C9:0F:53:B5:D8:0D:E3:69:28:E8:BA:40
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018B6392F07D7CFCA7C713BA72E620837AF5
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/CtwKEgIUAHLJD1O12A3jaSjoukA.roa
Signing time: Tue 24 Oct 2023 21:24:16 +0000
ROA not before: Tue 24 Oct 2023 21:24:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28964
IP address blocks: 178.253.212.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.220.0/23 maxlen: 23
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
188.255.207.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.2.0/24 maxlen: 24
109.121.53.0/24 maxlen: 24
109.121.55.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
188.255.253.0/24 maxlen: 24
212.69.5.0/24 maxlen: 24
178.253.232.0/24 maxlen: 24
178.253.238.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
109.233.188.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
178.253.244.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.190.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.195.0/24 maxlen: 24
79.175.120.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
178.219.15.0/24 maxlen: 24
79.175.85.0/24 maxlen: 24
77.105.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:63:92:f0:7d:7c:fc:a7:c7:13:ba:72:e6:20:83:7a:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Oct 24 21:24:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0adc0a1202140072c90f53b5d80de36928e8ba40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c9:fb:55:f6:89:b6:ee:e3:89:c9:ca:e4:60:
3f:1d:3b:26:4d:4a:f7:b0:45:05:7e:4c:0d:d8:21:
d7:56:a4:96:30:35:01:65:3a:21:e5:be:85:b0:88:
6f:00:68:17:26:e3:96:d6:02:15:25:c6:31:42:e2:
dd:ea:e3:9e:25:f6:73:47:3c:0e:27:12:07:cc:77:
23:9a:57:c4:09:e9:f7:ae:55:e5:ba:eb:e8:34:cc:
0d:13:e7:b6:3e:50:88:1b:20:a9:41:d5:cd:a3:87:
20:73:d9:f3:25:90:2b:b4:d2:f3:59:e4:33:90:19:
48:7d:e6:12:c2:21:2a:4d:f5:53:68:48:b0:cf:15:
ed:0d:29:6b:30:23:68:dc:98:49:17:ed:16:74:4a:
fc:aa:b0:da:db:e6:b5:95:05:30:c2:4f:02:c0:46:
63:2a:72:84:8c:72:f6:37:dc:8b:5e:81:66:16:57:
3b:b7:08:ac:08:44:a2:2c:84:07:52:11:1e:5f:c7:
cd:e3:4e:b2:02:97:4e:79:21:91:8f:f5:71:90:17:
02:e5:84:a1:51:af:d6:a6:99:d6:62:18:a3:43:f1:
3d:8b:75:d4:15:33:11:f9:2f:e6:61:07:cb:44:37:
ae:b3:ee:d3:20:bd:5b:93:b7:10:7b:98:ae:16:85:
0d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:DC:0A:12:02:14:00:72:C9:0F:53:B5:D8:0D:E3:69:28:E8:BA:40
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/CtwKEgIUAHLJD1O12A3jaSjoukA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.39.0/24
79.175.85.0/24
79.175.120.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.121.53.0/24
109.121.55.0/24
109.233.188.0/24
178.219.2.0/24
178.219.15.0/24
178.253.212.0/24
178.253.216.0-178.253.218.255
178.253.220.0/23
