Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Q755YtoG8s2P6KrDg1MOMWEUdzc.roa
File: Q755YtoG8s2P6KrDg1MOMWEUdzc.roa (raw, json)
Hash identifier: 87ZnavEyidIf90u7x82xZUqdsydGzjnR8ETihtmetiM=
Subject key identifier: 43:BE:79:62:DA:06:F2:CD:8F:E8:AA:C3:83:53:0E:31:61:14:77:37
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0187B28DF9C84A5B98735E026462EEE413E2
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Q755YtoG8s2P6KrDg1MOMWEUdzc.roa
Signing time: Mon 24 Apr 2023 09:17:41 +0000
ROA not before: Mon 24 Apr 2023 09:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28964
IP address blocks: 178.253.193.0/24 maxlen: 24
178.253.212.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.220.0/23 maxlen: 23
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
188.255.205.0/24 maxlen: 24
188.255.207.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
109.121.53.0/24 maxlen: 24
109.121.55.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
188.255.253.0/24 maxlen: 24
212.69.5.0/24 maxlen: 24
178.253.232.0/24 maxlen: 24
178.253.238.0/24 maxlen: 24
109.233.188.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
178.253.244.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
178.253.250.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.190.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.195.0/24 maxlen: 24
79.175.120.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
178.219.4.0/22 maxlen: 22
178.219.15.0/24 maxlen: 24
178.219.12.0/23 maxlen: 23
77.105.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b2:8d:f9:c8:4a:5b:98:73:5e:02:64:62:ee:e4:13:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 24 09:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43be7962da06f2cd8fe8aac383530e3161147737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:68:07:76:55:48:fb:db:7a:20:53:41:ec:fa:
48:62:25:0f:87:3d:dc:c3:d3:f7:9f:60:ee:d5:be:
e6:02:0f:39:17:21:04:96:f6:69:41:8e:a9:05:3c:
5d:bf:0f:45:c9:ef:2c:07:9b:3b:c6:21:f2:7e:d9:
1a:17:04:94:a7:1e:d2:9a:98:37:b4:72:16:b0:72:
ae:4b:81:6d:f4:b9:8c:87:74:dd:16:91:d5:f9:d3:
a1:07:48:8b:f6:40:53:f9:9a:1d:8c:84:0e:b8:72:
4f:69:40:e6:f8:26:22:de:5e:bb:d7:07:37:68:6a:
23:39:83:7b:23:34:6f:6b:7e:5b:c7:52:fb:fc:4f:
55:5e:44:be:7b:ab:35:63:17:20:a2:f8:c9:00:cc:
a6:7c:ad:10:5c:dc:47:a2:d9:a2:8b:4e:ef:35:1d:
18:8d:70:d6:b0:91:5c:d1:0a:0a:34:a2:20:05:29:
a6:e6:3c:46:8d:e8:26:36:dd:5e:5b:5f:ba:5f:a2:
d5:c0:9e:8e:ec:e4:33:e8:7b:26:d0:eb:93:41:0c:
67:2c:42:53:8f:a8:c3:d5:84:3d:1e:39:61:a7:c2:
d4:44:94:c8:33:f3:52:7f:4f:b2:55:63:58:51:be:
be:48:d4:9f:31:93:20:d1:eb:a6:6b:09:0c:4c:6e:
d2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BE:79:62:DA:06:F2:CD:8F:E8:AA:C3:83:53:0E:31:61:14:77:37
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Q755YtoG8s2P6KrDg1MOMWEUdzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.39.0/24
79.175.120.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.121.53.0/24
109.121.55.0/24
