Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/FONaW1Ofl3FXcv9GXPYPYFriuQ4.roa
File: FONaW1Ofl3FXcv9GXPYPYFriuQ4.roa (raw, json)
Hash identifier: rKjRoFIfncKs60vK4HkgBbtOMEBKVAvdFLg1FgaC07Y=
Subject key identifier: 14:E3:5A:5B:53:9F:97:71:57:72:FF:46:5C:F6:0F:60:5A:E2:B9:0E
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0193B045289E9D19B5484AA918EDEF4B2A33
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/FONaW1Ofl3FXcv9GXPYPYFriuQ4.roa
Signing time: Tue 10 Dec 2024 11:12:22 +0000
ROA not before: Tue 10 Dec 2024 11:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57169
IP address blocks: 5.180.114.0/24 maxlen: 24
37.235.48.0/20 maxlen: 20
37.235.50.0/23 maxlen: 23
37.235.50.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
45.153.125.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.238.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
134.255.210.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.122.184.0/24 maxlen: 24
185.193.51.0/24 maxlen: 24
185.195.65.0/24 maxlen: 24
188.214.33.0/24 maxlen: 24
188.214.34.0/24 maxlen: 24
188.214.38.0/24 maxlen: 24
188.214.39.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80:7::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:357::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f82:abcd::/48 maxlen: 48
2a03:f82:abcd:43::/64 maxlen: 64
2a03:f87:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b0:45:28:9e:9d:19:b5:48:4a:a9:18:ed:ef:4b:2a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Dec 10 11:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14e35a5b539f97715772ff465cf60f605ae2b90e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:73:3e:f9:4f:9a:22:fc:c2:1f:b2:f6:b2:0a:
92:bb:4e:11:44:60:bb:c1:30:f6:26:e4:8d:56:46:
00:85:77:a5:f2:5c:89:0c:bf:99:59:53:55:d3:f2:
b6:8b:e2:21:a8:3b:4e:5e:4e:6f:05:5c:a5:b3:bf:
01:2d:1a:2e:73:55:f3:bb:b2:ec:36:2e:31:77:e4:
00:65:61:69:b1:14:50:22:74:46:6b:e7:ed:b8:dc:
5d:05:61:4b:84:5d:ea:4d:d0:0c:20:c9:a9:c3:c0:
0f:14:1f:98:ff:48:0f:c8:d9:15:44:2f:f0:b6:a7:
e3:ce:75:de:44:59:c8:88:10:38:70:be:fe:2c:4e:
10:f6:67:d4:28:90:33:d7:77:99:8b:5c:8d:1e:b7:
aa:d4:02:27:27:57:71:6b:b1:b5:74:e5:98:b2:92:
4b:28:8d:37:1b:a1:85:3c:53:f2:80:1c:0d:dd:81:
0d:9f:83:7a:d4:98:80:88:df:03:ac:11:36:50:41:
a9:cc:19:49:60:52:97:90:3a:86:9c:28:92:60:65:
6a:a3:1e:3c:a1:7a:ed:67:85:d4:88:c0:ef:b2:6d:
4e:90:80:9c:07:6f:44:47:7c:8a:0e:02:5b:c1:c3:
9b:e2:d4:c4:1d:2f:76:b2:de:c3:43:f7:11:db:3f:
7c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E3:5A:5B:53:9F:97:71:57:72:FF:46:5C:F6:0F:60:5A:E2:B9:0E
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/FONaW1Ofl3FXcv9GXPYPYFriuQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
37.235.48.0/20
45.153.125.0/24
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
89.46.238.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
95.156.205.0/24
103.57.250.0/24
134.255.210.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0-185.26.238.255
185.122.184.0/24
185.193.51.0/24
185.195.65.0/24
