Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/vCfWw4BBpg62s65mUXRO4Z7psWg.roa
File: vCfWw4BBpg62s65mUXRO4Z7psWg.roa (raw, json)
Hash identifier: /SqeOLTlPaoFL2517T4owuJbEBfF9GMRJL7I9Z6oxN0=
Subject key identifier: BC:27:D6:C3:80:41:A6:0E:B6:B3:AE:66:51:74:4E:E1:9E:E9:B1:68
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 018CC56EEBD23F1AF6A88F818D327206F6B2
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/vCfWw4BBpg62s65mUXRO4Z7psWg.roa
Signing time: Mon 01 Jan 2024 14:30:30 +0000
ROA not before: Mon 01 Jan 2024 14:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57344
IP address blocks: 79.124.0.0/24 maxlen: 24
217.174.148.0/23 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.150.0/24 maxlen: 24
79.124.15.0/24 maxlen: 24
79.124.20.0/23 maxlen: 23
79.124.24.0/22 maxlen: 24
217.174.154.0/24 maxlen: 24
217.174.159.0/24 maxlen: 24
79.124.23.0/24 maxlen: 24
79.124.28.0/24 maxlen: 24
79.124.51.0/24 maxlen: 24
79.124.50.0/24 maxlen: 24
79.124.73.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.74.0/24 maxlen: 24
79.124.79.0/24 maxlen: 24
79.124.82.0/24 maxlen: 24
77.76.11.0/24 maxlen: 24
77.76.10.0/24 maxlen: 24
94.72.145.0/24 maxlen: 24
94.72.148.0/22 maxlen: 24
94.72.159.0/24 maxlen: 24
94.72.158.0/24 maxlen: 24
82.118.246.0/23 maxlen: 23
82.118.244.0/24 maxlen: 24
178.132.84.0/23 maxlen: 24
178.132.82.0/23 maxlen: 24
178.132.80.0/24 maxlen: 24
178.132.81.0/24 maxlen: 24
82.118.224.0/24 maxlen: 24
82.118.236.0/24 maxlen: 24
82.118.238.0/24 maxlen: 24
5.104.168.0/23 maxlen: 23
78.128.60.0/24 maxlen: 24
78.128.67.0/24 maxlen: 24
5.104.174.0/24 maxlen: 24
78.128.72.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
91.148.131.0/24 maxlen: 24
78.128.79.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
91.148.140.0/24 maxlen: 24
78.128.92.0/24 maxlen: 24
78.128.94.0/24 maxlen: 24
78.128.98.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
130.185.229.0/24 maxlen: 24
78.142.34.0/24 maxlen: 24
78.142.33.0/24 maxlen: 24
130.185.236.0/24 maxlen: 24
130.185.235.0/24 maxlen: 24
130.185.237.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
130.185.250.0/24 maxlen: 24
130.185.248.0/24 maxlen: 24
78.142.60.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
91.148.160.0/24 maxlen: 24
78.128.108.0/23 maxlen: 23
185.148.160.0/22 maxlen: 22
91.148.168.0/24 maxlen: 24
78.142.4.0/23 maxlen: 23
78.142.1.0/24 maxlen: 24
78.142.17.0/24 maxlen: 24
78.142.20.0/24 maxlen: 24
78.142.24.0/24 maxlen: 24
130.185.224.0/24 maxlen: 24
