Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/ezBytRe5k7xffmxaTBxZIyaCqbc.roa
File: ezBytRe5k7xffmxaTBxZIyaCqbc.roa (raw, json)
Hash identifier: SIbtZ29ykSYUgrOQsYvF401eXVQHr8taYWIbmvEL2tw=
Subject key identifier: 7B:30:72:B5:17:B9:93:BC:5F:7E:6C:5A:4C:1C:59:23:26:82:A9:B7
Certificate issuer: /CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
Certificate serial: 0188711AA6E6404CA305D72C06449F285E8B
Authority key identifier: 1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/ezBytRe5k7xffmxaTBxZIyaCqbc.roa
Signing time: Wed 31 May 2023 09:19:11 +0000
ROA not before: Wed 31 May 2023 09:19:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39273
IP address blocks: 78.110.79.0/24 maxlen: 24
81.22.30.0/24 maxlen: 24
81.22.31.0/24 maxlen: 24
81.22.28.0/24 maxlen: 24
81.22.29.0/24 maxlen: 24
81.22.27.0/24 maxlen: 24
81.22.25.0/24 maxlen: 24
81.22.26.0/24 maxlen: 24
77.92.165.0/24 maxlen: 24
77.92.166.0/24 maxlen: 24
77.92.163.0/24 maxlen: 24
77.92.164.0/24 maxlen: 24
77.92.161.0/24 maxlen: 24
77.92.160.0/19 maxlen: 19
77.92.162.0/24 maxlen: 24
77.92.160.0/24 maxlen: 24
77.92.172.0/24 maxlen: 24
77.92.170.0/24 maxlen: 24
77.92.171.0/24 maxlen: 24
77.92.168.0/24 maxlen: 24
77.92.169.0/24 maxlen: 24
77.92.167.0/24 maxlen: 24
77.92.173.0/24 maxlen: 24
77.92.179.0/24 maxlen: 24
77.92.177.0/24 maxlen: 24
77.92.178.0/24 maxlen: 24
77.92.175.0/24 maxlen: 24
77.92.176.0/24 maxlen: 24
77.92.174.0/24 maxlen: 24
77.92.186.0/24 maxlen: 24
77.92.184.0/24 maxlen: 24
77.92.185.0/24 maxlen: 24
77.92.182.0/24 maxlen: 24
77.92.183.0/24 maxlen: 24
77.92.181.0/24 maxlen: 24
77.92.180.0/24 maxlen: 24
77.92.191.0/24 maxlen: 24
77.92.189.0/24 maxlen: 24
77.92.190.0/24 maxlen: 24
77.92.188.0/24 maxlen: 24
77.92.187.0/24 maxlen: 24
81.22.16.0/20 maxlen: 20
81.22.16.0/24 maxlen: 24
81.22.17.0/24 maxlen: 24
81.22.23.0/24 maxlen: 24
81.22.24.0/24 maxlen: 24
81.22.21.0/24 maxlen: 24
81.22.22.0/24 maxlen: 24
81.22.20.0/24 maxlen: 24
81.22.18.0/24 maxlen: 24
81.22.19.0/24 maxlen: 24
78.110.64.0/24 maxlen: 24
78.110.64.0/20 maxlen: 20
78.110.70.0/24 maxlen: 24
78.110.71.0/24 maxlen: 24
78.110.68.0/24 maxlen: 24
78.110.69.0/24 maxlen: 24
78.110.67.0/24 maxlen: 24
78.110.65.0/24 maxlen: 24
78.110.66.0/24 maxlen: 24
78.110.74.0/24 maxlen: 24
78.110.77.0/24 maxlen: 24
77.83.91.0/24 maxlen: 24
78.110.78.0/24 maxlen: 24
78.110.75.0/24 maxlen: 24
78.110.72.0/24 maxlen: 24
78.110.73.0/24 maxlen: 24
77.83.89.0/24 maxlen: 24
78.110.76.0/24 maxlen: 24
77.83.90.0/24 maxlen: 24
77.83.88.0/24 maxlen: 24
77.83.88.0/22 maxlen: 22
87.236.50.0/24 maxlen: 24
87.236.48.0/21 maxlen: 21
87.236.51.0/24 maxlen: 24
87.236.48.0/24 maxlen: 24
87.236.49.0/24 maxlen: 24
185.33.178.0/24 maxlen: 24
185.33.179.0/24 maxlen: 24
185.33.177.0/24 maxlen: 24
185.33.176.0/24 maxlen: 24
87.236.54.0/24 maxlen: 24
87.236.52.0/24 maxlen: 24
87.236.53.0/24 maxlen: 24
87.236.55.0/24 maxlen: 24
2a04:8ac0::/29 maxlen: 29
2a00:6600::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:1a:a6:e6:40:4c:a3:05:d7:2c:06:44:9f:28:5e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
Validity
Not Before: May 31 09:19:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b3072b517b993bc5f7e6c5a4c1c59232682a9b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:43:ee:49:33:04:14:2a:17:ef:b0:fe:4d:ff:
86:0b:fc:da:c0:a7:9a:8c:bb:f7:5c:1e:65:f6:da:
19:aa:11:41:b7:97:b9:80:93:45:bb:e6:1a:cc:63:
3e:cd:37:10:35:75:dd:cf:59:bf:19:72:10:a6:a9:
bf:96:56:44:19:56:76:0c:45:e0:b3:e7:8c:be:72:
af:83:f7:78:d3:34:3a:ec:01:d6:64:da:cb:a0:1d:
61:e6:f5:38:db:2f:cc:95:92:52:dc:20:86:79:dd:
bd:f9:7c:49:28:b6:1d:ec:b9:fa:ab:d8:81:c7:a7:
ef:4f:aa:13:54:ac:31:14:1a:00:9c:25:9e:45:d1:
aa:ab:bc:b7:ce:1a:54:56:6b:27:71:11:2b:b0:4c:
18:2a:dc:04:1b:77:b8:18:c3:94:21:70:b4:11:78:
3e:9b:58:25:2e:68:ea:b3:37:7c:7c:2d:07:e8:93:
3b:b5:16:32:f0:55:bf:62:3c:2d:59:e6:c2:5d:2f:
92:e1:50:50:73:39:96:a5:2c:82:30:48:7b:b3:fb:
68:12:ec:89:e5:07:e1:43:39:43:21:1d:ab:eb:1f:
07:8c:ef:5a:d5:52:d1:e1:74:4d:9d:6a:06:ee:71:
f0:c5:2e:f4:bf:d5:66:88:df:c5:85:8f:dc:51:09:
6f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:30:72:B5:17:B9:93:BC:5F:7E:6C:5A:4C:1C:59:23:26:82:A9:B7
X509v3 Authority Key Identifier:
keyid:1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/ezBytRe5k7xffmxaTBxZIyaCqbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/HCiwfBV6XcYTySZNr4nnyGDjPmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.88.0/22
77.92.160.0/19
78.110.64.0/20
81.22.16.0/20
87.236.48.0/21
185.33.176.0/22
IPv6:
2a00:6600::/29
2a04:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
69:7c:08:be:16:e7:9e:11:7d:95:29:06:93:8e:4b:9a:b2:8e:
3f:f5:7c:69:ec:e7:7d:ef:a2:72:93:0c:3e:85:7b:06:a4:a3:
dd:79:a1:73:ca:3a:32:94:84:03:c2:fa:6b:ec:96:44:b7:c9:
e2:01:a1:c6:0a:97:45:f6:43:56:9e:0a:49:6c:df:d6:87:16:
53:8a:f8:5f:ae:4f:4f:b2:2e:c5:84:c0:ad:b4:3c:e7:a2:55:
50:43:db:a8:2c:79:55:6e:f5:4f:98:4d:ca:e2:01:db:62:dd:
8c:fd:99:c1:50:d8:59:44:a8:7e:02:bf:0c:70:5b:0e:18:76:
df:75:56:ef:ab:67:87:45:79:fe:12:a5:72:cb:b6:be:c6:b5:
d8:b5:dd:01:06:1b:28:f4:cd:7f:a9:71:ea:3f:30:29:dd:5d:
c4:70:d0:18:22:9b:9f:ba:23:70:e9:0d:cd:d1:61:33:20:09:
71:6e:45:2c:57:6c:0b:a9:66:e3:6f:70:11:1f:08:38:8e:a8:
cf:8d:dc:51:ad:eb:02:aa:e6:9b:76:91:20:d0:b6:12:e6:8a:
4e:e5:5a:1e:b5:c0:53:ac:05:0d:51:e7:8a:bf:a8:23:51:ea:
51:bc:c9:26:d4:93:98:c4:66:0f:3d:c7:98:e8:78:8d:27:ef:
40:e2:90:fd
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYhxGqbmQEyjBdcsBkSfKF6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjhiMDdjMTU3YTVkYzYxM2M5MjY0ZGFmODllN2M4NjBl
MzNlNjMwHhcNMjMwNTMxMDkxOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjMwNzJiNTE3Yjk5M2JjNWY3ZTZjNWE0YzFjNTkyMzI2ODJhOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEPuSTMEFCoX77D+Tf+GC/zawKea
jLv3XB5l9toZqhFBt5e5gJNFu+YazGM+zTcQNXXdz1m/GXIQpqm/llZEGVZ2DEXg
s+eMvnKvg/d40zQ67AHWZNrLoB1h5vU42y/MlZJS3CCGed29+XxJKLYd7Ln6q9iB
x6fvT6oTVKwxFBoAnCWeRdGqq7y3zhpUVmsncRErsEwYKtwEG3e4GMOUIXC0EXg+
m1glLmjqszd8fC0H6JM7tRYy8FW/YjwtWebCXS+S4VBQczmWpSyCMEh7s/toEuyJ
5QfhQzlDIR2r6x8HjO9a1VLR4XRNnWoG7nHwxS70v9VmiN/FhY/cUQlvqwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFHswcrUXuZO8X35sWkwcWSMmgqm3MB8GA1UdIwQY
MBaAFBwosHwVel3GE8kmTa+J58hg4z5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2Mt
OTYzMzM0ODllODU1LzEvZXpCeXRSZTVrN3hmZm14YVRCeFpJeWFDcWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2MtOTYzMzM0ODllODU1
LzEvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCTVNYAwQF
TVygAwQETm5AAwQEURYQAwQDV+wwAwQCuSGwMBQEAgACMA4DBQMqAGYAAwUDKgSK
wDANBgkqhkiG9w0BAQsFAAOCAQEAaXwIvhbnnhF9lSkGk45LmrKOP/V8aeznfe+i
cpMMPoV7BqSj3Xmhc8o6MpSEA8L6a+yWRLfJ4gGhxgqXRfZDVp4KSWzf1ocWU4r4
X65PT7IuxYTArbQ856JVUEPbqCx5VW71T5hNyuIB22LdjP2ZwVDYWUSofgK/DHBb
Dhh233VW76tnh0V5/hKlcsu2vsa12LXdAQYbKPTNf6lx6j8wKd1dxHDQGCKbn7oj
cOkNzdFhMyAJcW5FLFdsC6lm429wER8IOI6oz43cUa3rAqrmm3aRINC2EuaKTuVa
HrXAU6wFDVHnir+oI1HqUbzJJtSTmMRmDz3HmOh4jSfvQOKQ/Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:20 2023 by rpki-client on console-fra.rpki-client.org