Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/yH5LUfWhqmYJ5CN8tieh0KIvbUo.roa
File: yH5LUfWhqmYJ5CN8tieh0KIvbUo.roa (raw, json)
Hash identifier: Z8YS8DcSti9FNCHHRSg2xJ00WOjf76u2bXfvgazrZzY=
Subject key identifier: C8:7E:4B:51:F5:A1:AA:66:09:E4:23:7C:B6:27:A1:D0:A2:2F:6D:4A
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0189BFD7CE4BD750A56688F361AB97510667
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/yH5LUfWhqmYJ5CN8tieh0KIvbUo.roa
Signing time: Fri 04 Aug 2023 09:18:58 +0000
ROA not before: Fri 04 Aug 2023 09:18:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28964
IP address blocks: 178.253.212.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.220.0/23 maxlen: 23
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
188.255.205.0/24 maxlen: 24
188.255.207.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.2.0/24 maxlen: 24
109.121.53.0/24 maxlen: 24
109.121.55.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
188.255.253.0/24 maxlen: 24
212.69.5.0/24 maxlen: 24
178.253.232.0/24 maxlen: 24
178.253.238.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
109.233.188.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
178.253.244.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
178.253.250.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.190.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.195.0/24 maxlen: 24
79.175.120.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
178.219.4.0/22 maxlen: 22
178.219.12.0/23 maxlen: 23
178.219.15.0/24 maxlen: 24
77.105.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Aug 2023 19:17:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bf:d7:ce:4b:d7:50:a5:66:88:f3:61:ab:97:51:06:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Aug 4 09:18:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c87e4b51f5a1aa6609e4237cb627a1d0a22f6d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:68:34:4a:7a:cf:68:70:cf:63:e3:b3:11:99:
84:12:0b:59:40:9b:50:49:be:a8:a7:12:68:a5:e3:
e5:98:fb:96:a3:63:e5:15:c4:07:3e:fc:56:d5:0f:
47:f8:66:20:ab:23:5d:86:0d:1f:f9:d0:c7:e1:8d:
bd:e5:39:a5:b8:62:46:b0:78:34:b1:cf:67:fd:1a:
94:01:7e:32:ff:8b:2f:f5:fd:5f:d0:05:32:0b:6a:
a8:bf:02:1d:dd:64:96:fa:f7:83:6d:36:7a:94:39:
29:d8:61:f2:2c:27:1c:b1:e0:a8:d0:04:5e:2a:a7:
53:01:3d:a3:4b:62:9e:57:ae:0c:ef:e4:d4:e1:62:
86:30:fc:89:1f:99:a3:fc:6d:33:e2:c9:96:e7:8a:
ff:cc:ea:cf:e0:1c:ed:1b:ee:f3:aa:93:63:cd:47:
b1:c8:7f:d2:e1:75:76:29:a8:d7:d1:1e:da:8f:cf:
3d:f9:1d:71:8d:96:34:00:74:36:01:e3:52:8f:4d:
0d:55:d0:87:a1:95:53:57:68:bc:67:58:a8:62:61:
5c:2a:b4:d3:01:fe:7e:fc:45:b6:a8:1e:e5:34:1b:
1a:c2:03:eb:fb:b1:71:2d:e8:c8:1c:a7:dc:6c:04:
9a:16:b6:41:09:98:73:d8:51:9a:0a:eb:83:ba:95:
f2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7E:4B:51:F5:A1:AA:66:09:E4:23:7C:B6:27:A1:D0:A2:2F:6D:4A
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/yH5LUfWhqmYJ5CN8tieh0KIvbUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.39.0/24
79.175.120.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.121.53.0/24
