Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/L9tWEnmpFolExywGr0zk3-rm_RE.roa
File: L9tWEnmpFolExywGr0zk3-rm_RE.roa (raw, json)
Hash identifier: /7r4eZXgZdSHnQZCWzN7XTbF12ug55BvWjt24pnVhA4=
Subject key identifier: 2F:DB:56:12:79:A9:16:89:44:C7:2C:06:AF:4C:E4:DF:EA:E6:FD:11
Certificate issuer: /CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Certificate serial: 018572E81DD9E37F5EC01CB54F0BD3ECE9C9
Authority key identifier: 99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/L9tWEnmpFolExywGr0zk3-rm_RE.roa
Signing time: Mon 02 Jan 2023 14:34:52 +0000
ROA not before: Mon 02 Jan 2023 14:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16333
IP address blocks: 185.2.188.0/22 maxlen: 22
217.16.64.0/19 maxlen: 19
217.16.64.0/20 maxlen: 20
217.16.80.0/20 maxlen: 20
217.16.88.0/22 maxlen: 22
217.16.87.0/24 maxlen: 24
212.110.80.0/21 maxlen: 21
212.110.88.0/22 maxlen: 22
146.255.69.0/24 maxlen: 24
146.255.86.0/24 maxlen: 24
185.80.164.0/22 maxlen: 22
185.100.244.0/22 maxlen: 22
85.30.64.0/19 maxlen: 19
85.30.64.0/21 maxlen: 21
85.30.64.0/18 maxlen: 18
85.30.72.0/22 maxlen: 22
78.157.4.0/24 maxlen: 24
78.157.3.0/24 maxlen: 24
78.157.2.0/24 maxlen: 24
78.157.1.0/24 maxlen: 24
78.157.0.0/24 maxlen: 24
78.157.9.0/24 maxlen: 24
78.157.7.0/24 maxlen: 24
78.157.6.0/24 maxlen: 24
78.157.5.0/24 maxlen: 24
109.69.40.0/21 maxlen: 21
79.126.128.0/18 maxlen: 18
79.126.128.0/17 maxlen: 17
5.32.178.0/23 maxlen: 23
185.89.244.0/22 maxlen: 22
5.32.180.0/24 maxlen: 24
5.32.182.0/24 maxlen: 24
212.110.64.0/23 maxlen: 23
79.126.192.0/18 maxlen: 18
78.157.24.0/24 maxlen: 24
78.157.23.0/24 maxlen: 24
78.157.22.0/24 maxlen: 24
78.157.21.0/24 maxlen: 24
78.157.20.0/24 maxlen: 24
78.157.31.0/24 maxlen: 24
78.157.30.0/24 maxlen: 24
78.157.29.0/24 maxlen: 24
78.157.28.0/24 maxlen: 24
78.157.27.0/24 maxlen: 24
78.157.26.0/24 maxlen: 24
78.157.25.0/24 maxlen: 24
31.11.68.0/22 maxlen: 22
31.11.64.0/18 maxlen: 19
31.11.72.0/21 maxlen: 21
31.11.80.0/21 maxlen: 21
31.11.88.0/21 maxlen: 21
185.5.4.0/22 maxlen: 22
89.31.152.0/21 maxlen: 21
31.11.96.0/21 maxlen: 21
31.11.104.0/21 maxlen: 21
31.11.112.0/21 maxlen: 21
217.196.192.0/20 maxlen: 20
31.11.120.0/21 maxlen: 21
212.158.176.0/20 maxlen: 24
85.30.80.0/22 maxlen: 22
85.30.92.0/22 maxlen: 22
85.30.96.0/19 maxlen: 19
85.30.96.0/22 maxlen: 22
