Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/78eO7Pla_bCc59maboV3qOoaJNc.roa
File: 78eO7Pla_bCc59maboV3qOoaJNc.roa (raw, json)
Hash identifier: Wce7vhg0xltTU3BkMzIeAbNQpCTBc4pd0bGNmaNRLhg=
Subject key identifier: EF:C7:8E:EC:F9:5A:FD:B0:9C:E7:D9:9A:6E:85:77:A8:EA:1A:24:D7
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 0189262D9C52862206552FC9DFDF79CE458F
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/78eO7Pla_bCc59maboV3qOoaJNc.roa
Signing time: Wed 05 Jul 2023 13:11:10 +0000
ROA not before: Wed 05 Jul 2023 13:11:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34358
IP address blocks: 37.251.255.0/24 maxlen: 24
89.36.130.0/24 maxlen: 24
89.36.132.0/23 maxlen: 24
89.36.129.0/24 maxlen: 24
89.36.128.0/23 maxlen: 23
89.36.128.0/24 maxlen: 24
89.36.134.0/24 maxlen: 24
89.36.135.0/24 maxlen: 24
93.115.112.0/21 maxlen: 21
37.251.248.0/21 maxlen: 21
46.102.144.0/22 maxlen: 22
89.42.11.0/24 maxlen: 24
193.242.120.0/24 maxlen: 24
188.215.48.0/21 maxlen: 21
86.105.192.0/24 maxlen: 24
91.208.142.0/24 maxlen: 24
89.38.248.0/24 maxlen: 24
89.38.250.0/23 maxlen: 23
89.38.249.0/24 maxlen: 24
89.38.252.0/22 maxlen: 22
89.45.192.0/21 maxlen: 21
89.45.192.0/23 maxlen: 23
193.239.130.0/23 maxlen: 23
91.200.120.0/22 maxlen: 22
91.200.120.0/23 maxlen: 23
91.200.122.0/23 maxlen: 23
89.32.44.0/24 maxlen: 24
89.32.44.0/22 maxlen: 22
89.45.168.0/21 maxlen: 21
37.251.160.0/20 maxlen: 20
109.95.8.0/21 maxlen: 21
94.24.76.0/23 maxlen: 23
94.24.78.0/24 maxlen: 24
94.24.72.0/22 maxlen: 22
94.24.29.0/24 maxlen: 24
37.251.128.0/19 maxlen: 19
94.24.48.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:2d:9c:52:86:22:06:55:2f:c9:df:df:79:ce:45:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: Jul 5 13:11:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=efc78eecf95afdb09ce7d99a6e8577a8ea1a24d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:de:35:b0:d8:d9:9c:63:e4:4e:25:fc:3e:4b:
4b:5c:db:6e:6e:8d:f7:ca:72:fe:85:94:4d:91:1a:
71:6b:33:82:7c:1a:94:78:f3:72:90:dc:8f:3d:eb:
6e:8e:e0:90:10:30:3e:e0:60:9c:9c:b2:c4:19:a7:
1e:7e:fb:86:92:ec:36:76:18:c5:f4:27:93:c0:ce:
21:47:1b:e7:d7:51:2c:f6:f1:21:4b:d5:50:8c:89:
2d:42:06:61:a2:df:00:1e:e5:00:ff:77:79:86:29:
dc:79:79:da:58:9f:4d:e9:e4:3b:d7:83:2b:ba:1c:
34:a8:28:2f:f6:f3:d0:40:02:f8:33:fa:d2:0f:bf:
f6:c8:c3:4c:85:97:20:75:6d:25:e5:52:a4:a8:f7:
2a:36:f0:32:f8:c4:2b:7e:d6:52:48:8a:a3:8e:22:
af:c2:f2:bf:26:5b:b7:7f:53:99:86:75:20:9b:6c:
fa:79:6a:9a:3c:f5:36:b9:6d:97:6a:f7:89:2f:a0:
04:b3:bb:fc:94:7f:4a:87:c8:e5:90:29:9f:37:f1:
56:e5:f3:5b:30:13:2c:60:9f:21:46:a9:94:86:33:
c0:e8:9e:38:73:f2:56:11:41:49:84:f4:88:5a:1d:
3f:0c:53:88:fd:7d:a0:6b:b7:e4:17:69:6f:21:b4:
d8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:C7:8E:EC:F9:5A:FD:B0:9C:E7:D9:9A:6E:85:77:A8:EA:1A:24:D7
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/78eO7Pla_bCc59maboV3qOoaJNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.251.128.0-37.251.175.255
