Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/tqyUbbGSu-E3bTmGdCs8YzPWOj4.roa
File: tqyUbbGSu-E3bTmGdCs8YzPWOj4.roa (raw, json)
Hash identifier: CjoIlRgN9Xz37OTtF0O5SOH80j1iwTZXh6qsz2/yoic=
Subject key identifier: B6:AC:94:6D:B1:92:BB:E1:37:6D:39:86:74:2B:3C:63:33:D6:3A:3E
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 018C8660E52BAB932EF8382E882BFD62D6FC
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/tqyUbbGSu-E3bTmGdCs8YzPWOj4.roa
Signing time: Wed 20 Dec 2023 08:39:06 +0000
ROA not before: Wed 20 Dec 2023 08:39:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57344
IP address blocks: 79.124.0.0/24 maxlen: 24
217.174.148.0/23 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.150.0/24 maxlen: 24
79.124.15.0/24 maxlen: 24
79.124.20.0/23 maxlen: 23
79.124.24.0/22 maxlen: 24
217.174.154.0/24 maxlen: 24
217.174.159.0/24 maxlen: 24
79.124.23.0/24 maxlen: 24
79.124.28.0/24 maxlen: 24
79.124.51.0/24 maxlen: 24
79.124.50.0/24 maxlen: 24
79.124.73.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.74.0/24 maxlen: 24
79.124.79.0/24 maxlen: 24
79.124.82.0/24 maxlen: 24
77.76.11.0/24 maxlen: 24
77.76.10.0/24 maxlen: 24
94.72.145.0/24 maxlen: 24
94.72.148.0/22 maxlen: 24
94.72.159.0/24 maxlen: 24
94.72.158.0/24 maxlen: 24
82.118.246.0/23 maxlen: 23
82.118.244.0/24 maxlen: 24
178.132.84.0/23 maxlen: 24
178.132.82.0/23 maxlen: 24
178.132.80.0/24 maxlen: 24
178.132.81.0/24 maxlen: 24
82.118.224.0/24 maxlen: 24
82.118.236.0/24 maxlen: 24
82.118.238.0/24 maxlen: 24
5.104.168.0/23 maxlen: 23
78.128.60.0/24 maxlen: 24
78.128.67.0/24 maxlen: 24
5.104.174.0/24 maxlen: 24
78.128.72.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
91.148.131.0/24 maxlen: 24
78.128.79.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
91.148.140.0/24 maxlen: 24
78.128.92.0/24 maxlen: 24
78.128.94.0/24 maxlen: 24
78.128.98.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
130.185.229.0/24 maxlen: 24
78.142.34.0/24 maxlen: 24
78.142.33.0/24 maxlen: 24
130.185.236.0/24 maxlen: 24
130.185.235.0/24 maxlen: 24
130.185.237.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
130.185.250.0/24 maxlen: 24
130.185.248.0/24 maxlen: 24
78.142.60.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
91.148.160.0/24 maxlen: 24
78.128.108.0/23 maxlen: 23
185.148.160.0/22 maxlen: 22
91.148.168.0/24 maxlen: 24
78.142.4.0/23 maxlen: 23
78.142.1.0/24 maxlen: 24
78.142.17.0/24 maxlen: 24
78.142.20.0/24 maxlen: 24
78.142.24.0/24 maxlen: 24
130.185.224.0/24 maxlen: 24
