Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/fd1oPwagvK5bKR1BCmm_FtQZWuE.roa
File: fd1oPwagvK5bKR1BCmm_FtQZWuE.roa (raw, json)
Hash identifier: 0BPYvoHCQg8UQxrcdj2n6IpymEzDe/MRRFigRy9IviU=
Subject key identifier: 7D:DD:68:3F:06:A0:BC:AE:5B:29:1D:41:0A:69:BF:16:D4:19:5A:E1
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 018C0A8FBED328E2A2FAA27A84E4D59D4381
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/fd1oPwagvK5bKR1BCmm_FtQZWuE.roa
Signing time: Sun 26 Nov 2023 07:37:21 +0000
ROA not before: Sun 26 Nov 2023 07:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48011
IP address blocks: 87.236.161.0/24 maxlen: 24
103.130.145.0/24 maxlen: 24
5.172.177.0/24 maxlen: 24
103.130.147.0/24 maxlen: 24
45.93.168.0/22 maxlen: 24
213.217.31.0/24 maxlen: 24
77.87.122.0/24 maxlen: 24
193.163.72.0/24 maxlen: 24
185.217.143.0/24 maxlen: 24
213.232.203.0/24 maxlen: 24
45.252.180.0/24 maxlen: 24
45.252.182.0/23 maxlen: 23
45.252.182.0/24 maxlen: 24
45.252.183.0/24 maxlen: 24
45.252.180.0/23 maxlen: 23
45.252.181.0/24 maxlen: 24
185.227.139.0/24 maxlen: 24
185.227.137.0/24 maxlen: 24
185.227.138.0/24 maxlen: 24
185.227.136.0/24 maxlen: 24
91.247.188.0/24 maxlen: 24
45.89.236.0/22 maxlen: 24
185.211.79.0/24 maxlen: 24
62.204.58.0/24 maxlen: 24
185.182.105.0/24 maxlen: 24
2a0c:6600:6::/48 maxlen: 48
2a0c:6600:1::/48 maxlen: 48
2a0c:6600:3::/48 maxlen: 48
2a0c:6600:8::/48 maxlen: 48
2a0c:6600:5::/48 maxlen: 48
2a0c:6600:2000::/48 maxlen: 48
2a0c:6600:3000::/48 maxlen: 48
2a0c:6600:4000::/48 maxlen: 48
2a0c:6600::/48 maxlen: 48
2a0c:6600:6600::/48 maxlen: 48
2a0c:6600:6000::/48 maxlen: 48
2a0c:6600:1000::/48 maxlen: 48
2a0c:6600:9::/48 maxlen: 48
2a0c:6600:4::/48 maxlen: 48
2a0c:6600:7::/48 maxlen: 48
2a0c:6600:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0a:8f:be:d3:28:e2:a2:fa:a2:7a:84:e4:d5:9d:43:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Nov 26 07:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ddd683f06a0bcae5b291d410a69bf16d4195ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f2:b2:dd:99:6a:07:52:08:5d:ea:01:32:b6:
6c:22:a2:14:70:02:91:c7:57:da:23:bd:9c:3a:75:
0f:ab:cf:6a:50:e7:ad:9b:49:ba:33:1f:2d:de:d5:
67:6a:83:16:4c:3a:8c:23:6e:1c:51:53:c6:9f:a6:
f6:a2:6d:0b:48:8d:b4:a2:6c:1b:80:b8:33:ab:c7:
ca:e9:f1:47:3e:37:05:b2:08:14:cf:b2:66:c3:46:
6e:8c:97:4b:d7:e6:9b:c3:78:0b:3c:5e:2d:95:d4:
c9:97:07:10:ba:34:98:9a:ce:9a:fe:ff:30:51:d1:
10:7e:72:58:8f:62:c4:71:6d:82:e5:76:9f:ef:d4:
fe:da:7e:b9:ea:b0:3f:9b:90:de:a9:24:cf:01:0e:
27:6e:c8:38:27:10:b7:5f:7f:9a:9e:06:73:b5:11:
55:f2:ac:c1:57:94:75:eb:52:d2:23:3a:2c:da:c5:
3e:f3:96:8a:5a:78:53:b9:eb:a9:ed:88:51:9f:09:
a9:f9:4a:b8:57:11:42:80:1d:53:7c:d6:a4:77:09:
e8:97:4c:5b:7b:9b:e4:a2:55:16:7d:51:ea:f8:d3:
62:a8:03:ab:8c:80:00:87:62:45:c9:78:ed:73:e3:
b3:b0:2c:af:96:37:60:69:f8:22:a2:6f:d1:1f:dc:
35:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:DD:68:3F:06:A0:BC:AE:5B:29:1D:41:0A:69:BF:16:D4:19:5A:E1
