Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/fXwmoeptX8lNWJeb_-HW03KRAS0.roa
File: fXwmoeptX8lNWJeb_-HW03KRAS0.roa (raw, json)
Hash identifier: HUX/tTgIF2WwAAqEFCfho7/AnfMnil2adfkji7ydSaw=
Subject key identifier: 7D:7C:26:A1:EA:6D:5F:C9:4D:58:97:9B:FF:E1:D6:D3:72:91:01:2D
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 0186C5A818DC105EDFDB4AFF92677C9F077E
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/fXwmoeptX8lNWJeb_-HW03KRAS0.roa
Signing time: Thu 09 Mar 2023 09:16:13 +0000
ROA not before: Thu 09 Mar 2023 09:16:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48635
IP address blocks: 195.39.204.0/23 maxlen: 24
195.39.214.0/23 maxlen: 24
185.103.240.0/22 maxlen: 24
185.103.156.0/22 maxlen: 24
93.187.220.0/22 maxlen: 24
185.56.144.0/22 maxlen: 24
109.72.80.0/20 maxlen: 24
185.159.240.0/22 maxlen: 24
2.57.56.0/22 maxlen: 24
185.66.248.0/22 maxlen: 24
92.63.168.0/21 maxlen: 24
62.221.250.0/24 maxlen: 24
62.221.248.0/21 maxlen: 24
31.186.168.0/21 maxlen: 24
185.37.68.0/22 maxlen: 24
185.182.56.0/22 maxlen: 24
185.224.88.0/22 maxlen: 24
185.109.216.0/22 maxlen: 24
93.180.64.0/21 maxlen: 24
185.107.212.0/22 maxlen: 24
185.107.224.0/23 maxlen: 24
185.187.12.0/22 maxlen: 24
31.25.96.0/21 maxlen: 24
185.87.184.0/22 maxlen: 24
79.99.128.0/21 maxlen: 24
185.175.200.0/22 maxlen: 24
185.233.28.0/22 maxlen: 24
5.157.80.0/21 maxlen: 24
185.27.172.0/22 maxlen: 24
185.95.28.0/22 maxlen: 24
195.238.74.0/23 maxlen: 24
185.223.32.0/22 maxlen: 24
109.106.160.0/19 maxlen: 24
185.94.228.0/22 maxlen: 24
185.94.228.0/24 maxlen: 24
2a05:1500:500::/40 maxlen: 40
2a01:b942::/32 maxlen: 48
2a03:3060::/29 maxlen: 48
2a0b:7280::/29 maxlen: 48
2a04:6bc0::/36 maxlen: 48
2a0b:8f80::/48 maxlen: 48
2a02:40c1::/32 maxlen: 48
2a05:1500::/29 maxlen: 48
2a01:b944::/32 maxlen: 48
2a00:f10::/29 maxlen: 48
2a0c:84c0::/29 maxlen: 48
2a01:b940::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 10 Mar 2023 08:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c5:a8:18:dc:10:5e:df:db:4a:ff:92:67:7c:9f:07:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Mar 9 09:16:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d7c26a1ea6d5fc94d58979bffe1d6d37291012d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:47:8e:7a:05:56:5b:ed:2d:a2:19:7b:a5:70:
6a:c5:ae:a6:b6:d9:bd:4a:83:ea:97:1e:fa:e0:91:
dd:e4:ff:1d:9e:61:5e:62:15:fe:cb:b0:b9:3f:14:
50:6a:b8:55:d8:e5:7a:f9:0e:27:1b:6f:98:ce:ba:
89:65:5e:ec:55:6f:13:5d:00:7c:90:9d:5c:5e:2c:
68:5a:d3:ee:cf:7b:1c:6a:8d:1f:d8:41:55:81:c8:
1d:d6:a7:8e:5b:9e:e0:58:db:36:95:3d:bb:fc:d0:
ea:fd:16:51:6f:3c:13:d0:45:c7:58:bf:20:a1:69:
fb:5e:50:8c:e6:55:73:cd:db:a7:b7:b3:a8:18:06:
1c:bc:db:7c:18:ef:7d:cb:d3:47:bf:53:0d:8f:4c:
b2:ef:95:86:1a:50:c1:ff:2c:e1:6d:3a:84:35:95:
3a:b7:8e:11:25:bf:25:96:4b:70:92:26:81:bc:67:
e1:e0:7a:e0:57:a1:fe:e8:1a:2a:81:b2:80:94:b5:
2c:cd:75:c8:8e:3f:65:ce:f6:e6:d8:17:d7:64:c4:
7d:39:03:a8:d9:e3:59:aa:fe:5f:66:3a:d3:e3:ad:
a8:4a:34:66:b3:d4:2c:a0:fc:3c:03:6f:e2:3e:91:
5f:8e:a6:ef:67:16:36:d3:0e:f2:0c:2f:13:99:23:
0f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:7C:26:A1:EA:6D:5F:C9:4D:58:97:9B:FF:E1:D6:D3:72:91:01:2D
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/fXwmoeptX8lNWJeb_-HW03KRAS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.56.0/22