2a01:8740::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 07 Feb 2024 09:53:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:eb:d2:3f:1a:f6:a8:8f:81:8d:32:72:06:f6:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 1 14:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc27d6c38041a60eb6b3ae6651744ee19ee9b168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bd:46:11:28:6c:4d:d9:72:9f:c2:90:b4:bf:
ad:e0:90:c2:94:8a:10:94:ee:d1:44:86:9a:e7:07:
c8:58:11:0b:fc:98:f0:cf:9f:c9:f2:d5:08:fa:e9:
db:6e:aa:9d:07:04:a4:cd:0d:91:b9:86:98:1e:1c:
6a:64:0c:c0:50:8d:19:84:03:34:40:a8:40:a0:9a:
47:09:18:cd:0f:b7:a4:06:c9:b3:36:49:c3:5c:b6:
8d:f7:90:7d:51:28:ac:f0:ff:96:e3:6d:4a:58:e8:
2d:0f:36:00:97:1b:03:10:76:21:41:56:60:ff:65:
d1:f5:ff:d4:8d:e1:0d:89:32:ad:c2:56:30:5e:6a:
0a:e5:b1:67:46:22:63:78:f5:0b:8c:75:e4:52:fa:
0e:6f:27:65:c8:be:80:20:6e:82:2d:33:41:8f:1b:
d1:77:82:47:b8:60:ca:93:ca:15:0f:58:76:c7:9e:
34:80:ce:a6:a1:ea:6c:18:9f:e1:a8:e8:5a:d7:84:
d5:80:33:7b:e7:e7:29:fd:5b:85:05:f0:03:e2:cc:
26:a9:b7:75:84:44:46:be:f6:c5:c8:e5:cc:fe:94:
3b:34:c8:e6:f3:ef:4f:c1:7b:64:8c:a4:08:6f:fc:
9a:48:eb:c8:ea:79:22:06:ca:90:49:e7:69:26:0d:
1a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:27:D6:C3:80:41:A6:0E:B6:B3:AE:66:51:74:4E:E1:9E:E9:B1:68
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/vCfWw4BBpg62s65mUXRO4Z7psWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.168.0/23
5.104.174.0/24
77.76.10.0/23
78.128.8.0/24
78.128.43.0/24
78.128.60.0/24
78.128.67.0/24
78.128.72.0/24
78.128.76.0/24
78.128.79.0/24
78.128.81.0/24
78.128.92.0/24
78.128.94.0/24
78.128.98.0/24
78.128.108.0/23
78.142.1.0/24
78.142.4.0/23
78.142.17.0/24
78.142.20.0/24
78.142.24.0/24
78.142.33.0-78.142.34.255
78.142.47.0/24
78.142.60.0/24
78.142.63.0/24
79.124.0.0/24
79.124.15.0/24
79.124.20.0/23
79.124.23.0-79.124.28.255
79.124.50.0/23
79.124.73.0-79.124.74.255
79.124.76.0/24
79.124.79.0/24
79.124.82.0/24
82.118.224.0/24
82.118.236.0/24
82.118.238.0/24
82.118.244.0/24
82.118.246.0/23
91.148.131.0/24
91.148.140.0/24
91.148.160.0/24
91.148.168.0/24
94.72.145.0/24
94.72.148.0/22
94.72.158.0/23
130.185.224.0/24
130.185.229.0/24
130.185.235.0-130.185.237.255
130.185.248.0/24
130.185.250.0/24
178.132.80.0-178.132.85.255
185.148.160.0/22
217.174.148.0-217.174.150.255
217.174.152.0-217.174.154.255
217.174.159.0/24
IPv6:
2a01:8740::/32
Signature Algorithm: sha256WithRSAEncryption
1b:cc:b8:da:7c:94:55:36:05:fc:60:f3:3f:81:0d:4c:3c:32:
d3:e8:c6:98:18:bf:8b:25:99:60:7b:d6:2c:a6:90:61:9b:1d:
4c:6e:0f:a0:61:60:e3:63:64:3e:d8:e4:bf:8a:f5:68:61:10:
ea:31:48:ec:d4:57:9b:81:31:e0:53:e6:09:8e:da:42:27:c0:
93:42:ef:7c:e5:4e:8a:60:8e:86:16:f5:71:27:0c:63:88:66:
41:19:84:56:ad:dd:d2:5d:6b:c5:f9:69:f3:28:83:af:4a:f6:
42:c1:39:c8:c1:ed:8a:5d:9d:89:ea:04:62:ad:4d:d1:20:41:
f4:f3:e8:9c:27:fa:1c:6d:97:ac:a0:3e:55:38:0d:da:fd:02:
12:31:08:7f:7c:14:6e:38:a7:35:40:02:61:69:aa:d1:ad:54:
2a:85:d1:f2:10:8c:a4:15:6e:33:89:02:54:10:44:2b:c0:78:
1a:56:9f:29:5a:54:6b:47:27:d0:45:cb:21:c3:68:7e:28:49:
69:ba:2a:a2:c9:48:c6:f5:0b:f2:63:ed:21:b2:e0:86:a1:f7:
d4:bb:0c:6d:1e:fd:1a:fb:dd:85:d3:f7:29:25:05:2b:d2:45:
89:99:e1:ea:33:45:1d:ec:5d:8d:17:d9:d9:7e:65:ae:1f:a3:
38:e5:dd:46
-----BEGIN CERTIFICATE-----
MIIGkjCCBXqgAwIBAgISAYzFbuvSPxr2qI+BjTJyBvayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjQwMTAxMTQzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzI3ZDZjMzgwNDFhNjBlYjZiM2FlNjY1MTc0NGVlMTllZTliMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur1GEShsTdlyn8KQtL+t4JDClIoQ
lO7RRIaa5wfIWBEL/Jjwz5/J8tUI+unbbqqdBwSkzQ2RuYaYHhxqZAzAUI0ZhAM0
QKhAoJpHCRjND7ekBsmzNknDXLaN95B9USis8P+W421KWOgtDzYAlxsDEHYhQVZg
/2XR9f/UjeENiTKtwlYwXmoK5bFnRiJjePULjHXkUvoObydlyL6AIG6CLTNBjxvR
d4JHuGDKk8oVD1h2x540gM6moepsGJ/hqOha14TVgDN75+cp/VuFBfAD4swmqbd1
hERGvvbFyOXM/pQ7NMjm8+9PwXtkjKQIb/yaSOvI6nkiBsqQSedpJg0aGwIDAQAB
o4IDnjCCA5owHQYDVR0OBBYEFLwn1sOAQaYOtrOuZlF0TuGe6bFoMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvdkNmV3c0QkJwZzYyczY1bVVYUk80Wjdwc1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBsgYIKwYBBQUHAQcBAf8EggGhMIIBnTCCAYoEAgABMIIB
ggMEAQVoqAMEAAVorgMEAU1MCgMEAE6ACAMEAE6AKwMEAE6APAMEAE6AQwMEAE6A
SAMEAE6ATAMEAE6ATwMEAE6AUQMEAE6AXAMEAE6AXgMEAE6AYgMEAU6AbAMEAE6O
AQMEAU6OBAMEAE6OEQMEAE6OFAMEAE6OGDAMAwQATo4hAwQATo4iAwQATo4vAwQA
To48AwQATo4/AwQAT3wAAwQAT3wPAwQBT3wUMAwDBABPfBcDBABPfBwDBAFPfDIw
DAMEAE98SQMEAE98SgMEAE98TAMEAE98TwMEAE98UgMEAFJ24AMEAFJ27AMEAFJ2
7gMEAFJ29AMEAVJ29gMEAFuUgwMEAFuUjAMEAFuUoAMEAFuUqAMEAF5IkQMEAl5I
lAMEAV5IngMEAIK54AMEAIK55TAMAwQAgrnrAwQBgrnsAwQAgrn4AwQAgrn6MAwD
BASyhFADBAGyhFQDBAK5lKAwDAMEAtmulAMEANmuljAMAwQD2a6YAwQA2a6aAwQA
2a6fMA0EAgACMAcDBQAqAYdAMA0GCSqGSIb3DQEBCwUAA4IBAQAbzLjafJRVNgX8
YPM/gQ1MPDLT6MaYGL+LJZlge9YsppBhmx1Mbg+gYWDjY2Q+2OS/ivVoYRDqMUjs
1FebgTHgU+YJjtpCJ8CTQu985U6KYI6GFvVxJwxjiGZBGYRWrd3SXWvF+WnzKIOv
SvZCwTnIwe2KXZ2J6gRirU3RIEH08+icJ/ocbZesoD5VOA3a/QISMQh/fBRuOKc1
QAJhaarRrVQqhdHyEIykFW4ziQJUEEQrwHgaVp8pWlRrRyfQRcshw2h+KElpuiqi
yUjG9QvyY+0hsuCGoffUuwxtHv0a+92F0/cpJQUr0kWJmeHqM0Ud7F2NF9nZfmWu
H6M45d1G
-----END CERTIFICATE-----
Generated at Wed Feb 7 14:43:12 2024 by rpki-client on console-fra.rpki-client.org