188.214.33.0-188.214.34.255
188.214.38.0/23
213.183.54.0-213.183.57.255
IPv6:
2a03:f80:7::/48
2a03:f80:31::/48
2a03:f80:56::/47
2a03:f80:70::/48
2a03:f80:354::/48
2a03:f80:357::/48
2a03:f80:359::/48
2a03:f80:370::/47
2a03:f80:3991::/48
2a03:f80:ad15::/48
2a03:f80:ed15::-2a03:f80:ed17:ffff:ffff:ffff:ffff:ffff
2a03:f80:ed31::/48
2a03:f80:ed51::/48
2a03:f82:abcd::/48
2a03:f87:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
29:16:a8:8f:07:ac:f3:81:ad:45:9b:a1:c8:c8:86:d4:3c:ca:
d0:2c:cf:86:b9:32:62:a0:fb:55:e4:e9:e6:f0:f6:57:9e:46:
c6:43:fd:a3:27:3c:71:45:5a:00:69:27:db:f6:c5:c5:a4:bd:
a5:21:1d:3e:19:03:8d:fd:7e:27:82:df:9c:3d:e3:58:86:3e:
48:67:d2:c1:85:83:c6:c4:e2:6d:65:4e:97:71:89:df:1c:31:
f0:39:fd:a8:d2:50:04:71:18:1b:52:91:d3:a3:05:02:cd:1e:
8f:08:d4:ff:25:28:df:4f:f5:d9:71:13:3b:a9:be:de:1e:4c:
53:68:08:4f:11:8e:5a:a6:66:af:5d:7f:32:52:34:4f:c3:05:
ff:09:4b:b8:c8:bc:ef:ab:41:d5:73:e4:68:43:2c:3d:b1:44:
4a:c2:ce:bd:d4:3d:51:e2:6d:b9:fa:d9:41:8f:4f:01:03:42:
c9:67:3f:76:18:11:0a:24:a6:7b:d7:f3:58:5e:7b:d2:1b:00:
9e:57:f5:b6:a3:5f:07:f9:80:81:27:ff:dc:21:fa:fc:1f:7d:
a0:6c:94:47:c4:3c:37:a6:bc:33:49:c1:d7:6f:5c:e0:4d:7c:
a0:a6:36:ad:24:e5:4c:3a:b0:fd:ca:f8:c2:da:af:85:8e:d8:
39:57:4d:a6
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgISAZOwRSienRm1SEqpGO3vSyozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQxMjEwMTExMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGUzNWE1YjUzOWY5NzcxNTc3MmZmNDY1Y2Y2MGY2MDVhZTJiOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HM++U+aIvzCH7L2sgqSu04RRGC7
wTD2JuSNVkYAhXel8lyJDL+ZWVNV0/K2i+IhqDtOXk5vBVyls78BLRouc1Xzu7Ls
Ni4xd+QAZWFpsRRQInRGa+ftuNxdBWFLhF3qTdAMIMmpw8APFB+Y/0gPyNkVRC/w
tqfjznXeRFnIiBA4cL7+LE4Q9mfUKJAz13eZi1yNHreq1AInJ1dxa7G1dOWYspJL
KI03G6GFPFPygBwN3YENn4N61JiAiN8DrBE2UEGpzBlJYFKXkDqGnCiSYGVqox48
oXrtZ4XUiMDvsm1OkICcB29ER3yKDgJbwcOb4tTEHS92st7DQ/cR2z987wIDAQAB
o4IDZTCCA2EwHQYDVR0OBBYEFBTjWltTn5dxV3L/Rlz2D2Ba4rkOMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvRk9OYVcxT2ZsM0ZYY3Y5R1hQWVBZRnJpdVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeQYIKwYBBQUHAQcBAf8EggFoMIIBZDCBxQQCAAEwgb4D
BAAFtHIDBAQl6zADBAAtmX0DBABT83gDBAFT83oDBABU9z0DBABWancDBABZH3sD
BABZLu4DBABbhF4DBAFb48wDBABc80IDBABfnM0DBABnOfoDBACG/9IwDAMEA5Wa
mAMEAJWanAMEBZfsADAMAwQAnv/RAwQAnv/UMAwDBAK5GuwDBAC5Gu4DBAC5ergD
BAC5wTMDBAC5w0EwDAMEALzWIQMEALzWIgMEAbzWJjAMAwQB1bc2AwQB1bc4MIGZ
BAIAAjCBkgMHACoDD4AABwMHACoDD4AAMQMHASoDD4AAVgMHACoDD4AAcAMHACoD
D4ADVAMHACoDD4ADVwMHACoDD4ADWQMHASoDD4ADcAMHACoDD4A5kQMHACoDD4Ct
FTASAwcAKgMPgO0VAwcDKgMPgO0QAwcAKgMPgO0xAwcAKgMPgO1RAwcAKgMPgqvN
AwcAKgMPh///MA0GCSqGSIb3DQEBCwUAA4IBAQApFqiPB6zzga1Fm6HIyIbUPMrQ
LM+GuTJioPtV5Onm8PZXnkbGQ/2jJzxxRVoAaSfb9sXFpL2lIR0+GQON/X4ngt+c
PeNYhj5IZ9LBhYPGxOJtZU6XcYnfHDHwOf2o0lAEcRgbUpHTowUCzR6PCNT/JSjf
T/XZcRM7qb7eHkxTaAhPEY5apmavXX8yUjRPwwX/CUu4yLzvq0HVc+RoQyw9sURK
ws691D1R4m25+tlBj08BA0LJZz92GBEKJKZ71/NYXnvSGwCeV/W2o18H+YCBJ//c
Ifr8H32gbJRHxDw3prwzScHXb1zgTXygpjatJOVMOrD9yvjC2q+Fjtg5V02m
-----END CERTIFICATE-----
Generated at Sun Apr 13 09:05:58 2025 by rpki-client