5.157.80.0/21
31.25.96.0/21
31.186.168.0/21
62.221.248.0/21
79.99.128.0/21
92.63.168.0/21
93.180.64.0/21
93.187.220.0/22
109.72.80.0/20
109.106.160.0/19
185.27.172.0/22
185.37.68.0/22
185.56.144.0/22
185.66.248.0/22
185.87.184.0/22
185.94.228.0/22
185.95.28.0/22
185.103.156.0/22
185.103.240.0/22
185.107.212.0/22
185.107.224.0/23
185.109.216.0/22
185.159.240.0/22
185.175.200.0/22
185.182.56.0/22
185.187.12.0/22
185.223.32.0/22
185.224.88.0/22
185.233.28.0/22
195.39.204.0/23
195.39.214.0/23
195.238.74.0/23
IPv6:
2a00:f10::/29
2a01:b940::/29
2a02:40c1::/32
2a03:3060::/29
2a04:6bc0::/36
2a05:1500::/29
2a0b:7280::/29
2a0b:8f80::/48
2a0c:84c0::/29
Signature Algorithm: sha256WithRSAEncryption
39:84:4d:c4:49:21:3e:db:13:83:9a:b7:c1:67:a3:3b:59:2f:
05:1e:8d:be:29:51:20:b3:58:d8:01:38:cd:d9:95:b2:f2:eb:
d9:6b:5d:10:3e:72:79:f7:68:2d:8d:a6:70:c9:4b:8b:1b:be:
ea:9d:58:00:3c:bd:da:5f:0d:50:18:3f:bb:97:7f:86:a1:9c:
15:a9:34:32:f6:01:d0:73:59:44:7d:cc:51:6f:61:b2:da:15:
a8:a8:f6:8e:12:1d:cf:f3:0c:39:54:f1:f2:6b:57:9a:94:3b:
c5:6f:f0:03:dd:b6:55:91:7a:ed:18:ed:5b:6e:a7:20:de:c6:
0d:aa:9e:d9:e1:41:b8:65:29:03:20:9f:53:cc:bc:43:39:5a:
66:4f:62:79:2b:00:79:d9:75:03:e6:2c:22:b3:25:cd:86:cc:
f6:69:1e:ff:92:b6:ae:77:0e:83:a2:75:8f:79:c8:90:eb:e5:
c8:3f:96:e8:5c:88:f6:15:e4:0d:5e:3b:aa:be:60:91:f7:6d:
80:a5:e4:e2:a4:a3:9d:0e:c5:ae:b0:a6:9f:92:f6:62:38:dd:
36:66:d4:a0:17:ea:b1:5a:a5:6f:17:6f:e9:5c:c7:54:44:1d:
b5:a0:5f:67:11:78:ab:b1:14:70:1c:05:c4:ff:8d:3a:d8:22:
44:26:d9:c0
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYbFqBjcEF7f20r/kmd8nwd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMwMzA5MDkxNjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDdjMjZhMWVhNmQ1ZmM5NGQ1ODk3OWJmZmUxZDZkMzcyOTEwMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUeOegVWW+0tohl7pXBqxa6mttm9
SoPqlx764JHd5P8dnmFeYhX+y7C5PxRQarhV2OV6+Q4nG2+YzrqJZV7sVW8TXQB8
kJ1cXixoWtPuz3scao0f2EFVgcgd1qeOW57gWNs2lT27/NDq/RZRbzwT0EXHWL8g
oWn7XlCM5lVzzdunt7OoGAYcvNt8GO99y9NHv1MNj0yy75WGGlDB/yzhbTqENZU6
t44RJb8llktwkiaBvGfh4HrgV6H+6BoqgbKAlLUszXXIjj9lzvbm2BfXZMR9OQOo
2eNZqv5fZjrT462oSjRms9QsoPw8A2/iPpFfjqbvZxY20w7yDC8TmSMP/QIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFH18JqHqbV/JTViXm//h1tNykQEtMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvZlh3bW9lcHRYOGxOV0plYl8tSFcwM0tSQVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCBzQQCAAEwgcYD
BAICOTgDBAMFnVADBAMfGWADBAMfuqgDBAM+3fgDBANPY4ADBANcP6gDBANdtEAD
BAJdu9wDBARtSFADBAVtaqADBAK5G6wDBAK5JUQDBAK5OJADBAK5QvgDBAK5V7gD
BAK5XuQDBAK5XxwDBAK5Z5wDBAK5Z/ADBAK5a9QDBAG5a+ADBAK5bdgDBAK5n/AD
BAK5r8gDBAK5tjgDBAK5uwwDBAK53yADBAK54FgDBAK56RwDBAHDJ8wDBAHDJ9YD
BAHD7kowSAQCAAIwQgMFAyoADxADBQMqAblAAwUAKgJAwQMFAyoDMGADBgQqBGvA
AAMFAyoFFQADBQMqC3KAAwcAKguPgAAAAwUDKgyEwDANBgkqhkiG9w0BAQsFAAOC
AQEAOYRNxEkhPtsTg5q3wWejO1kvBR6NvilRILNY2AE4zdmVsvLr2WtdED5yefdo
LY2mcMlLixu+6p1YADy92l8NUBg/u5d/hqGcFak0MvYB0HNZRH3MUW9hstoVqKj2
jhIdz/MMOVTx8mtXmpQ7xW/wA922VZF67RjtW26nIN7GDaqe2eFBuGUpAyCfU8y8
QzlaZk9ieSsAedl1A+YsIrMlzYbM9mke/5K2rncOg6J1j3nIkOvlyD+W6FyI9hXk
DV47qr5gkfdtgKXk4qSjnQ7FrrCmn5L2YjjdNmbUoBfqsVqlbxdv6VzHVEQdtaBf
ZxF4q7EUcBwFxP+NOtgiRCbZwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:15 2024 by rpki-client on console-fra.rpki-client.org