109.233.188.0/24
178.219.2.0/24
178.219.4.0/22
178.219.12.0/23
178.219.15.0/24
178.253.193.0/24
178.253.212.0/24
178.253.216.0-178.253.218.255
178.253.220.0/23
178.253.232.0/24
178.253.238.0/24
178.253.244.0-178.253.246.255
178.253.250.0/24
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.199.255
188.255.205.0/24
188.255.207.0/24
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
188.255.253.0/24
212.69.3.0-212.69.5.255
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
17:ed:7d:7e:cb:30:b1:92:53:c2:88:55:68:d5:84:9e:5c:15:
b3:1d:90:73:07:92:36:39:87:12:b4:48:7f:09:8b:c3:58:a8:
20:71:cd:9c:86:ff:72:e2:3f:40:69:3f:85:1d:8b:33:dc:d4:
e0:a3:5e:20:37:2f:56:02:3a:f7:50:b0:2c:b0:18:e3:a1:43:
e7:83:f7:dc:05:48:5d:36:29:7c:8f:74:ef:a8:6d:7b:8a:4b:
ed:46:56:35:32:d8:50:66:7b:17:64:65:d1:4a:44:c7:44:b7:
e3:64:d7:6a:7f:93:2a:1f:bf:7f:c5:f4:d5:c0:14:03:01:6f:
61:73:7a:da:6f:49:51:17:d3:32:f8:67:3a:57:15:38:e5:bd:
ff:d8:49:d7:ae:d4:a8:d2:63:d0:e0:25:3b:5d:d3:50:d0:80:
80:36:48:06:24:bf:d7:82:77:9b:60:ef:5d:6e:8b:41:18:13:
e2:b3:8b:4e:cc:c3:24:bf:d7:78:75:1a:ac:ab:a3:62:e0:47:
65:74:9d:fb:79:38:44:26:81:79:e2:bc:b3:e5:e1:71:b7:5d:
e4:dc:69:99:f8:68:03:e5:22:17:3d:a2:31:1c:d6:ad:55:9f:
22:01:d6:0b:d0:9d:bc:b8:5e:86:f5:28:fe:52:59:d0:10:fa:
ca:08:23:f1
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAYeyjfnISluYc14CZGLu5BPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNDI0MDkxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2JlNzk2MmRhMDZmMmNkOGZlOGFhYzM4MzUzMGUzMTYxMTQ3NzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGgHdlVI+9t6IFNB7PpIYiUPhz3c
w9P3n2Du1b7mAg85FyEElvZpQY6pBTxdvw9Fye8sB5s7xiHyftkaFwSUpx7Smpg3
tHIWsHKuS4Ft9LmMh3TdFpHV+dOhB0iL9kBT+ZodjIQOuHJPaUDm+CYi3l671wc3
aGojOYN7IzRva35bx1L7/E9VXkS+e6s1YxcgovjJAMymfK0QXNxHotmii07vNR0Y
jXDWsJFc0QoKNKIgBSmm5jxGjegmNt1eW1+6X6LVwJ6O7OQz6Hsm0OuTQQxnLEJT
j6jD1YQ9Hjlhp8LURJTIM/NSf0+yVWNYUb6+SNSfMZMg0eumawkMTG7S3QIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFEO+eWLaBvLNj+iqw4NTDjFhFHc3MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvUTc1NVl0b0c4czJQNktyRGcxTU9NV0VVZHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAE1pJwMEAE+veAMEAFESMzAMAwQDURI4AwQAURI6AwQAURI/AwQAXbpBAwQA
XbpNAwQBbXkwAwQAbXk1AwQAbXk3AwQAbem8AwQAstsCAwQCstsEAwQBstsMAwQA
stsPAwQAsv3BAwQAsv3UMAwDBAOy/dgDBACy/doDBAGy/dwDBACy/egDBACy/e4w
DAMEArL99AMEALL99gMEALL9+gMEALz/swMEALz/vgMEAbz/wDAMAwQAvP/DAwQD
vP/AAwQAvP/NAwQAvP/PAwQAvP/ZAwQAvP/kAwQBvP/mAwQAvP/9MAwDBADURQMD
BAHURQQDBADURRMDBADURRUDBADURR4wDQYJKoZIhvcNAQELBQADggEBABftfX7L
MLGSU8KIVWjVhJ5cFbMdkHMHkjY5hxK0SH8Ji8NYqCBxzZyG/3LiP0BpP4UdizPc
1OCjXiA3L1YCOvdQsCywGOOhQ+eD99wFSF02KXyPdO+obXuKS+1GVjUy2FBmexdk
ZdFKRMdEt+Nk12p/kyofv3/F9NXAFAMBb2FzetpvSVEX0zL4ZzpXFTjlvf/YSdeu
1KjSY9DgJTtd01DQgIA2SAYkv9eCd5tg711ui0EYE+Kzi07MwyS/13h1Gqyro2Lg
R2V0nft5OEQmgXnivLPl4XG3XeTcaZn4aAPlIhc9ojEc1q1VnyIB1gvQnby4Xob1
KP5SWdAQ+soII/E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-fra.rpki-client.org