109.121.55.0/24
109.233.188.0/24
178.219.2.0/24
178.219.4.0/22
178.219.12.0/23
178.219.15.0/24
178.253.212.0/24
178.253.216.0-178.253.218.255
178.253.220.0/23
178.253.232.0/24
178.253.238.0/24
178.253.244.0-178.253.246.255
178.253.250.0/24
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.199.255
188.255.205.0/24
188.255.207.0/24
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
188.255.253.0/24
212.69.2.0-212.69.5.255
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
15:51:71:c3:79:fa:33:1e:c1:0f:f1:fe:de:28:b8:17:ec:de:
8c:74:e3:07:ca:d9:09:79:be:d3:3d:d6:f5:5d:86:fb:48:0c:
6f:62:6d:7a:e9:9d:a9:31:e8:d4:69:f5:dd:60:b7:e9:88:0f:
89:73:25:b2:a3:83:a4:56:90:02:68:a2:58:1c:6b:a3:fc:ff:
8f:d9:d5:ba:24:70:e7:cb:3c:48:b6:ff:47:2a:e2:3a:4e:1e:
f6:44:eb:19:de:de:99:be:b3:ee:71:d6:92:d2:97:6d:90:99:
f0:80:95:99:c0:d2:9a:41:b7:da:e1:ab:ca:bc:db:76:df:b7:
7a:2e:dc:fb:d6:5d:03:6c:b6:14:64:36:ed:78:cf:b0:65:6d:
5d:26:59:ad:3e:f6:e2:29:f7:8f:ad:35:be:96:dd:92:56:65:
ff:bb:97:8b:8e:d8:f6:ee:ac:b6:d7:41:74:47:a7:d0:54:2a:
f9:29:f2:15:8d:fc:cf:26:aa:1e:99:a8:b1:a2:7f:a8:68:57:
07:16:42:97:5e:bd:02:85:bc:21:41:f5:69:bf:cf:02:f3:01:
9e:c6:6d:af:1d:4e:68:9f:2c:07:a6:bd:19:1d:00:6e:04:2d:
c7:77:41:f9:a9:e1:12:6f:12:87:17:53:ca:a2:d5:c6:c0:54:
e2:30:8c:3b
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAYm/185L11ClZojzYauXUQZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwODA0MDkxODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODdlNGI1MWY1YTFhYTY2MDllNDIzN2NiNjI3YTFkMGEyMmY2ZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Gg0SnrPaHDPY+OzEZmEEgtZQJtQ
Sb6opxJopePlmPuWo2PlFcQHPvxW1Q9H+GYgqyNdhg0f+dDH4Y295TmluGJGsHg0
sc9n/RqUAX4y/4sv9f1f0AUyC2qovwId3WSW+veDbTZ6lDkp2GHyLCccseCo0ARe
KqdTAT2jS2KeV64M7+TU4WKGMPyJH5mj/G0z4smW54r/zOrP4BztG+7zqpNjzUex
yH/S4XV2KajX0R7aj889+R1xjZY0AHQ2AeNSj00NVdCHoZVTV2i8Z1ioYmFcKrTT
Af5+/EW2qB7lNBsawgPr+7FxLejIHKfcbASaFrZBCZhz2FGaCuuDupXyhwIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFMh+S1H1oapmCeQjfLYnodCiL21KMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEveUg1TFVmV2hxbVlKNUNOOHRpZWgwS0l2YlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgABMIIB
AAMEAE1pJwMEAE+veAMEAFESMzAMAwQDURI4AwQAURI6AwQAURI/AwQAXbpBAwQA
XbpNAwQBbXkwAwQAbXk1AwQAbXk3AwQAbem8AwQAstsCAwQCstsEAwQBstsMAwQA
stsPAwQAsv3UMAwDBAOy/dgDBACy/doDBAGy/dwDBACy/egDBACy/e4wDAMEArL9
9AMEALL99gMEALL9+gMEALz/swMEALz/vgMEAbz/wDAMAwQAvP/DAwQDvP/AAwQA
vP/NAwQAvP/PAwQAvP/ZAwQAvP/kAwQBvP/mAwQAvP/9MAwDBAHURQIDBAHURQQD
BADURRMDBADURRUDBADURR4wDQYJKoZIhvcNAQELBQADggEBABVRccN5+jMewQ/x
/t4ouBfs3ox04wfK2Ql5vtM91vVdhvtIDG9ibXrpnakx6NRp9d1gt+mID4lzJbKj
g6RWkAJoolgca6P8/4/Z1bokcOfLPEi2/0cq4jpOHvZE6xne3pm+s+5x1pLSl22Q
mfCAlZnA0ppBt9rhq8q823bft3ou3PvWXQNsthRkNu14z7BlbV0mWa0+9uIp94+t
Nb6W3ZJWZf+7l4uO2PburLbXQXRHp9BUKvkp8hWN/M8mqh6ZqLGif6hoVwcWQpde
vQKFvCFB9Wm/zwLzAZ7Gba8dTmifLAemvRkdAG4ELcd3Qfmp4RJvEocXU8qi1cbA
VOIwjDs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:27 2024 by rpki-client on console-fra.rpki-client.org