178.253.232.0/24
178.253.238.0/24
178.253.244.0-178.253.246.255
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.199.255
188.255.207.0/24
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
188.255.253.0/24
212.69.2.0-212.69.5.255
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:ec:db:b0:49:30:aa:db:18:97:a4:48:8f:a8:99:39:4a:e0:
ab:fd:07:c2:88:e3:43:a6:17:b4:24:28:aa:3c:a6:3a:ef:3e:
45:ea:e9:44:b1:72:36:01:0c:77:fe:32:6a:78:e8:75:f9:53:
31:50:e2:73:8a:a0:7d:07:69:22:17:12:bb:05:e0:a6:b4:cb:
6b:f1:d9:8b:2d:e5:2b:2c:38:fc:1c:ae:b6:cc:1a:2a:7e:c2:
4f:1e:34:1a:66:80:20:e5:a2:d1:b7:c6:b3:a5:67:e9:20:46:
ae:d7:74:08:d3:4e:82:5e:2e:ed:3c:5e:b7:ac:45:3f:64:e1:
b8:99:08:dd:5c:51:18:41:04:48:dc:4f:48:f5:62:20:67:4b:
1f:e6:c9:c9:e4:8c:39:71:7f:90:38:8b:49:89:27:52:9f:7a:
6c:fd:2d:ff:f7:d8:04:72:7d:dd:5e:10:19:23:a4:bc:38:df:
bd:a2:1c:74:27:e8:7a:d0:dc:21:24:1b:f7:ec:14:e0:86:5f:
fe:ba:fa:85:f1:b3:ec:f9:6e:5f:67:05:29:39:f8:39:2a:2f:
8e:f9:31:aa:17:c4:b2:c2:ec:ef:95:f0:e5:4f:b4:28:c6:be:
09:f3:39:07:9a:4b:d8:52:f8:f5:7f:b3:3d:4d:35:77:2b:dd:
0e:9d:dd:20
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYtjkvB9fPynxxO6cuYgg3r1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMxMDI0MjEyNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWRjMGExMjAyMTQwMDcyYzkwZjUzYjVkODBkZTM2OTI4ZThiYTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcn7VfaJtu7jicnK5GA/HTsmTUr3
sEUFfkwN2CHXVqSWMDUBZToh5b6FsIhvAGgXJuOW1gIVJcYxQuLd6uOeJfZzRzwO
JxIHzHcjmlfECen3rlXluuvoNMwNE+e2PlCIGyCpQdXNo4cgc9nzJZArtNLzWeQz
kBlIfeYSwiEqTfVTaEiwzxXtDSlrMCNo3JhJF+0WdEr8qrDa2+a1lQUwwk8CwEZj
KnKEjHL2N9yLXoFmFlc7twisCESiLIQHUhEeX8fN406yApdOeSGRj/VxkBcC5YSh
Ua/WppnWYhijQ/E9i3XUFTMR+S/mYQfLRDeus+7TIL1bk7cQe5iuFoUN8wIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFArcChICFAByyQ9TtdgN42ko6LpAMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvQ3R3S0VnSVVBSExKRDFPMTJBM2phU2pvdWtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQA
TWknAwQAT69VAwQAT694AwQAURIzMAwDBANREjgDBABREjoDBABREj8DBABdukED
BABduk0DBAFteTADBABteTUDBABteTcDBABt6bwDBACy2wIDBACy2w8DBACy/dQw
DAMEA7L92AMEALL92gMEAbL93AMEALL96AMEALL97jAMAwQCsv30AwQAsv32AwQA
vP+zAwQAvP++AwQBvP/AMAwDBAC8/8MDBAO8/8ADBAC8/88DBAC8/9kDBAC8/+QD
BAG8/+YDBAC8//0wDAMEAdRFAgMEAdRFBAMEANRFEwMEANRFFQMEANRFHjANBgkq
hkiG9w0BAQsFAAOCAQEAfezbsEkwqtsYl6RIj6iZOUrgq/0HwojjQ6YXtCQoqjym
Ou8+RerpRLFyNgEMd/4yanjodflTMVDic4qgfQdpIhcSuwXgprTLa/HZiy3lKyw4
/ByutswaKn7CTx40GmaAIOWi0bfGs6Vn6SBGrtd0CNNOgl4u7Txet6xFP2ThuJkI
3VxRGEEESNxPSPViIGdLH+bJyeSMOXF/kDiLSYknUp96bP0t//fYBHJ93V4QGSOk
vDjfvaIcdCfoetDcISQb9+wU4IZf/rr6hfGz7PluX2cFKTn4OSovjvkxqhfEssLs
75Xw5U+0KMa+CfM5B5pL2FL49X+zPU01dyvdDp3dIA==
-----END CERTIFICATE-----
Generated at Fri Nov 3 09:31:24 2023 by rpki-client on console-ams.rpki-client.org