Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/PzRKr5u05-lH_uV6Roe8EMITEsA.roa
File: PzRKr5u05-lH_uV6Roe8EMITEsA.roa (raw, json)
Hash identifier: iFcV+x3hUtK5xMkpqQ5vIaajYRUbONnXoCtQup7eD5k=
Subject key identifier: 3F:34:4A:AF:9B:B4:E7:E9:47:FE:E5:7A:46:87:BC:10:C2:13:12:C0
Certificate issuer: /CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
Certificate serial: 0188522A9F5B6580EAB981DD0E190328813D
Authority key identifier: 1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/PzRKr5u05-lH_uV6Roe8EMITEsA.roa
Signing time: Thu 25 May 2023 09:08:24 +0000
ROA not before: Thu 25 May 2023 09:08:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39273
IP address blocks: 78.110.79.0/24 maxlen: 24
81.22.30.0/24 maxlen: 24
81.22.31.0/24 maxlen: 24
81.22.28.0/24 maxlen: 24
81.22.29.0/24 maxlen: 24
81.22.27.0/24 maxlen: 24
81.22.25.0/24 maxlen: 24
81.22.26.0/24 maxlen: 24
77.92.165.0/24 maxlen: 24
77.92.166.0/24 maxlen: 24
77.92.163.0/24 maxlen: 24
77.92.164.0/24 maxlen: 24
77.92.161.0/24 maxlen: 24
77.92.162.0/24 maxlen: 24
77.92.160.0/19 maxlen: 19
77.92.160.0/24 maxlen: 24
77.92.172.0/24 maxlen: 24
77.92.170.0/24 maxlen: 24
77.92.171.0/24 maxlen: 24
77.92.168.0/24 maxlen: 24
77.92.169.0/24 maxlen: 24
77.92.167.0/24 maxlen: 24
77.92.173.0/24 maxlen: 24
77.92.179.0/24 maxlen: 24
77.92.177.0/24 maxlen: 24
77.92.178.0/24 maxlen: 24
77.92.175.0/24 maxlen: 24
77.92.176.0/24 maxlen: 24
77.92.174.0/24 maxlen: 24
77.92.186.0/24 maxlen: 24
77.92.184.0/24 maxlen: 24
77.92.185.0/24 maxlen: 24
77.92.182.0/24 maxlen: 24
77.92.183.0/24 maxlen: 24
77.92.181.0/24 maxlen: 24
77.92.180.0/24 maxlen: 24
77.92.191.0/24 maxlen: 24
77.92.189.0/24 maxlen: 24
77.92.190.0/24 maxlen: 24
77.92.188.0/24 maxlen: 24
77.92.187.0/24 maxlen: 24
81.22.16.0/20 maxlen: 20
81.22.16.0/24 maxlen: 24
81.22.17.0/24 maxlen: 24
81.22.23.0/24 maxlen: 24
81.22.24.0/24 maxlen: 24
81.22.21.0/24 maxlen: 24
81.22.22.0/24 maxlen: 24
81.22.20.0/24 maxlen: 24
81.22.18.0/24 maxlen: 24
81.22.19.0/24 maxlen: 24
78.110.64.0/24 maxlen: 24
78.110.64.0/20 maxlen: 20
78.110.70.0/24 maxlen: 24
78.110.71.0/24 maxlen: 24
78.110.68.0/24 maxlen: 24
78.110.69.0/24 maxlen: 24
78.110.67.0/24 maxlen: 24
78.110.65.0/24 maxlen: 24
78.110.66.0/24 maxlen: 24
78.110.74.0/24 maxlen: 24
78.110.77.0/24 maxlen: 24
77.83.91.0/24 maxlen: 24
78.110.78.0/24 maxlen: 24
