Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/dak8q5iSV9jeTpfsIJptY-5Nt8s.roa
File: dak8q5iSV9jeTpfsIJptY-5Nt8s.roa (raw, json)
Hash identifier: tMnehMFSFRJr4sO4s3nutsbGnEd1bavxR0BogOG0i/I=
Subject key identifier: 75:A9:3C:AB:98:92:57:D8:DE:4E:97:EC:20:9A:6D:63:EE:4D:B7:CB
Certificate issuer: /CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
Certificate serial: 01857169A5B26BBE08DEFFF4115683123E83
Authority key identifier: 1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/dak8q5iSV9jeTpfsIJptY-5Nt8s.roa
Signing time: Mon 02 Jan 2023 07:37:07 +0000
ROA not before: Mon 02 Jan 2023 07:37:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39273
IP address blocks: 78.110.79.0/24 maxlen: 24
81.22.30.0/24 maxlen: 24
81.22.31.0/24 maxlen: 24
81.22.28.0/24 maxlen: 24
81.22.29.0/24 maxlen: 24
81.22.27.0/24 maxlen: 24
81.22.25.0/24 maxlen: 24
81.22.26.0/24 maxlen: 24
77.92.165.0/24 maxlen: 24
77.92.166.0/24 maxlen: 24
77.92.163.0/24 maxlen: 24
77.92.164.0/24 maxlen: 24
77.92.161.0/24 maxlen: 24
77.92.162.0/24 maxlen: 24
77.92.160.0/19 maxlen: 19
77.92.160.0/24 maxlen: 24
77.92.172.0/24 maxlen: 24
77.92.170.0/24 maxlen: 24
77.92.171.0/24 maxlen: 24
77.92.168.0/24 maxlen: 24
77.92.169.0/24 maxlen: 24
77.92.167.0/24 maxlen: 24
77.92.173.0/24 maxlen: 24
77.92.179.0/24 maxlen: 24
77.92.177.0/24 maxlen: 24
77.92.178.0/24 maxlen: 24
77.92.175.0/24 maxlen: 24
77.92.176.0/24 maxlen: 24
77.92.174.0/24 maxlen: 24
77.92.186.0/24 maxlen: 24
77.92.184.0/24 maxlen: 24
77.92.185.0/24 maxlen: 24
77.92.182.0/24 maxlen: 24
77.92.183.0/24 maxlen: 24
77.92.181.0/24 maxlen: 24
77.92.180.0/24 maxlen: 24
77.92.191.0/24 maxlen: 24
77.92.189.0/24 maxlen: 24
77.92.190.0/24 maxlen: 24
77.92.188.0/24 maxlen: 24
77.92.187.0/24 maxlen: 24
81.22.16.0/20 maxlen: 20
81.22.16.0/24 maxlen: 24
81.22.17.0/24 maxlen: 24
81.22.23.0/24 maxlen: 24
81.22.24.0/24 maxlen: 24
81.22.21.0/24 maxlen: 24
81.22.22.0/24 maxlen: 24
81.22.20.0/24 maxlen: 24
81.22.18.0/24 maxlen: 24
81.22.19.0/24 maxlen: 24
78.110.64.0/24 maxlen: 24
78.110.64.0/20 maxlen: 20
78.110.70.0/24 maxlen: 24
78.110.71.0/24 maxlen: 24
78.110.68.0/24 maxlen: 24
78.110.69.0/24 maxlen: 24
78.110.67.0/24 maxlen: 24
78.110.65.0/24 maxlen: 24
78.110.66.0/24 maxlen: 24
78.110.74.0/24 maxlen: 24
78.110.77.0/24 maxlen: 24
77.83.91.0/24 maxlen: 24
78.110.78.0/24 maxlen: 24
78.110.75.0/24 maxlen: 24
78.110.72.0/24 maxlen: 24
78.110.73.0/24 maxlen: 24
77.83.89.0/24 maxlen: 24
78.110.76.0/24 maxlen: 24
77.83.90.0/24 maxlen: 24
77.83.88.0/24 maxlen: 24
77.83.88.0/22 maxlen: 22
87.236.50.0/24 maxlen: 24
87.236.48.0/21 maxlen: 21
87.236.51.0/24 maxlen: 24
87.236.48.0/24 maxlen: 24
87.236.49.0/24 maxlen: 24
185.33.178.0/24 maxlen: 24
185.33.179.0/24 maxlen: 24
185.33.177.0/24 maxlen: 24
185.33.176.0/24 maxlen: 24
87.236.54.0/24 maxlen: 24
87.236.52.0/24 maxlen: 24
87.236.53.0/24 maxlen: 24
87.236.55.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:a5:b2:6b:be:08:de:ff:f4:11:56:83:12:3e:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
Validity
Not Before: Jan 2 07:37:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75a93cab989257d8de4e97ec209a6d63ee4db7cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:27:fe:ca:62:59:36:17:cc:7b:6b:29:80:28:
ae:cf:61:32:61:08:bd:b8:1a:ca:ae:bf:6b:b4:94:
82:ef:1d:80:1c:4d:f6:e4:c4:c0:00:88:de:28:14:
fb:bf:88:da:b6:f1:f7:11:82:f3:e5:b5:a4:f8:08:
3e:98:f9:2a:5e:65:02:68:32:ef:41:9c:70:d4:eb:
e7:14:a7:5c:d2:0b:15:12:90:0f:52:94:26:7d:1f:
4f:54:c3:96:62:1a:ed:ef:fa:e0:e2:96:86:a1:52:
11:80:35:70:59:79:b8:77:5d:4b:00:37:0a:07:91:
e2:e7:30:cd:a8:05:35:56:29:45:49:12:a1:e0:d7:
56:0c:fc:8a:4e:d6:59:6a:29:a0:82:05:35:df:fc:
67:3b:42:b0:c8:9e:41:42:41:78:dd:d9:4a:97:82:
d4:8c:8a:09:1a:60:8b:34:34:6d:75:c2:78:20:5b:
9d:da:4e:03:ba:f4:45:13:14:fd:44:b0:bc:33:78:
dc:b2:d3:92:31:4d:40:c8:8c:85:f3:d3:34:2c:2c:
01:ea:6e:53:62:17:cb:04:cf:13:35:35:3f:46:f8:
78:a9:d3:61:9f:f7:33:39:ea:ba:df:a4:59:f4:55:
ac:fa:68:24:2a:0e:6f:62:fe:64:97:0d:3d:cb:72:
1b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A9:3C:AB:98:92:57:D8:DE:4E:97:EC:20:9A:6D:63:EE:4D:B7:CB
X509v3 Authority Key Identifier:
keyid:1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/dak8q5iSV9jeTpfsIJptY-5Nt8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/HCiwfBV6XcYTySZNr4nnyGDjPmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.88.0/22
77.92.160.0/19
78.110.64.0/20
81.22.16.0/20
87.236.48.0/21
185.33.176.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:74:a3:e3:34:96:38:0f:c1:ce:eb:85:b5:67:2d:6a:45:5d:
40:eb:5b:e3:89:1a:cd:97:49:60:61:11:dc:a4:c6:51:ef:6b:
92:01:31:92:76:92:25:58:3d:b5:03:72:b1:7f:8b:f3:37:14:
b7:41:e1:2a:5c:9f:85:3c:99:c6:3b:94:e4:14:98:ec:c9:17:
29:c0:8e:d0:be:e7:11:dd:fa:12:66:90:9d:30:b0:b8:d4:95:
7a:35:61:02:75:14:1b:ca:00:bd:93:a7:07:79:bf:3f:09:da:
10:f1:ac:86:2c:60:e1:78:59:8a:7d:f3:e0:16:fd:ef:81:0c:
b9:f4:3a:50:b9:24:bd:3f:27:fc:6e:b0:18:69:8b:15:8b:0d:
c0:06:95:78:de:c1:5a:0f:07:f0:1b:5f:53:96:c1:7f:b7:be:
78:1f:44:a6:90:f3:8e:50:20:c9:99:bf:89:a0:10:de:f5:72:
26:3b:1b:07:63:b2:7a:89:6b:97:04:0d:cc:81:40:0a:43:9d:
f1:54:71:aa:cc:a8:e7:04:7d:3d:40:0e:78:45:c9:e7:c0:18:
87:3f:b4:5a:0f:9e:aa:2d:3f:29:a9:5e:2a:47:b1:cf:50:f1:
8f:c7:af:67:a9:da:8b:8b:4a:55:f8:01:75:a2:13:47:e8:1e:
24:29:2f:ab
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVxaaWya74I3v/0EVaDEj6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjhiMDdjMTU3YTVkYzYxM2M5MjY0ZGFmODllN2M4NjBl
MzNlNjMwHhcNMjMwMTAyMDczNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWE5M2NhYjk4OTI1N2Q4ZGU0ZTk3ZWMyMDlhNmQ2M2VlNGRiN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Cf+ymJZNhfMe2spgCiuz2EyYQi9
uBrKrr9rtJSC7x2AHE325MTAAIjeKBT7v4jatvH3EYLz5bWk+Ag+mPkqXmUCaDLv
QZxw1OvnFKdc0gsVEpAPUpQmfR9PVMOWYhrt7/rg4paGoVIRgDVwWXm4d11LADcK
B5Hi5zDNqAU1VilFSRKh4NdWDPyKTtZZaimgggU13/xnO0KwyJ5BQkF43dlKl4LU
jIoJGmCLNDRtdcJ4IFud2k4DuvRFExT9RLC8M3jcstOSMU1AyIyF89M0LCwB6m5T
YhfLBM8TNTU/Rvh4qdNhn/czOeq636RZ9FWs+mgkKg5vYv5klw09y3IbHQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHWpPKuYklfY3k6X7CCabWPuTbfLMB8GA1UdIwQY
MBaAFBwosHwVel3GE8kmTa+J58hg4z5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2Mt
OTYzMzM0ODllODU1LzEvZGFrOHE1aVNWOWplVHBmc0lKcHRZLTVOdDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2MtOTYzMzM0ODllODU1
LzEvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCTVNYAwQF
TVygAwQETm5AAwQEURYQAwQDV+wwAwQCuSGwMA0GCSqGSIb3DQEBCwUAA4IBAQCL
dKPjNJY4D8HO64W1Zy1qRV1A61vjiRrNl0lgYRHcpMZR72uSATGSdpIlWD21A3Kx
f4vzNxS3QeEqXJ+FPJnGO5TkFJjsyRcpwI7QvucR3foSZpCdMLC41JV6NWECdRQb
ygC9k6cHeb8/CdoQ8ayGLGDheFmKffPgFv3vgQy59DpQuSS9Pyf8brAYaYsViw3A
BpV43sFaDwfwG19TlsF/t754H0SmkPOOUCDJmb+JoBDe9XImOxsHY7J6iWuXBA3M
gUAKQ53xVHGqzKjnBH09QA54RcnnwBiHP7RaD56qLT8pqV4qR7HPUPGPx69nqdqL
i0pV+AF1ohNH6B4kKS+r
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:20 2023 by rpki-client on console-fra.rpki-client.org