2a01:8740::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:60:e5:2b:ab:93:2e:f8:38:2e:88:2b:fd:62:d6:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Dec 20 08:39:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6ac946db192bbe1376d3986742b3c6333d63a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4a:62:e0:19:06:03:8e:6e:69:57:bb:7f:ac:
60:a9:62:71:a6:ff:f9:d1:20:ba:db:1d:d8:1f:f3:
73:e1:c1:4f:ec:44:8f:ad:ec:8b:3f:17:25:a1:bb:
0a:8f:f0:54:aa:11:6c:20:7f:1a:c0:3b:83:1a:7c:
17:da:09:39:21:4e:9b:3f:3d:41:a5:a0:71:5a:56:
6e:23:05:3f:79:83:92:a1:6e:21:56:ab:68:71:e1:
dc:89:c9:95:5b:9d:b1:71:8f:26:23:81:5f:a9:a1:
b2:e6:86:6e:a9:63:0f:44:fb:4f:6a:8f:d1:f6:8b:
3a:01:8c:7c:3a:8c:dd:38:20:ec:48:bd:65:4e:c4:
75:8b:d6:9c:f6:14:01:df:c2:c5:0f:e7:f0:d5:3d:
75:87:ac:cd:1a:0e:2f:ce:2b:91:d8:a4:47:e3:44:
f5:80:4d:8a:c8:27:5a:61:e0:ae:1a:ba:32:36:f7:
c9:1e:25:62:2c:be:81:63:da:cf:d0:cc:fa:28:d8:
2f:dd:01:6a:96:8e:ed:67:35:d3:cf:43:96:8c:8a:
94:f0:3f:8c:e1:5e:3d:06:51:23:66:bb:bf:2c:7d:
db:f1:02:f6:08:25:93:fb:21:86:bd:f3:4a:2e:7d:
4c:41:81:ee:ad:56:39:93:0e:ce:40:f5:fb:e5:00:
51:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:AC:94:6D:B1:92:BB:E1:37:6D:39:86:74:2B:3C:63:33:D6:3A:3E
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/tqyUbbGSu-E3bTmGdCs8YzPWOj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.168.0/23
5.104.174.0/24
77.76.10.0/23
78.128.8.0/24
78.128.43.0/24
78.128.60.0/24
78.128.67.0/24
78.128.72.0/24
78.128.76.0/24
78.128.79.0/24
78.128.81.0/24
78.128.92.0/24
78.128.94.0/24
78.128.98.0/24
78.128.108.0/23
78.142.1.0/24
78.142.4.0/23
78.142.17.0/24
78.142.20.0/24
78.142.24.0/24
78.142.33.0-78.142.34.255
78.142.47.0/24
78.142.60.0/24
78.142.63.0/24
79.124.0.0/24
79.124.15.0/24
79.124.20.0/23
79.124.23.0-79.124.28.255
79.124.50.0/23
79.124.73.0-79.124.74.255
79.124.76.0/24
79.124.79.0/24
79.124.82.0/24
82.118.224.0/24
82.118.236.0/24
82.118.238.0/24
82.118.244.0/24
82.118.246.0/23
91.148.131.0/24
91.148.140.0/24
91.148.160.0/24
91.148.168.0/24
94.72.145.0/24
94.72.148.0/22
94.72.158.0/23
130.185.224.0/24
130.185.229.0/24
130.185.235.0-130.185.237.255
130.185.248.0/24
130.185.250.0/24
178.132.80.0-178.132.85.255
185.148.160.0/22
217.174.148.0-217.174.150.255
217.174.152.0-217.174.154.255
217.174.159.0/24
IPv6:
2a01:8740::/32
Signature Algorithm: sha256WithRSAEncryption
3c:ec:ff:71:51:30:ef:48:d8:41:51:84:ad:f4:aa:26:73:34:
67:8a:2b:b7:58:dd:2d:e2:5b:e0:0f:0e:b4:e8:c5:ec:a8:fc:
f4:2b:9f:cb:67:56:35:07:d0:9a:60:48:47:b3:28:41:15:0a:
d5:dc:d0:c9:f1:da:05:76:1c:8b:28:6c:8b:2a:5b:33:74:9a:
4e:d2:14:cf:13:8e:73:da:99:b8:e5:bf:2f:0e:00:16:74:7b:
15:52:77:94:50:6b:3a:75:05:48:b4:be:c8:f2:96:49:b9:ad:
f2:cd:cf:25:6f:c6:f7:a8:13:ec:b1:79:8c:77:de:26:13:30:
30:5e:0c:42:fd:80:32:0d:22:1e:bc:76:14:77:da:0a:25:8f:
33:1a:02:49:a1:69:33:89:03:bb:f0:93:01:bd:c1:08:e7:73:
cc:82:c7:22:fc:a9:88:1f:d6:a4:09:6f:8b:5c:77:58:ed:5c:
a5:5f:86:4b:68:6b:9a:6f:21:e3:54:af:cf:e1:25:4b:b5:19:
d3:fb:b3:da:62:ed:5f:1a:ed:6f:65:1d:37:b9:cb:c9:6a:4a:
7f:16:5e:d3:32:48:29:8a:6c:9e:13:d1:76:45:f5:f9:f9:ec:
a6:b6:5f:e2:a1:b9:d0:9b:fc:c9:32:49:7a:38:c7:62:16:92:
ba:22:2b:d3
-----BEGIN CERTIFICATE-----
MIIGkjCCBXqgAwIBAgISAYyGYOUrq5Mu+DguiCv9Ytb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjMxMjIwMDgzOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmFjOTQ2ZGIxOTJiYmUxMzc2ZDM5ODY3NDJiM2M2MzMzZDYzYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUpi4BkGA45uaVe7f6xgqWJxpv/5
0SC62x3YH/Nz4cFP7ESPreyLPxclobsKj/BUqhFsIH8awDuDGnwX2gk5IU6bPz1B
paBxWlZuIwU/eYOSoW4hVqtoceHcicmVW52xcY8mI4FfqaGy5oZuqWMPRPtPao/R
9os6AYx8OozdOCDsSL1lTsR1i9ac9hQB38LFD+fw1T11h6zNGg4vziuR2KRH40T1
gE2KyCdaYeCuGroyNvfJHiViLL6BY9rP0Mz6KNgv3QFqlo7tZzXTz0OWjIqU8D+M
4V49BlEjZru/LH3b8QL2CCWT+yGGvfNKLn1MQYHurVY5kw7OQPX75QBRwQIDAQAB
o4IDnjCCA5owHQYDVR0OBBYEFLaslG2xkrvhN205hnQrPGMz1jo+MB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvdHF5VWJiR1N1LUUzYlRtR2RDczhZelBXT2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBsgYIKwYBBQUHAQcBAf8EggGhMIIBnTCCAYoEAgABMIIB
ggMEAQVoqAMEAAVorgMEAU1MCgMEAE6ACAMEAE6AKwMEAE6APAMEAE6AQwMEAE6A
SAMEAE6ATAMEAE6ATwMEAE6AUQMEAE6AXAMEAE6AXgMEAE6AYgMEAU6AbAMEAE6O
AQMEAU6OBAMEAE6OEQMEAE6OFAMEAE6OGDAMAwQATo4hAwQATo4iAwQATo4vAwQA
To48AwQATo4/AwQAT3wAAwQAT3wPAwQBT3wUMAwDBABPfBcDBABPfBwDBAFPfDIw
DAMEAE98SQMEAE98SgMEAE98TAMEAE98TwMEAE98UgMEAFJ24AMEAFJ27AMEAFJ2
7gMEAFJ29AMEAVJ29gMEAFuUgwMEAFuUjAMEAFuUoAMEAFuUqAMEAF5IkQMEAl5I
lAMEAV5IngMEAIK54AMEAIK55TAMAwQAgrnrAwQBgrnsAwQAgrn4AwQAgrn6MAwD
BASyhFADBAGyhFQDBAK5lKAwDAMEAtmulAMEANmuljAMAwQD2a6YAwQA2a6aAwQA
2a6fMA0EAgACMAcDBQAqAYdAMA0GCSqGSIb3DQEBCwUAA4IBAQA87P9xUTDvSNhB
UYSt9KomczRniiu3WN0t4lvgDw606MXsqPz0K5/LZ1Y1B9CaYEhHsyhBFQrV3NDJ
8doFdhyLKGyLKlszdJpO0hTPE45z2pm45b8vDgAWdHsVUneUUGs6dQVItL7I8pZJ
ua3yzc8lb8b3qBPssXmMd94mEzAwXgxC/YAyDSIevHYUd9oKJY8zGgJJoWkziQO7
8JMBvcEI53PMgsci/KmIH9akCW+LXHdY7VylX4ZLaGuabyHjVK/P4SVLtRnT+7Pa
Yu1fGu1vZR03ucvJakp/Fl7TMkgpimyeE9F2RfX5+eymtl/iobnQm/zJMkl6OMdi
FpK6IivT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:15 2024 by rpki-client on console-fra.rpki-client.org