78.110.75.0/24 maxlen: 24
78.110.72.0/24 maxlen: 24
78.110.73.0/24 maxlen: 24
77.83.89.0/24 maxlen: 24
78.110.76.0/24 maxlen: 24
77.83.90.0/24 maxlen: 24
77.83.88.0/24 maxlen: 24
77.83.88.0/22 maxlen: 22
87.236.50.0/24 maxlen: 24
87.236.48.0/21 maxlen: 21
87.236.51.0/24 maxlen: 24
87.236.48.0/24 maxlen: 24
87.236.49.0/24 maxlen: 24
185.33.178.0/24 maxlen: 24
185.33.179.0/24 maxlen: 24
185.33.177.0/24 maxlen: 24
185.33.176.0/24 maxlen: 24
87.236.54.0/24 maxlen: 24
87.236.52.0/24 maxlen: 24
87.236.53.0/24 maxlen: 24
87.236.55.0/24 maxlen: 24
2a04:8ac0::/29 maxlen: 29
2a00:6600::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 31 May 2023 09:13:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:2a:9f:5b:65:80:ea:b9:81:dd:0e:19:03:28:81:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
Validity
Not Before: May 25 09:08:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f344aaf9bb4e7e947fee57a4687bc10c21312c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:47:aa:40:30:9c:68:34:0f:cf:fe:01:85:a2:
88:8c:32:1f:c9:74:03:52:3b:47:7b:7b:c6:d7:0a:
2a:6d:37:c5:1e:87:02:bd:cf:b2:e4:e3:fa:a6:4f:
c2:58:71:1e:b7:65:f7:65:12:b9:5e:c6:e9:26:c9:
20:66:de:a8:09:27:99:46:1b:97:6c:6e:c6:32:00:
2c:b8:67:4e:a1:24:a2:bd:5c:4f:d1:3a:13:19:b2:
bb:33:82:94:75:a3:bd:43:41:6b:38:10:2b:5a:22:
1a:fb:8c:47:94:0f:31:62:01:4d:2e:46:08:a8:4e:
23:85:b7:cd:da:a7:b1:6b:3f:f7:b5:e7:7c:cc:c7:
96:f6:62:0a:c9:78:3a:b3:67:70:b0:c3:77:73:e7:
1a:ff:79:97:6f:a4:de:44:f9:cc:9c:5f:c7:19:c9:
2e:1f:83:d2:1b:bb:89:c9:f9:35:8f:70:2c:78:7a:
c0:77:3f:2e:7b:6f:71:1c:b4:62:97:a6:08:1d:e1:
c7:d9:03:61:9c:5e:6f:94:c9:f9:10:c0:3e:1c:f8:
55:5d:db:dd:ea:bd:cf:c0:25:10:e2:f4:1c:ac:7e:
21:db:fe:b1:17:5e:52:59:70:c9:b4:7c:12:62:9f:
73:3b:e2:51:83:fc:5e:69:28:67:a8:cc:a4:5c:69:
c0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:34:4A:AF:9B:B4:E7:E9:47:FE:E5:7A:46:87:BC:10:C2:13:12:C0
X509v3 Authority Key Identifier:
keyid:1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/PzRKr5u05-lH_uV6Roe8EMITEsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/HCiwfBV6XcYTySZNr4nnyGDjPmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.88.0/22
77.92.160.0/19
78.110.64.0/20
81.22.16.0/20
87.236.48.0/21
185.33.176.0/22
IPv6:
2a00:6600::/32
2a04:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:62:20:f7:1b:bd:ad:af:bf:34:b3:4a:6d:1a:34:bd:0c:68:
eb:7f:1a:0f:7f:e7:05:4d:9a:3d:cc:42:ee:87:47:17:60:87:
d7:e9:9d:2d:ba:de:ef:5a:a0:80:49:35:3f:a6:0a:97:8b:b2:
1b:88:81:60:bc:4c:6b:ca:03:ab:79:e4:bd:66:da:8a:d6:e6:
c4:09:82:88:50:d8:ca:04:c5:84:d4:8f:6f:c8:75:fb:59:94:
25:32:b6:0d:e6:09:82:63:f0:c5:87:45:5b:27:bf:c0:c7:f9:
18:f2:94:8c:b4:b5:9a:95:0c:69:95:eb:4f:a7:42:0d:a6:b6:
c4:73:f3:6f:b7:16:8e:f8:20:85:91:58:e1:5e:1b:12:c3:ab:
51:30:33:c0:54:ed:20:19:99:1b:20:db:37:97:4f:b4:a9:04:
e8:b3:91:60:f7:b7:b3:f2:ae:74:7f:33:bc:08:13:b6:b2:5d:
96:04:66:8b:bd:6d:43:ce:81:2e:ec:f0:91:54:0f:a5:2c:76:
50:22:c6:83:3e:e1:f7:cf:aa:0d:2f:f1:44:f7:ef:76:57:db:
0a:b7:d0:43:d0:f5:f4:e0:5b:c9:b8:4e:de:2d:ef:9d:6a:42:
39:ba:2e:92:30:84:ca:fc:75:02:c6:b6:b8:8e:86:a5:5c:3b:
6d:ac:7b:f7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYhSKp9bZYDquYHdDhkDKIE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjhiMDdjMTU3YTVkYzYxM2M5MjY0ZGFmODllN2M4NjBl
MzNlNjMwHhcNMjMwNTI1MDkwODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjM0NGFhZjliYjRlN2U5NDdmZWU1N2E0Njg3YmMxMGMyMTMxMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUeqQDCcaDQPz/4BhaKIjDIfyXQD
UjtHe3vG1woqbTfFHocCvc+y5OP6pk/CWHEet2X3ZRK5XsbpJskgZt6oCSeZRhuX
bG7GMgAsuGdOoSSivVxP0ToTGbK7M4KUdaO9Q0FrOBArWiIa+4xHlA8xYgFNLkYI
qE4jhbfN2qexaz/3ted8zMeW9mIKyXg6s2dwsMN3c+ca/3mXb6TeRPnMnF/HGcku
H4PSG7uJyfk1j3AseHrAdz8ue29xHLRil6YIHeHH2QNhnF5vlMn5EMA+HPhVXdvd
6r3PwCUQ4vQcrH4h2/6xF15SWXDJtHwSYp9zO+JRg/xeaShnqMykXGnA8wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFD80Sq+btOfpR/7lekaHvBDCExLAMB8GA1UdIwQY
MBaAFBwosHwVel3GE8kmTa+J58hg4z5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2Mt
OTYzMzM0ODllODU1LzEvUHpSS3I1dTA1LWxIX3VWNlJvZThFTUlURXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2MtOTYzMzM0ODllODU1
LzEvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCTVNYAwQF
TVygAwQETm5AAwQEURYQAwQDV+wwAwQCuSGwMBQEAgACMA4DBQAqAGYAAwUDKgSK
wDANBgkqhkiG9w0BAQsFAAOCAQEAoGIg9xu9ra+/NLNKbRo0vQxo638aD3/nBU2a
PcxC7odHF2CH1+mdLbre71qggEk1P6YKl4uyG4iBYLxMa8oDq3nkvWbaitbmxAmC
iFDYygTFhNSPb8h1+1mUJTK2DeYJgmPwxYdFWye/wMf5GPKUjLS1mpUMaZXrT6dC
Daa2xHPzb7cWjvgghZFY4V4bEsOrUTAzwFTtIBmZGyDbN5dPtKkE6LORYPe3s/Ku
dH8zvAgTtrJdlgRmi71tQ86BLuzwkVQPpSx2UCLGgz7h98+qDS/xRPfvdlfbCrfQ
Q9D19OBbybhO3i3vnWpCOboukjCEyvx1Asa2uI6GpVw7bax79w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:35 2024 by rpki-client on console-fra.rpki-client.org