Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/dh7S5TuK2vveGPZoRxNiwlGQL4U.roa
File: dh7S5TuK2vveGPZoRxNiwlGQL4U.roa (raw, json)
Hash identifier: NDL8qW5r1CxsIDspPc7CnjmtwJFPs1mn0NsN+oW4VLQ=
Subject key identifier: 76:1E:D2:E5:3B:8A:DA:FB:DE:18:F6:68:47:13:62:C2:51:90:2F:85
Certificate issuer: /CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Certificate serial: 018AA775CE65BBE83D5030D80F23DA9436F9
Authority key identifier: 22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/dh7S5TuK2vveGPZoRxNiwlGQL4U.roa
Signing time: Mon 18 Sep 2023 08:43:50 +0000
ROA not before: Mon 18 Sep 2023 08:43:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16030
IP address blocks: 185.184.148.0/24 maxlen: 24
185.184.151.0/24 maxlen: 24
185.184.150.0/24 maxlen: 24
185.184.149.0/24 maxlen: 24
77.75.176.0/24 maxlen: 24
77.75.179.0/24 maxlen: 24
77.75.178.0/24 maxlen: 24
77.75.177.0/24 maxlen: 24
77.75.183.0/24 maxlen: 24
77.75.182.0/24 maxlen: 24
77.75.181.0/24 maxlen: 24
212.121.229.0/24 maxlen: 24
213.148.218.0/24 maxlen: 24
212.121.232.0/24 maxlen: 24
213.148.219.0/24 maxlen: 24
213.148.217.0/24 maxlen: 24
212.121.231.0/24 maxlen: 24
213.148.216.0/24 maxlen: 24
213.148.214.0/24 maxlen: 24
213.148.215.0/24 maxlen: 24
212.121.230.0/24 maxlen: 24
212.121.233.0/24 maxlen: 24
212.121.228.0/24 maxlen: 24
212.121.227.0/24 maxlen: 24
212.121.235.0/24 maxlen: 24
212.121.239.0/24 maxlen: 24
212.121.238.0/24 maxlen: 24
213.148.223.0/24 maxlen: 24
212.121.237.0/24 maxlen: 24
212.121.240.0/24 maxlen: 24
213.148.222.0/24 maxlen: 24
212.121.236.0/24 maxlen: 24
213.148.221.0/24 maxlen: 24
213.148.220.0/24 maxlen: 24
212.121.234.0/24 maxlen: 24
212.121.246.0/24 maxlen: 24
212.121.245.0/24 maxlen: 24
212.121.244.0/24 maxlen: 24
212.121.243.0/24 maxlen: 24
212.121.242.0/24 maxlen: 24
212.121.241.0/24 maxlen: 24
212.121.250.0/24 maxlen: 24
212.121.249.0/24 maxlen: 24
212.121.248.0/24 maxlen: 24
212.121.247.0/24 maxlen: 24
212.121.253.0/24 maxlen: 24
212.121.252.0/24 maxlen: 24
212.121.251.0/24 maxlen: 24
212.121.255.0/24 maxlen: 24
212.121.254.0/24 maxlen: 24
213.148.192.0/24 maxlen: 24
213.148.198.0/24 maxlen: 24
213.148.197.0/24 maxlen: 24
213.148.196.0/24 maxlen: 24
213.148.199.0/24 maxlen: 24
213.148.195.0/24 maxlen: 24
213.148.194.0/24 maxlen: 24
213.148.193.0/24 maxlen: 24
213.148.205.0/24 maxlen: 24
213.148.204.0/24 maxlen: 24
213.148.203.0/24 maxlen: 24
213.148.202.0/24 maxlen: 24
213.148.206.0/24 maxlen: 24
213.148.201.0/24 maxlen: 24
213.148.200.0/24 maxlen: 24
213.148.208.0/24 maxlen: 24
213.148.207.0/24 maxlen: 24
213.148.212.0/24 maxlen: 24
213.148.211.0/24 maxlen: 24
212.121.225.0/24 maxlen: 24
213.148.210.0/24 maxlen: 24
213.148.213.0/24 maxlen: 24
212.121.224.0/24 maxlen: 24
213.148.209.0/24 maxlen: 24
212.121.226.0/24 maxlen: 24
2001:4d10::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:75:ce:65:bb:e8:3d:50:30:d8:0f:23:da:94:36:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Validity
Not Before: Sep 18 08:43:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=761ed2e53b8adafbde18f668471362c251902f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:38:a9:3e:08:55:b0:b4:8d:a1:0b:40:93:ed:
9c:0a:74:23:f7:c9:76:52:76:47:92:72:54:59:5b:
3b:3c:47:fa:02:ad:86:41:4d:d6:c7:0a:f4:27:b4:
ce:64:7d:b1:11:e9:d4:cb:b6:1d:28:13:6c:e1:89:
b0:70:1a:b4:2f:5b:c9:64:ec:16:85:c6:6a:ea:21:
0b:e1:99:c7:1f:2a:b3:7b:d4:df:02:cd:c0:6e:60:
9a:86:6f:c1:cc:7d:ad:00:5e:e5:37:04:cc:5c:72:
cd:be:d0:c3:a8:54:3c:df:98:07:20:f5:18:18:1e:
39:59:e3:48:e6:b4:15:0f:37:79:ef:db:cb:8e:27:
c7:e8:62:81:b0:ae:b2:3b:7f:97:84:d3:ab:43:c0:
b5:24:86:d9:2c:b3:6b:48:21:a2:db:86:92:3c:23:
d3:ec:d6:aa:6f:3e:0e:0f:b2:58:d6:f7:c7:ca:be:
29:5f:50:39:96:bc:9f:a0:1d:6b:10:6c:10:cd:03:
58:b1:5a:78:54:e2:49:d2:74:42:2b:6f:0a:9b:19:
8f:d1:c3:be:90:ba:9a:b3:95:9a:53:da:f6:bc:d6:
aa:f4:c8:c4:d9:b9:95:2c:5e:c1:e3:8e:73:54:18:
94:dd:4c:d0:e9:6d:12:6f:55:92:6d:62:7c:98:90:
11:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:1E:D2:E5:3B:8A:DA:FB:DE:18:F6:68:47:13:62:C2:51:90:2F:85
X509v3 Authority Key Identifier:
keyid:22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/dh7S5TuK2vveGPZoRxNiwlGQL4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.176.0/22
77.75.181.0-77.75.183.255
185.184.148.0/22
212.121.224.0/19
213.148.192.0/19
IPv6:
2001:4d10::/32
Signature Algorithm: sha256WithRSAEncryption
e0:35:5a:58:28:09:83:eb:c8:f4:34:93:4f:da:66:70:b9:4c:
fe:d4:04:73:39:d0:e1:b1:0a:ad:e3:2c:90:f0:e7:7a:b7:ad:
76:b5:1e:78:f4:1a:87:a0:2e:64:79:3a:c0:a6:84:e2:6d:8d:
9e:a8:96:a2:73:bb:9c:29:b9:5c:dd:22:5f:85:59:f7:3d:1f:
b1:ce:81:d5:74:fa:cd:16:65:85:7f:83:9b:df:5c:23:9d:89:
b2:5c:35:6c:93:d9:aa:fc:79:42:5c:2a:3e:b2:6e:0d:2a:45:
4b:3a:95:08:b7:f9:ac:db:8b:a6:b6:32:fb:5b:19:7c:8c:65:
56:fd:a2:b6:0a:8a:a5:20:16:bc:64:eb:ec:cc:fb:8c:e8:e7:
70:8f:a8:a2:47:a5:4c:1a:5d:83:56:9a:4e:eb:b3:39:64:21:
d2:e2:d4:4c:d3:e8:c2:f3:33:bb:ae:9c:a1:16:e6:3d:aa:19:
8a:1b:57:b2:3b:43:48:b4:1b:53:6d:12:d1:fa:04:b0:32:6e:
b0:d3:59:33:5e:7d:5d:d6:85:3f:67:4b:ea:a2:cb:21:23:89:
43:eb:a0:b0:cc:ec:0c:c4:a7:2f:95:e6:d8:d9:39:77:bd:d4:
37:b9:b3:50:5f:b9:f4:89:8d:b3:53:72:ae:92:79:ab:44:84:
51:fe:96:2d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYqndc5lu+g9UDDYDyPalDb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzdjZGE3NWY0ZTE1ZTQ4NmRlZTVhNjUwMWNiZTIwMThi
YzBlMGYwHhcNMjMwOTE4MDg0MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjFlZDJlNTNiOGFkYWZiZGUxOGY2Njg0NzEzNjJjMjUxOTAyZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DipPghVsLSNoQtAk+2cCnQj98l2
UnZHknJUWVs7PEf6Aq2GQU3Wxwr0J7TOZH2xEenUy7YdKBNs4YmwcBq0L1vJZOwW
hcZq6iEL4ZnHHyqze9TfAs3AbmCahm/BzH2tAF7lNwTMXHLNvtDDqFQ835gHIPUY
GB45WeNI5rQVDzd579vLjifH6GKBsK6yO3+XhNOrQ8C1JIbZLLNrSCGi24aSPCPT
7Naqbz4OD7JY1vfHyr4pX1A5lryfoB1rEGwQzQNYsVp4VOJJ0nRCK28KmxmP0cO+
kLqas5WaU9r2vNaq9MjE2bmVLF7B445zVBiU3UzQ6W0Sb1WSbWJ8mJARMwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFHYe0uU7itr73hj2aEcTYsJRkC+FMB8GA1UdIwQY
MBaAFCLHzadfThXkht7lplAcviAYvA4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5Nzgt
NzUxYjE3ZDFjNDM3LzEvZGg3UzVUdUsydnZlR1Bab1J4Tml3bEdRTDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5NzgtNzUxYjE3ZDFjNDM3
LzEvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCTUuwMAwD
BABNS7UDBANNS7ADBAK5uJQDBAXUeeADBAXVlMAwDQQCAAIwBwMFACABTRAwDQYJ
KoZIhvcNAQELBQADggEBAOA1WlgoCYPryPQ0k0/aZnC5TP7UBHM50OGxCq3jLJDw
53q3rXa1Hnj0GoegLmR5OsCmhOJtjZ6olqJzu5wpuVzdIl+FWfc9H7HOgdV0+s0W
ZYV/g5vfXCOdibJcNWyT2ar8eUJcKj6ybg0qRUs6lQi3+azbi6a2MvtbGXyMZVb9
orYKiqUgFrxk6+zM+4zo53CPqKJHpUwaXYNWmk7rszlkIdLi1EzT6MLzM7uunKEW
5j2qGYobV7I7Q0i0G1NtEtH6BLAybrDTWTNefV3WhT9nS+qiyyEjiUProLDM7AzE
py+V5tjZOXe91De5s1BfufSJjbNTcq6SeatEhFH+li0=
-----END CERTIFICATE-----
Generated at Mon Nov 20 13:56:17 2023 by rpki-client on console-fra.rpki-client.org