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/fd1oPwagvK5bKR1BCmm_FtQZWuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.177.0/24
45.89.236.0/22
45.93.168.0/22
45.252.180.0/22
62.204.58.0/24
77.87.122.0/24
87.236.161.0/24
91.247.188.0/24
103.130.145.0/24
103.130.147.0/24
185.182.105.0/24
185.211.79.0/24
185.217.143.0/24
185.227.136.0/22
193.163.72.0/24
213.217.31.0/24
213.232.203.0/24
IPv6:
2a0c:6600::-2a0c:6600:9:ffff:ffff:ffff:ffff:ffff
2a0c:6600:1000::/48
2a0c:6600:2000::/48
2a0c:6600:3000::/48
2a0c:6600:4000::/48
2a0c:6600:6000::/48
2a0c:6600:6600::/48
Signature Algorithm: sha256WithRSAEncryption
a9:54:92:0c:a5:c1:f3:58:93:62:e1:70:97:50:60:be:e2:a1:
ca:5a:a4:f0:e1:43:b6:a3:4f:98:e5:51:33:04:03:24:6a:f4:
8a:c6:a2:4a:b4:cc:49:00:2b:1a:ee:b7:46:0b:d2:37:56:3c:
ee:5e:aa:e9:fd:c6:13:3f:ea:d3:8b:ba:0e:42:22:7a:62:41:
1e:5b:5e:9c:7e:f1:8f:35:61:a6:01:94:60:ea:8d:60:c4:50:
68:ee:37:2d:b8:b3:74:45:c4:22:75:ae:07:f4:f9:3b:10:b9:
88:42:3b:30:62:31:35:8d:cc:92:31:e3:4b:1c:8d:2f:6c:6c:
be:01:85:1f:ed:bc:d4:75:80:e8:2a:8b:99:5e:18:a5:84:cf:
fb:4f:e3:3b:e6:1d:60:20:b7:2e:eb:41:62:18:21:76:ad:16:
06:d4:7f:1b:ff:73:59:10:b0:ca:26:f1:07:47:ec:52:f2:6a:
03:c3:b5:4c:4c:c6:62:d3:6b:1e:45:2a:c7:d5:8a:f8:bc:24:
85:f8:6f:c6:35:fd:31:9d:61:0c:34:6c:d3:e7:ff:a0:30:0a:
ff:9d:9f:29:1b:0c:0e:d4:8c:fa:0c:ed:ad:94:c8:36:d9:b9:
94:a8:ed:9b:81:25:e3:a9:10:fa:ee:05:c3:d9:9a:26:31:cc:
29:4e:0c:e5
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYwKj77TKOKi+qJ6hOTVnUOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjMxMTI2MDczNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGRkNjgzZjA2YTBiY2FlNWIyOTFkNDEwYTY5YmYxNmQ0MTk1YWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPKy3ZlqB1IIXeoBMrZsIqIUcAKR
x1faI72cOnUPq89qUOetm0m6Mx8t3tVnaoMWTDqMI24cUVPGn6b2om0LSI20omwb
gLgzq8fK6fFHPjcFsggUz7Jmw0ZujJdL1+abw3gLPF4tldTJlwcQujSYms6a/v8w
UdEQfnJYj2LEcW2C5Xaf79T+2n656rA/m5DeqSTPAQ4nbsg4JxC3X3+angZztRFV
8qzBV5R161LSIzos2sU+85aKWnhTueup7YhRnwmp+Uq4VxFCgB1TfNakdwnol0xb
e5vkolUWfVHq+NNiqAOrjIAAh2JFyXjtc+OzsCyvljdgafgiom/RH9w1DwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFH3daD8GoLyuWykdQQppvxbUGVrhMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvZmQxb1B3YWd2SzViS1IxQkNtbV9GdFFaV3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTBsBAIAATBmAwQABayx
AwQCLVnsAwQCLV2oAwQCLfy0AwQAPsw6AwQATVd6AwQAV+yhAwQAW/e8AwQAZ4KR
AwQAZ4KTAwQAubZpAwQAudNPAwQAudmPAwQCueOIAwQAwaNIAwQA1dkfAwQA1ejL
ME0EAgACMEcwDwMEASoMZgMHASoMZgAACAMHACoMZgAQAAMHACoMZgAgAAMHACoM
ZgAwAAMHACoMZgBAAAMHACoMZgBgAAMHACoMZgBmADANBgkqhkiG9w0BAQsFAAOC
AQEAqVSSDKXB81iTYuFwl1BgvuKhylqk8OFDtqNPmOVRMwQDJGr0isaiSrTMSQAr
Gu63RgvSN1Y87l6q6f3GEz/q04u6DkIiemJBHltenH7xjzVhpgGUYOqNYMRQaO43
LbizdEXEInWuB/T5OxC5iEI7MGIxNY3MkjHjSxyNL2xsvgGFH+281HWA6CqLmV4Y
pYTP+0/jO+YdYCC3LutBYhghdq0WBtR/G/9zWRCwyibxB0fsUvJqA8O1TEzGYtNr
HkUqx9WK+LwkhfhvxjX9MZ1hDDRs0+f/oDAK/52fKRsMDtSM+gztrZTINtm5lKjt
m4El46kQ+u4Fw9maJjHMKU4M5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:16 2024 by rpki-client on console-fra.rpki-client.org