Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/Nm-t7j9ZwTpexx5QSTmH3G2wPmI.roa
File: Nm-t7j9ZwTpexx5QSTmH3G2wPmI.roa (raw, json)
Hash identifier: RilZc0tkPFYAaQH+L0qeuMn8VHKDJjg0+fDs1h3d7GI=
Subject key identifier: 36:6F:AD:EE:3F:59:C1:3A:5E:C7:1E:50:49:39:87:DC:6D:B0:3E:62
Certificate issuer: /CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Certificate serial: 018BC854B8FBE583F85B95A34F53E2AFAA51
Authority key identifier: 73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/Nm-t7j9ZwTpexx5QSTmH3G2wPmI.roa
Signing time: Mon 13 Nov 2023 10:57:57 +0000
ROA not before: Mon 13 Nov 2023 10:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43391
IP address blocks: 185.80.72.0/24 maxlen: 24
77.223.132.0/24 maxlen: 24
77.223.128.0/19 maxlen: 24
77.223.136.0/24 maxlen: 24
77.223.135.0/24 maxlen: 24
77.223.143.0/24 maxlen: 24
93.187.200.0/21 maxlen: 21
93.187.206.0/24 maxlen: 24
93.187.205.0/24 maxlen: 24
93.187.204.0/24 maxlen: 24
93.187.207.0/24 maxlen: 24
195.244.32.0/19 maxlen: 24
195.244.33.0/24 maxlen: 24
77.223.149.0/24 maxlen: 24
77.223.148.0/24 maxlen: 24
77.223.152.0/24 maxlen: 24
77.223.158.0/24 maxlen: 24
77.223.153.0/24 maxlen: 24
77.223.156.0/24 maxlen: 24
77.223.154.0/24 maxlen: 24
91.191.160.0/20 maxlen: 24
91.191.171.0/24 maxlen: 24
91.191.170.0/24 maxlen: 24
91.191.168.0/21 maxlen: 21
78.40.224.0/24 maxlen: 24
78.40.224.0/21 maxlen: 21
2a0a:be80::/29 maxlen: 29
2a01:aac0::/32 maxlen: 32
2a0a:be80::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:54:b8:fb:e5:83:f8:5b:95:a3:4f:53:e2:af:aa:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Validity
Not Before: Nov 13 10:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=366fadee3f59c13a5ec71e50493987dc6db03e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:99:19:5f:ed:2b:ea:cc:f8:f3:62:74:1b:07:
fb:9a:70:38:f3:dc:7a:dc:97:b5:70:ec:bc:43:52:
6f:81:e2:1a:b6:9a:f1:8d:9a:16:82:21:4e:a6:a3:
5d:bc:3c:78:ba:65:a6:a1:34:02:bf:81:a4:6d:13:
35:83:ef:d3:4e:17:c1:c4:73:5b:e4:09:8d:9d:a2:
82:91:07:e1:54:40:7e:32:29:19:9d:4e:5f:6f:f0:
24:73:f9:23:b1:46:f0:bb:e4:55:73:ef:25:48:d3:
e3:99:d0:13:71:5d:c0:c4:79:7a:04:0c:98:cb:23:
14:1a:74:54:a0:6f:31:8c:7e:5f:fd:38:6a:b0:7e:
61:8a:9a:31:a0:6a:86:9b:df:8e:1a:f6:24:35:b1:
3d:e4:be:eb:8e:1c:7d:ef:5b:5c:9f:61:95:87:e0:
d5:e4:fb:46:5f:f8:88:0b:df:a3:a8:cb:a0:f6:49:
c4:d1:e3:29:24:4c:78:5d:26:b7:24:1b:f1:b8:80:
26:91:cf:99:19:23:87:86:4b:a5:77:b0:df:93:c9:
1a:2b:fe:6d:2f:8a:99:e3:10:f2:aa:ba:c7:6b:24:
0b:43:3a:42:19:42:25:33:31:55:89:5f:25:f9:e6:
0c:c3:39:f3:20:7f:d0:d6:59:9b:48:3b:e7:b6:8a:
b6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:6F:AD:EE:3F:59:C1:3A:5E:C7:1E:50:49:39:87:DC:6D:B0:3E:62
X509v3 Authority Key Identifier:
keyid:73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/Nm-t7j9ZwTpexx5QSTmH3G2wPmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/cwLNwp_coJ6aDz99IRPahafh1lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.128.0/19
78.40.224.0/21
91.191.160.0/20
93.187.200.0/21
185.80.72.0/24
195.244.32.0/19
IPv6:
2a01:aac0::/32
2a0a:be80::/29
Signature Algorithm: sha256WithRSAEncryption
80:1c:cb:fc:7e:08:b6:a6:be:7b:4a:45:54:2b:48:fc:9a:13:
18:5d:56:cc:df:09:8e:c2:25:35:9d:0c:20:66:aa:a6:0a:b8:
f6:c9:11:7c:f8:c1:64:55:67:72:c6:20:8b:b8:bc:16:ce:17:
ab:99:af:02:79:17:88:81:20:49:24:25:42:43:92:53:c6:b3:
40:40:83:86:3d:1f:39:d8:69:bd:75:45:a8:60:7f:7e:b4:9b:
46:0c:33:cf:6a:b8:5b:c1:27:a1:7e:28:ab:01:e6:7d:68:07:
20:d5:a8:ed:30:2c:02:c0:e7:48:88:f3:ad:3a:60:cc:4d:e9:
5b:85:71:b2:35:5c:ae:bc:b0:1d:1b:d4:ef:c9:3d:81:3c:19:
26:ef:8b:5f:c9:32:8f:ab:a9:42:24:ea:63:a6:38:f7:4c:11:
8e:46:cf:60:fa:24:7d:a8:e1:6b:9c:8a:f4:b0:73:14:a9:91:
bb:0b:84:8e:f9:1f:64:a9:40:1a:08:53:d6:1c:1c:18:b9:3f:
a7:bb:b3:58:9a:62:19:bd:ec:b0:8a:21:d1:b5:49:6e:ff:7d:
99:ff:54:b4:08:ef:fd:b9:02:e6:0b:2b:92:18:c8:c6:7a:45:
1b:90:b0:a8:56:13:95:2e:8e:ff:bb:76:65:cd:75:b3:02:90:
db:13:75:ed
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYvIVLj75YP4W5WjT1Pir6pRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMDJjZGMyOWZkY2EwOWU5YTBmM2Y3ZDIxMTNkYTg1YTdl
MWQ2NTQwHhcNMjMxMTEzMTA1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjZmYWRlZTNmNTljMTNhNWVjNzFlNTA0OTM5ODdkYzZkYjAzZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJkZX+0r6sz482J0Gwf7mnA489x6
3Je1cOy8Q1JvgeIatprxjZoWgiFOpqNdvDx4umWmoTQCv4GkbRM1g+/TThfBxHNb
5AmNnaKCkQfhVEB+MikZnU5fb/Akc/kjsUbwu+RVc+8lSNPjmdATcV3AxHl6BAyY
yyMUGnRUoG8xjH5f/ThqsH5hipoxoGqGm9+OGvYkNbE95L7rjhx971tcn2GVh+DV
5PtGX/iIC9+jqMug9knE0eMpJEx4XSa3JBvxuIAmkc+ZGSOHhkuld7Dfk8kaK/5t
L4qZ4xDyqrrHayQLQzpCGUIlMzFViV8l+eYMwznzIH/Q1lmbSDvntoq2rQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFDZvre4/WcE6XsceUEk5h9xtsD5iMB8GA1UdIwQY
MBaAFHMCzcKf3KCemg8/fSET2oWn4dZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjIt
ZmUwMzMzZWQwMDVmLzEvTm0tdDdqOVp3VHBleHg1UVNUbUgzRzJ3UG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjItZmUwMzMzZWQwMDVm
LzEvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQFTd+AAwQD
TijgAwQEW7+gAwQDXbvIAwQAuVBIAwQFw/QgMBQEAgACMA4DBQAqAarAAwUDKgq+
gDANBgkqhkiG9w0BAQsFAAOCAQEAgBzL/H4Itqa+e0pFVCtI/JoTGF1WzN8JjsIl
NZ0MIGaqpgq49skRfPjBZFVncsYgi7i8Fs4Xq5mvAnkXiIEgSSQlQkOSU8azQECD
hj0fOdhpvXVFqGB/frSbRgwzz2q4W8EnoX4oqwHmfWgHINWo7TAsAsDnSIjzrTpg
zE3pW4VxsjVcrrywHRvU78k9gTwZJu+LX8kyj6upQiTqY6Y490wRjkbPYPokfajh
a5yK9LBzFKmRuwuEjvkfZKlAGghT1hwcGLk/p7uzWJpiGb3ssIoh0bVJbv99mf9U
tAjv/bkC5gsrkhjIxnpFG5CwqFYTlS6O/7t2Zc11swKQ2xN17Q==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:09 2024 by rpki-client on console-fra.rpki-client.org