Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/5FRxl0VaZpWNDdIQNPSGINM_nf8.roa
File: 5FRxl0VaZpWNDdIQNPSGINM_nf8.roa (raw, json)
Hash identifier: V1/H3uS74B/vDEPROt3SL0q5cDKczXk//Ql43tERh5E=
Subject key identifier: E4:54:71:97:45:5A:66:95:8D:0D:D2:10:34:F4:86:20:D3:3F:9D:FF
Certificate issuer: /CN=bd7d8178cec5cd376548a9049117f469c0a7431c
Certificate serial: 019424B3F54A13BA512EAC852C5C21FFF613
Authority key identifier: BD:7D:81:78:CE:C5:CD:37:65:48:A9:04:91:17:F4:69:C0:A7:43:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vX2BeM7FzTdlSKkEkRf0acCnQxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/5FRxl0VaZpWNDdIQNPSGINM_nf8.roa
Signing time: Thu 02 Jan 2025 01:49:20 +0000
ROA not before: Thu 02 Jan 2025 01:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43937
IP address blocks: 78.24.48.0/24 maxlen: 24
78.24.49.0/24 maxlen: 24
78.24.50.0/24 maxlen: 24
78.24.51.0/24 maxlen: 24
78.24.52.0/24 maxlen: 24
78.24.53.0/24 maxlen: 24
78.24.54.0/24 maxlen: 24
78.24.55.0/24 maxlen: 24
82.116.128.0/24 maxlen: 24
82.116.129.0/24 maxlen: 24
82.116.130.0/24 maxlen: 24
82.116.131.0/24 maxlen: 24
82.116.132.0/24 maxlen: 24
82.116.133.0/24 maxlen: 24
82.116.134.0/24 maxlen: 24
82.116.135.0/24 maxlen: 24
82.116.136.0/24 maxlen: 24
82.116.137.0/24 maxlen: 24
82.116.138.0/24 maxlen: 24
82.116.139.0/24 maxlen: 24
82.116.140.0/24 maxlen: 24
82.116.141.0/24 maxlen: 24
82.116.142.0/24 maxlen: 24
82.116.143.0/24 maxlen: 24
82.116.144.0/24 maxlen: 24
82.116.145.0/24 maxlen: 24
82.116.146.0/24 maxlen: 24
82.116.147.0/24 maxlen: 24
82.116.148.0/24 maxlen: 24
82.116.149.0/24 maxlen: 24
82.116.150.0/24 maxlen: 24
82.116.151.0/24 maxlen: 24
82.116.152.0/24 maxlen: 24
82.116.153.0/24 maxlen: 24
82.116.154.0/24 maxlen: 24
82.116.155.0/24 maxlen: 24
82.116.156.0/24 maxlen: 24
82.116.157.0/24 maxlen: 24
82.116.158.0/24 maxlen: 24
82.116.159.0/24 maxlen: 24
94.190.144.0/24 maxlen: 24
94.190.145.0/24 maxlen: 24
94.190.146.0/24 maxlen: 24
94.190.147.0/24 maxlen: 24
94.190.148.0/24 maxlen: 24
94.190.149.0/24 maxlen: 24
94.190.150.0/24 maxlen: 24
94.190.151.0/24 maxlen: 24
94.190.152.0/24 maxlen: 24
94.190.153.0/24 maxlen: 24
94.190.154.0/24 maxlen: 24
94.190.155.0/24 maxlen: 24
94.190.156.0/24 maxlen: 24
94.190.157.0/24 maxlen: 24
94.190.158.0/24 maxlen: 24
94.190.159.0/24 maxlen: 24
103.245.116.0/24 maxlen: 24
103.245.117.0/24 maxlen: 24
103.245.118.0/24 maxlen: 24
103.245.119.0/24 maxlen: 24
178.255.8.0/24 maxlen: 24
178.255.9.0/24 maxlen: 24
178.255.10.0/24 maxlen: 24
178.255.11.0/24 maxlen: 24
178.255.12.0/24 maxlen: 24
178.255.13.0/24 maxlen: 24
178.255.14.0/24 maxlen: 24
178.255.15.0/24 maxlen: 24
185.6.176.0/24 maxlen: 24
185.6.177.0/24 maxlen: 24
185.6.178.0/24 maxlen: 24
185.6.179.0/24 maxlen: 24
185.249.222.0/24 maxlen: 24
185.249.223.0/24 maxlen: 24
213.187.224.0/24 maxlen: 24
213.187.225.0/24 maxlen: 24
213.187.226.0/24 maxlen: 24
