Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/fd-oFp2SU2cQ0NYqCJsGQfv2-sk.roa
File: fd-oFp2SU2cQ0NYqCJsGQfv2-sk.roa (raw, json)
Hash identifier: MosGlFbRG33vrU4i4UC0T8AfoApOcvJWvCKuN/mk2to=
Subject key identifier: 7D:DF:A8:16:9D:92:53:67:10:D0:D6:2A:08:9B:06:41:FB:F6:FA:C9
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 018DFA857AEE359D42EF2CF44E4A6323DA71
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/fd-oFp2SU2cQ0NYqCJsGQfv2-sk.roa
Signing time: Fri 01 Mar 2024 14:57:48 +0000
ROA not before: Fri 01 Mar 2024 14:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48716
IP address blocks: 77.240.38.0/23 maxlen: 24
77.243.80.0/23 maxlen: 24
78.40.108.0/23 maxlen: 24
85.202.192.0/22 maxlen: 24
89.219.32.0/22 maxlen: 24
91.147.92.0/22 maxlen: 22
91.147.92.0/24 maxlen: 24
91.147.93.0/24 maxlen: 24
91.147.94.0/24 maxlen: 24
91.147.95.0/24 maxlen: 24
91.147.104.0/22 maxlen: 24
91.201.214.0/23 maxlen: 24
91.215.136.0/22 maxlen: 24
91.215.136.0/24 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.139.0/24 maxlen: 32
94.247.128.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
185.4.180.0/22 maxlen: 24
185.22.64.0/22 maxlen: 24
185.35.222.0/23 maxlen: 24
185.102.72.0/22 maxlen: 24
185.146.0.0/22 maxlen: 24
194.39.64.0/22 maxlen: 24
194.39.64.0/23 maxlen: 24
194.39.66.0/24 maxlen: 24
194.39.67.0/24 maxlen: 24
194.110.54.0/23 maxlen: 24
195.49.209.0/24 maxlen: 24
195.49.210.0/23 maxlen: 23
195.49.210.0/24 maxlen: 24
195.49.211.0/24 maxlen: 24
195.49.212.0/22 maxlen: 22
195.49.212.0/24 maxlen: 24
195.49.213.0/24 maxlen: 24
195.49.214.0/24 maxlen: 24
195.49.215.0/24 maxlen: 24
195.93.152.0/23 maxlen: 24
195.210.46.0/23 maxlen: 24
2a00:5da0::/32 maxlen: 48
Validation: Failed, certificate revoked on Sat 20 Apr 2024 10:16:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:85:7a:ee:35:9d:42:ef:2c:f4:4e:4a:63:23:da:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Mar 1 14:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ddfa8169d92536710d0d62a089b0641fbf6fac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:af:50:71:99:84:07:17:c1:40:48:40:94:9e:
80:c0:1b:4e:fc:47:82:8a:01:00:1e:09:e1:1a:55:
8a:2c:71:5e:db:66:b7:c0:52:9c:3e:a4:d8:79:e5:
0c:02:42:e3:69:d5:03:1e:f0:b9:5d:a4:b0:bb:ad:
85:f4:de:51:21:b6:a6:cd:a3:4e:d3:97:1a:3a:51:
7b:8d:40:9c:89:de:76:db:ad:0a:1f:9c:49:f3:21:
08:52:97:d7:a8:ea:79:0b:dc:b0:39:eb:d8:2c:d4:
20:36:63:b5:15:9d:50:c5:5e:14:c0:58:f9:61:82:
5a:50:61:47:1b:ec:02:f0:0b:8c:b4:bf:d7:0e:9e:
be:52:bb:ee:a4:6a:d5:d4:38:27:a0:3e:d4:c8:35:
d9:d4:a0:e8:be:80:73:45:fc:a6:b1:3d:b3:3d:9f:
18:fb:4b:a1:10:02:fe:0d:c0:c8:d8:5d:9b:6c:60:
c4:1f:06:df:fd:99:ae:24:5c:4b:bc:f2:1b:a0:04:
dc:6b:1f:5c:88:23:55:7a:a2:a2:a4:aa:a5:05:0b:
9a:72:a1:47:15:72:d1:58:51:cc:e6:b9:79:7d:48:
e6:f9:cc:7f:8e:3e:c9:ce:52:25:c6:b1:05:13:20:
3e:5f:e0:ba:60:bd:ab:52:f9:65:70:87:bf:60:06:
76:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:DF:A8:16:9D:92:53:67:10:D0:D6:2A:08:9B:06:41:FB:F6:FA:C9
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/fd-oFp2SU2cQ0NYqCJsGQfv2-sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.38.0/23
77.243.80.0/23
78.40.108.0/23
85.202.192.0/22
89.219.32.0/22
91.147.92.0/22
91.147.104.0/22
91.201.214.0/23
91.215.136.0/22
94.247.128.0/21
109.233.108.0/22
185.4.180.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.39.64.0/22
194.110.54.0/23
195.49.209.0-195.49.215.255
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/32
Signature Algorithm: sha256WithRSAEncryption
a8:f8:56:08:b7:1e:6a:60:83:cf:d3:fe:be:b5:9f:57:5d:56:
b2:0e:a9:59:09:08:52:87:12:dc:62:33:ff:34:27:e1:dd:ba:
e4:50:53:02:58:58:7a:6c:2f:09:52:fa:10:1c:41:52:4b:26:
2c:a6:2c:0e:ee:e2:cf:57:54:9d:aa:1f:9d:97:3a:fc:af:35:
94:46:64:fc:2c:db:38:47:e0:c5:d4:18:f4:73:f2:43:2b:44:
09:d7:e0:e5:a0:e1:a4:96:99:27:80:ba:2d:e5:c4:73:39:a5:
92:5e:23:b0:8e:db:5a:10:ca:8a:8a:ef:7e:fb:30:3f:b0:90:
74:5e:1c:13:7a:b6:fd:96:0b:37:32:6d:c0:49:78:7f:9b:cf:
13:29:bc:1f:f2:33:2a:e2:aa:98:2f:3c:61:69:11:fd:c2:1c:
ef:ff:52:51:54:5c:6b:28:09:70:e0:5d:f7:5a:ed:e1:e7:a6:
81:1f:c2:5a:12:97:9a:c6:ae:af:48:1a:09:93:32:3f:1f:88:
0a:7b:32:5b:be:48:60:8e:24:d9:42:60:81:80:69:5d:c4:f6:
73:1b:c2:f6:00:08:4e:2c:14:af:39:ea:32:9a:65:96:ea:e7:
3b:06:bf:25:10:b8:c1:3f:dc:f3:f4:5e:d9:60:ed:b7:77:08:
54:f3:f3:ae
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAY36hXruNZ1C7yz0TkpjI9pxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjQwMzAxMTQ1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGRmYTgxNjlkOTI1MzY3MTBkMGQ2MmEwODliMDY0MWZiZjZmYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla9QcZmEBxfBQEhAlJ6AwBtO/EeC
igEAHgnhGlWKLHFe22a3wFKcPqTYeeUMAkLjadUDHvC5XaSwu62F9N5RIbamzaNO
05caOlF7jUCcid52260KH5xJ8yEIUpfXqOp5C9ywOevYLNQgNmO1FZ1QxV4UwFj5
YYJaUGFHG+wC8AuMtL/XDp6+UrvupGrV1DgnoD7UyDXZ1KDovoBzRfymsT2zPZ8Y
+0uhEAL+DcDI2F2bbGDEHwbf/ZmuJFxLvPIboATcax9ciCNVeqKipKqlBQuacqFH
FXLRWFHM5rl5fUjm+cx/jj7JzlIlxrEFEyA+X+C6YL2rUvllcIe/YAZ2WQIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFH3fqBadklNnENDWKgibBkH79vrJMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvZmQtb0ZwMlNVMmNRME5ZcUNKc0dRZnYyLXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzCBjQQCAAEwgYYDBAFN
8CYDBAFN81ADBAFOKGwDBAJVysADBAJZ2yADBAJbk1wDBAJbk2gDBAFbydYDBAJb
14gDBANe94ADBAJt6WwDBAK5BLQDBAK5FkADBAG5I94DBAK5ZkgDBAK5kgADBALC
J0ADBAHCbjYwDAMEAMMx0QMEA8Mx0AMEAcNdmAMEAcPSLjANBAIAAjAHAwUAKgBd
oDANBgkqhkiG9w0BAQsFAAOCAQEAqPhWCLceamCDz9P+vrWfV11Wsg6pWQkIUocS
3GIz/zQn4d265FBTAlhYemwvCVL6EBxBUksmLKYsDu7iz1dUnaofnZc6/K81lEZk
/CzbOEfgxdQY9HPyQytECdfg5aDhpJaZJ4C6LeXEczmlkl4jsI7bWhDKiorvfvsw
P7CQdF4cE3q2/ZYLNzJtwEl4f5vPEym8H/IzKuKqmC88YWkR/cIc7/9SUVRcaygJ
cOBd91rt4eemgR/CWhKXmsaur0gaCZMyPx+ICnsyW75IYI4k2UJggYBpXcT2cxvC
9gAITiwUrznqMppllurnOwa/JRC4wT/c8/Re2WDtt3cIVPPzrg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:04 2025 by rpki-client