85.30.101.0/24 maxlen: 24
85.30.104.0/22 maxlen: 22
85.30.112.0/24 maxlen: 24
85.30.110.0/24 maxlen: 24
85.30.120.0/21 maxlen: 21
85.30.119.0/24 maxlen: 24
95.128.186.0/24 maxlen: 24
2a01:5b8::/29 maxlen: 29
2a01:5b8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:1d:d9:e3:7f:5e:c0:1c:b5:4f:0b:d3:ec:e9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Validity
Not Before: Jan 2 14:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fdb561279a9168944c72c06af4ce4dfeae6fd11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ad:16:8a:70:26:dd:3d:1a:be:17:ab:06:68:
1e:9a:df:33:c2:9e:74:9b:4f:84:47:1a:a4:2b:45:
df:90:68:48:28:ee:ac:3c:e2:be:31:94:a5:36:89:
4e:74:c4:6b:0e:ab:18:19:7e:07:9b:79:76:04:87:
bd:18:1a:22:d5:c3:2e:64:db:a3:2e:f0:ed:56:2f:
a7:80:6e:17:6e:50:3b:9e:a9:c1:48:8a:9a:82:8b:
03:ca:2d:c0:41:33:c1:be:8e:4f:93:a7:ba:bd:f1:
da:d3:bb:bb:a0:e0:ac:d8:90:44:42:54:b2:ee:32:
f1:89:91:cc:10:4a:83:1d:3e:1c:dd:2d:11:e8:13:
9e:9d:c5:f5:39:1d:e9:a8:77:a8:70:94:e0:21:c9:
71:07:a8:22:26:e4:29:d5:64:2a:67:be:b2:66:8c:
6e:75:40:49:e6:10:42:63:4e:86:b2:98:53:9a:ed:
b4:88:e9:e5:fd:50:95:29:7a:50:db:5c:62:5b:3e:
d2:68:bb:ef:bb:2f:74:b7:3d:6f:99:27:da:22:68:
99:dd:a1:9c:1b:e9:14:0b:d9:ed:1f:fa:1e:ea:83:
43:1a:56:9c:90:16:5b:6c:9a:de:1c:f2:fd:6e:86:
b9:b9:01:84:44:28:f9:f9:8f:e2:f7:91:22:fa:59:
b6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:DB:56:12:79:A9:16:89:44:C7:2C:06:AF:4C:E4:DF:EA:E6:FD:11
X509v3 Authority Key Identifier:
keyid:99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/L9tWEnmpFolExywGr0zk3-rm_RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.178.0-5.32.180.255
5.32.182.0/24
31.11.64.0/18
78.157.0.0/21
78.157.9.0/24
78.157.20.0-78.157.31.255
79.126.128.0/17
85.30.64.0/18
89.31.152.0/21
95.128.186.0/24
109.69.40.0/21
146.255.69.0/24
146.255.86.0/24
185.2.188.0/22
185.5.4.0/22
185.80.164.0/22
185.89.244.0/22
185.100.244.0/22
212.110.64.0/23
212.110.80.0-212.110.91.255
212.158.176.0/20
217.16.64.0/19
217.196.192.0/20
IPv6:
2a01:5b8::/29
Signature Algorithm: sha256WithRSAEncryption
7d:e2:28:22:31:f9:f1:61:4e:77:dd:1d:a8:7e:14:11:ea:36:
c0:69:2c:75:c2:34:a3:26:45:71:39:e6:45:f7:12:85:c8:de:
4f:d0:ed:d2:93:5d:4c:70:de:c2:82:1a:f5:c1:4b:a5:5a:5e:
e0:48:85:ef:f0:cb:d4:60:c2:41:8c:64:28:35:d8:0a:0b:d9:
4b:6b:bf:f1:36:22:a0:18:18:31:54:44:c2:57:f8:cd:e9:68:
13:86:96:4d:7a:8d:4c:a9:5e:7f:d6:1c:fa:0f:d4:d8:73:9d:
80:1a:5e:02:8d:bb:6a:da:7f:c9:bf:51:85:b8:2b:62:ee:76:
8c:12:85:14:9b:a9:0e:60:68:23:c7:47:51:f8:7f:c8:ce:76:
1e:a4:03:65:08:9d:d9:a1:76:00:dc:bc:b5:0b:ac:4e:e8:ab:
20:49:2f:29:03:d9:6b:cf:5f:6e:3f:1c:e8:bc:75:92:9a:ba:
2e:2d:f7:01:3a:e4:bb:07:3e:df:d3:3f:c4:c7:41:f5:ab:2e:
fe:3e:4a:74:fa:ac:78:41:97:4d:55:f4:9b:09:84:ac:f5:c1:
ad:05:ca:7f:d9:89:9e:49:2c:b6:cc:ea:36:c3:6c:56:ba:c9:
1b:76:2c:6d:8c:99:69:e5:ac:d7:56:86:12:4e:13:53:4f:c4:
90:03:99:bc
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYVy6B3Z439ewBy1TwvT7OnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZTcyMDlhOGM5YjE3NmZiZjYyM2VkZjNlZTBiODIwMDdm
YzJjNDAwHhcNMjMwMTAyMTQzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmRiNTYxMjc5YTkxNjg5NDRjNzJjMDZhZjRjZTRkZmVhZTZmZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq0WinAm3T0avherBmgemt8zwp50
m0+ERxqkK0XfkGhIKO6sPOK+MZSlNolOdMRrDqsYGX4Hm3l2BIe9GBoi1cMuZNuj
LvDtVi+ngG4XblA7nqnBSIqagosDyi3AQTPBvo5Pk6e6vfHa07u7oOCs2JBEQlSy
7jLxiZHMEEqDHT4c3S0R6BOencX1OR3pqHeocJTgIclxB6giJuQp1WQqZ76yZoxu
dUBJ5hBCY06GsphTmu20iOnl/VCVKXpQ21xiWz7SaLvvuy90tz1vmSfaImiZ3aGc
G+kUC9ntH/oe6oNDGlackBZbbJreHPL9boa5uQGERCj5+Y/i95Ei+lm20QIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFC/bVhJ5qRaJRMcsBq9M5N/q5v0RMB8GA1UdIwQY
MBaAFJnnIJqMmxdvv2I+3z7guCAH/CxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUt
YjJkY2MxODYzZThiLzEvTDl0V0VubXBGb2xFeHl3R3IwemszLXJtX1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUtYjJkY2MxODYzZThi
LzEvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIwDAME
AQUgsgMEAAUgtAMEAAUgtgMEBh8LQAMEA06dAAMEAE6dCTAMAwQCTp0UAwQFTp0A
AwQHT36AAwQGVR5AAwQDWR+YAwQAX4C6AwQDbUUoAwQAkv9FAwQAkv9WAwQCuQK8
AwQCuQUEAwQCuVCkAwQCuVn0AwQCuWT0AwQB1G5AMAwDBATUblADBALUblgDBATU
nrADBAXZEEADBATZxMAwDQQCAAIwBwMFAyoBBbgwDQYJKoZIhvcNAQELBQADggEB
AH3iKCIx+fFhTnfdHah+FBHqNsBpLHXCNKMmRXE55kX3EoXI3k/Q7dKTXUxw3sKC
GvXBS6VaXuBIhe/wy9RgwkGMZCg12AoL2Utrv/E2IqAYGDFURMJX+M3paBOGlk16
jUypXn/WHPoP1NhznYAaXgKNu2raf8m/UYW4K2LudowShRSbqQ5gaCPHR1H4f8jO
dh6kA2UIndmhdgDcvLULrE7oqyBJLykD2WvPX24/HOi8dZKaui4t9wE65LsHPt/T
P8THQfWrLv4+SnT6rHhBl01V9JsJhKz1wa0Fyn/ZiZ5JLLbM6jbDbFa6yRt2LG2M
mWnlrNdWhhJOE1NPxJADmbw=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:32 2023 by rpki-client on console.sobornost.net