Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/63509c-5676-4eaf-99d4-eecd28e28e35/1/XQ_1uhgmledaWtcJ-QPMfhAehbs.roa
File: XQ_1uhgmledaWtcJ-QPMfhAehbs.roa (raw, json)
Hash identifier: B1JE9BI9+dRUzah9BKqhA3GJ2D282/23UwId2zw4sgk=
Subject key identifier: 5D:0F:F5:BA:18:26:95:E7:5A:5A:D7:09:F9:03:CC:7E:10:1E:85:BB
Certificate issuer: /CN=ee8ba8824c5c8d207326a4a3ab893ebb8f5096ad
Certificate serial: 018765E5A9A4414617FA70D6D66202BA0257
Authority key identifier: EE:8B:A8:82:4C:5C:8D:20:73:26:A4:A3:AB:89:3E:BB:8F:50:96:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7ouogkxcjSBzJqSjq4k-u49Qlq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/63509c-5676-4eaf-99d4-eecd28e28e35/1/XQ_1uhgmledaWtcJ-QPMfhAehbs.roa
Signing time: Sun 09 Apr 2023 12:02:42 +0000
ROA not before: Sun 09 Apr 2023 12:02:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43766
IP address blocks: 79.139.40.0/24 maxlen: 24
79.139.42.0/24 maxlen: 24
79.139.41.0/24 maxlen: 24
79.139.44.0/24 maxlen: 24
79.139.43.0/24 maxlen: 24
79.139.47.0/24 maxlen: 24
79.139.46.0/24 maxlen: 24
79.139.45.0/24 maxlen: 24
93.178.0.0/20 maxlen: 20
79.139.76.0/22 maxlen: 22
79.139.72.0/22 maxlen: 22
95.178.16.0/21 maxlen: 21
93.178.16.0/20 maxlen: 20
79.139.88.0/22 maxlen: 22
95.178.24.0/21 maxlen: 21
79.139.32.0/21 maxlen: 21
77.223.224.0/22 maxlen: 22
77.223.228.0/22 maxlen: 22
77.223.232.0/21 maxlen: 21
77.232.103.0/24 maxlen: 24
77.232.102.0/24 maxlen: 24
77.232.104.0/21 maxlen: 21
93.178.32.0/20 maxlen: 20
93.178.48.0/20 maxlen: 20
95.178.48.0/21 maxlen: 21
95.178.56.0/21 maxlen: 21
95.178.64.0/21 maxlen: 21
95.178.72.0/21 maxlen: 21
79.170.124.0/22 maxlen: 22
79.170.120.0/22 maxlen: 22
77.232.112.0/22 maxlen: 22
77.232.116.0/22 maxlen: 22
77.232.121.0/24 maxlen: 24
77.232.125.0/24 maxlen: 24
77.232.127.0/24 maxlen: 24
77.232.126.0/24 maxlen: 24
212.62.100.0/22 maxlen: 22
212.62.104.0/22 maxlen: 22
212.62.108.0/22 maxlen: 22
212.62.124.0/22 maxlen: 22
185.5.154.0/24 maxlen: 24
2a02:cb81:1100::/47 maxlen: 47
2a02:cb81:1102::/47 maxlen: 47
2a02:cb81:1104::/47 maxlen: 47
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:65:e5:a9:a4:41:46:17:fa:70:d6:d6:62:02:ba:02:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee8ba8824c5c8d207326a4a3ab893ebb8f5096ad
Validity
Not Before: Apr 9 12:02:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d0ff5ba182695e75a5ad709f903cc7e101e85bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:68:f4:f5:09:f5:c6:e7:fc:55:bc:52:4e:43:
7c:a4:6e:01:39:cd:5b:35:e4:06:35:d3:0e:74:4a:
e0:17:0f:91:b9:34:ba:1b:54:ee:3b:d1:b0:c9:c3:
a8:32:06:ef:99:47:06:af:69:d2:d2:0f:45:01:32:
05:fc:09:f6:58:1a:67:96:f1:48:2d:9d:c9:4b:2c:
0d:b7:18:cd:f4:5b:e5:b9:b5:b9:a8:9b:a3:94:4e:
ac:f1:84:c5:da:67:9c:d4:93:5f:34:31:ad:7d:ac:
8c:5f:30:93:c5:9f:48:dd:a2:14:93:56:27:07:a4:
22:79:99:44:b0:03:ea:df:f1:ef:f0:08:96:6a:70:
3c:f5:e7:7a:9a:8d:c5:8d:bc:a0:48:70:e7:c2:85:
5d:7c:b0:e5:d2:10:8d:40:59:84:12:dd:4c:3a:07:
9e:07:fc:3f:8e:3a:67:5c:59:d6:fd:14:b9:9b:86:
72:06:97:90:9d:0a:c7:d9:6c:d5:84:20:7e:04:26:
88:fb:3e:ab:be:67:8b:ad:0e:a2:fc:da:ca:a3:bb:
5b:5b:b4:ae:b8:9f:2f:a0:30:f6:4c:98:12:56:2a:
b9:d7:85:cd:54:0f:58:36:d2:08:fd:be:07:44:4a:
44:f1:81:94:ef:e9:ba:c8:ca:16:97:3c:e6:6c:44:
38:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0F:F5:BA:18:26:95:E7:5A:5A:D7:09:F9:03:CC:7E:10:1E:85:BB
X509v3 Authority Key Identifier:
keyid:EE:8B:A8:82:4C:5C:8D:20:73:26:A4:A3:AB:89:3E:BB:8F:50:96:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7ouogkxcjSBzJqSjq4k-u49Qlq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/63509c-5676-4eaf-99d4-eecd28e28e35/1/XQ_1uhgmledaWtcJ-QPMfhAehbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/63509c-5676-4eaf-99d4-eecd28e28e35/1/7ouogkxcjSBzJqSjq4k-u49Qlq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.224.0/20
77.232.102.0-77.232.119.255
77.232.121.0/24
77.232.125.0-77.232.127.255
79.139.32.0/20
79.139.72.0/21
79.139.88.0/22
79.170.120.0/21
93.178.0.0/18
95.178.16.0/20
95.178.48.0-95.178.79.255
185.5.154.0/24
212.62.100.0-212.62.111.255
212.62.124.0/22
IPv6:
2a02:cb81:1100::-2a02:cb81:1105:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2b:c7:c4:3f:84:e8:95:46:7d:b3:14:ec:4f:6a:f0:61:bc:ac:
a1:6e:16:16:b3:23:ba:55:40:d1:06:92:a9:bd:f2:7e:a7:17:
e7:2b:a6:5d:eb:a7:ee:82:80:b9:03:83:21:14:6c:bf:0b:14:
12:64:7a:e8:bc:03:3e:33:5e:78:14:6c:25:5c:d0:11:53:2e:
a8:75:2f:78:63:8d:23:68:3f:38:a2:bf:95:a6:5a:cb:84:48:
f1:ea:54:10:4b:6d:c2:e1:c8:9a:5e:63:1f:4b:20:35:0b:e5:
81:26:c8:77:68:7c:62:8f:c1:a8:c1:7a:4e:e8:82:88:09:b9:
bf:8b:07:9c:2c:b7:7b:13:60:b3:ac:e8:6a:d9:dd:d7:f1:db:
d7:81:76:57:b8:b1:88:0b:6c:81:75:88:bf:f5:47:24:64:f2:
f6:2d:1a:34:a1:1e:e0:ca:2d:9b:26:64:7c:3c:6d:88:e3:c3:
b0:c2:77:45:14:61:7a:0a:23:0b:8a:c7:9b:5c:23:10:ba:98:
f8:fb:34:71:e5:be:66:4e:71:79:a6:5c:d6:3f:92:24:8f:ca:
fa:9c:a4:af:03:54:85:5d:c6:d9:d7:70:c7:de:b5:11:8c:59:
a5:2a:78:a6:7a:f9:08:fb:4b:7e:d9:bc:3d:6f:b0:32:0f:11:
e5:35:9c:5e
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAYdl5amkQUYX+nDW1mICugJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlOGJhODgyNGM1YzhkMjA3MzI2YTRhM2FiODkzZWJiOGY1
MDk2YWQwHhcNMjMwNDA5MTIwMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDBmZjViYTE4MjY5NWU3NWE1YWQ3MDlmOTAzY2M3ZTEwMWU4NWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWj09Qn1xuf8VbxSTkN8pG4BOc1b
NeQGNdMOdErgFw+RuTS6G1TuO9GwycOoMgbvmUcGr2nS0g9FATIF/An2WBpnlvFI
LZ3JSywNtxjN9FvlubW5qJujlE6s8YTF2mec1JNfNDGtfayMXzCTxZ9I3aIUk1Yn
B6QieZlEsAPq3/Hv8AiWanA89ed6mo3FjbygSHDnwoVdfLDl0hCNQFmEEt1MOgee
B/w/jjpnXFnW/RS5m4ZyBpeQnQrH2WzVhCB+BCaI+z6rvmeLrQ6i/NrKo7tbW7Su
uJ8voDD2TJgSViq514XNVA9YNtII/b4HREpE8YGU7+m6yMoWlzzmbEQ44QIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFF0P9boYJpXnWlrXCfkDzH4QHoW7MB8GA1UdIwQY
MBaAFO6LqIJMXI0gcyako6uJPruPUJatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN291b2dreGNqU0J6SnFTanE0ay11NDlRbHEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82MzUwOWMtNTY3Ni00ZWFmLTk5ZDQt
ZWVjZDI4ZTI4ZTM1LzEvWFFfMXVoZ21sZWRhV3RjSi1RUE1maEFlaGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82MzUwOWMtNTY3Ni00ZWFmLTk5ZDQtZWVjZDI4ZTI4ZTM1
LzEvN291b2dreGNqU0J6SnFTanE0ay11NDlRbHEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzB6BAIAATB0AwQETd/g
MAwDBAFN6GYDBANN6HADBABN6HkwDAMEAE3ofQMEB03oAAMEBE+LIAMEA0+LSAME
Ak+LWAMEA0+qeAMEBl2yAAMEBF+yEDAMAwQEX7IwAwQEX7JAAwQAuQWaMAwDBALU
PmQDBATUPmADBALUPnwwGQQCAAIwEzARAwYAKgLLgREDBwEqAsuBEQQwDQYJKoZI
hvcNAQELBQADggEBACvHxD+E6JVGfbMU7E9q8GG8rKFuFhazI7pVQNEGkqm98n6n
F+crpl3rp+6CgLkDgyEUbL8LFBJkeui8Az4zXngUbCVc0BFTLqh1L3hjjSNoPzii
v5WmWsuESPHqVBBLbcLhyJpeYx9LIDUL5YEmyHdofGKPwajBek7ogogJub+LB5ws
t3sTYLOs6GrZ3dfx29eBdle4sYgLbIF1iL/1RyRk8vYtGjShHuDKLZsmZHw8bYjj
w7DCd0UUYXoKIwuKx5tcIxC6mPj7NHHlvmZOcXmmXNY/kiSPyvqcpK8DVIVdxtnX
cMfetRGMWaUqeKZ6+Qj7S37ZvD1vsDIPEeU1nF4=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:07 2023 by rpki-client on console-fra.rpki-client.org