37.251.248.0/21
46.102.144.0/22
86.105.192.0/24
89.32.44.0/22
89.36.128.0-89.36.130.255
89.36.132.0/22
89.38.248.0/21
89.42.11.0/24
89.45.168.0/21
89.45.192.0/21
91.200.120.0/22
91.208.142.0/24
93.115.112.0/21
94.24.29.0/24
94.24.48.0/21
94.24.72.0-94.24.78.255
109.95.8.0/21
188.215.48.0/21
193.239.130.0/23
193.242.120.0/24
Signature Algorithm: sha256WithRSAEncryption
33:b9:ad:e1:17:36:21:9a:22:71:82:a7:c2:30:3e:7d:69:68:
30:27:66:ad:20:ea:86:8c:b8:de:55:1f:de:f9:c9:34:ba:d6:
df:4f:b8:aa:85:6c:38:5d:87:03:77:45:7f:9a:08:fb:79:5b:
f9:69:28:4d:dd:25:ee:f1:f2:eb:c0:b5:cf:7e:85:e8:4e:55:
d8:10:da:7c:5a:ab:a5:5a:47:f3:b3:7f:4e:a4:bf:53:04:32:
21:90:bd:5b:c4:6a:b0:9a:4e:da:7d:f2:49:b0:7a:fe:d4:65:
61:34:09:fa:06:05:f6:9a:0c:f7:ed:c9:a4:d5:3f:07:d8:03:
6e:82:9c:79:85:c0:4c:5a:12:ee:76:e1:22:53:7e:f6:88:21:
10:b5:66:c6:10:d7:8a:17:06:55:37:25:70:61:6d:fa:09:f3:
33:1b:54:ce:51:2f:59:85:54:66:43:73:fd:87:1b:5e:76:a7:
88:b2:b5:0f:8a:f5:49:4d:13:e4:5a:d5:53:7c:78:98:b1:6f:
7a:57:e4:fd:4f:14:20:5b:81:3d:e4:cb:c6:14:e3:9d:45:37:
84:6f:7c:3c:ed:84:32:60:ec:3d:34:ec:56:a8:c1:8b:6d:a3:
e2:48:f3:72:5b:13:24:65:36:a0:7a:dd:e3:95:65:63:1a:da:
9a:3c:1a:3f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYkmLZxShiIGVS/J3995zkWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGFmNDg1YjRmZDBmMDM3MTdjZDRhNzA5ZWYxMWM2MWQz
ZWY0NmUwHhcNMjMwNzA1MTMxMTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmM3OGVlY2Y5NWFmZGIwOWNlN2Q5OWE2ZTg1NzdhOGVhMWEyNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi941sNjZnGPkTiX8PktLXNtubo33
ynL+hZRNkRpxazOCfBqUePNykNyPPetujuCQEDA+4GCcnLLEGacefvuGkuw2dhjF
9CeTwM4hRxvn11Es9vEhS9VQjIktQgZhot8AHuUA/3d5hinceXnaWJ9N6eQ714Mr
uhw0qCgv9vPQQAL4M/rSD7/2yMNMhZcgdW0l5VKkqPcqNvAy+MQrftZSSIqjjiKv
wvK/Jlu3f1OZhnUgm2z6eWqaPPU2uW2XaveJL6AEs7v8lH9Kh8jlkCmfN/FW5fNb
MBMsYJ8hRqmUhjPA6J44c/JWEUFJhPSIWh0/DFOI/X2ga7fkF2lvIbTY0wIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFO/Hjuz5Wv2wnOfZmm6Fd6jqGiTXMB8GA1UdIwQY
MBaAFECK9IW0/Q8DcXzUpwnvEcYdPvRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzkt
Yjk1YjA4YTIzYWUxLzEvNzhlTzdQbGFfYkNjNTltYWJvVjNxT29hSk5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzktYjk1YjA4YTIzYWUx
LzEvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYwDAME
ByX7gAMEBCX7oAMEAyX7+AMEAi5mkAMEAFZpwAMEAlkgLDAMAwQHWSSAAwQAWSSC
AwQCWSSEAwQDWSb4AwQAWSoLAwQDWS2oAwQDWS3AAwQCW8h4AwQAW9COAwQDXXNw
AwQAXhgdAwQDXhgwMAwDBANeGEgDBABeGE4DBANtXwgDBAO81zADBAHB74IDBADB
8ngwDQYJKoZIhvcNAQELBQADggEBADO5reEXNiGaInGCp8IwPn1paDAnZq0g6oaM
uN5VH975yTS61t9PuKqFbDhdhwN3RX+aCPt5W/lpKE3dJe7x8uvAtc9+hehOVdgQ
2nxaq6VaR/Ozf06kv1MEMiGQvVvEarCaTtp98kmwev7UZWE0CfoGBfaaDPftyaTV
PwfYA26CnHmFwExaEu524SJTfvaIIRC1ZsYQ14oXBlU3JXBhbfoJ8zMbVM5RL1mF
VGZDc/2HG152p4iytQ+K9UlNE+Ra1VN8eJixb3pX5P1PFCBbgT3ky8YU451FN4Rv
fDzthDJg7D007FaowYtto+JI83JbEyRlNqB63eOVZWMa2po8Gj8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:24 2024 by rpki-client on console-fra.rpki-client.org