213.187.227.0/24 maxlen: 24
213.187.228.0/22 maxlen: 24
213.187.228.0/24 maxlen: 24
213.187.229.0/24 maxlen: 24
213.187.230.0/24 maxlen: 24
213.187.231.0/24 maxlen: 24
213.187.232.0/24 maxlen: 24
213.187.233.0/24 maxlen: 24
213.187.235.0/24 maxlen: 24
213.187.236.0/24 maxlen: 24
213.187.237.0/24 maxlen: 24
213.187.238.0/24 maxlen: 24
213.187.239.0/24 maxlen: 24
213.187.248.0/21 maxlen: 21
213.187.248.0/24 maxlen: 24
213.187.249.0/24 maxlen: 24
213.187.250.0/24 maxlen: 24
213.187.251.0/24 maxlen: 24
213.187.252.0/23 maxlen: 23
213.187.252.0/24 maxlen: 24
213.187.253.0/24 maxlen: 24
213.187.254.0/24 maxlen: 24
213.187.255.0/24 maxlen: 24
2a02:7980::/32 maxlen: 32
2a02:7980:105::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Jan 2025 06:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:f5:4a:13:ba:51:2e:ac:85:2c:5c:21:ff:f6:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd7d8178cec5cd376548a9049117f469c0a7431c
Validity
Not Before: Jan 2 01:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4547197455a66958d0dd21034f48620d33f9dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c0:c7:45:a5:78:a5:b6:c1:99:32:c6:d4:be:
9d:e4:f2:33:5e:9b:dc:9c:88:e3:e1:65:56:c7:9d:
91:b1:cc:89:8c:22:d9:49:b6:19:60:70:1f:1d:ac:
11:4b:d7:e0:08:ee:de:22:d6:d3:c7:ee:01:98:03:
0f:c5:33:8b:6c:e0:17:ed:d9:68:99:09:8e:a4:7a:
39:48:1e:0d:65:ee:83:a2:91:d7:0b:96:47:0a:fa:
02:5e:aa:d6:8d:d4:bc:58:e3:39:c8:3a:aa:74:8f:
09:72:bb:c3:47:30:c5:cb:d6:1c:08:dd:01:20:4a:
39:7a:a6:17:b8:a2:25:f7:35:73:c2:f3:97:cb:e2:
e0:eb:04:e9:9d:dc:76:69:d9:5e:fe:68:65:a7:26:
c6:35:9a:c8:cc:17:82:36:a8:ea:4e:42:27:f7:6f:
28:07:42:b0:e6:39:fb:0c:7f:86:9d:f4:a0:ec:db:
b5:50:4d:51:7c:bc:ac:29:e1:1c:32:df:db:31:74:
a6:7b:75:ab:3f:02:67:8f:43:06:b0:5f:0f:b0:9d:
f7:a7:6f:b1:f5:3e:a4:b4:55:f5:a4:cd:3e:e7:f3:
dc:81:7a:a1:d7:6b:58:18:6f:dc:48:c4:d1:71:27:
93:8d:51:bb:41:88:40:5f:c0:97:56:4a:ac:d5:bc:
db:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:54:71:97:45:5A:66:95:8D:0D:D2:10:34:F4:86:20:D3:3F:9D:FF
X509v3 Authority Key Identifier:
keyid:BD:7D:81:78:CE:C5:CD:37:65:48:A9:04:91:17:F4:69:C0:A7:43:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vX2BeM7FzTdlSKkEkRf0acCnQxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/5FRxl0VaZpWNDdIQNPSGINM_nf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f317b3-0668-4e04-9b6d-615aca51e2f6/1/vX2BeM7FzTdlSKkEkRf0acCnQxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.48.0/21
82.116.128.0/19
94.190.144.0/20
103.245.116.0/22
178.255.8.0/21
185.6.176.0/22
185.249.222.0/23
213.187.224.0-213.187.233.255
213.187.235.0-213.187.239.255
213.187.248.0/21
IPv6:
2a02:7980::/32
Signature Algorithm: sha256WithRSAEncryption
49:c9:f2:19:c7:64:57:b4:a6:be:ed:11:bc:83:59:74:c5:3b:
d6:8d:b8:5d:21:ce:32:bf:0c:0a:3d:93:48:87:b7:77:c8:bc:
bf:85:5b:f2:64:c3:f4:ef:4e:02:f1:84:ea:2a:6b:13:87:81:
c8:ea:d9:f3:2d:7a:0d:bb:dd:0b:d3:d6:48:02:0a:f3:fb:37:
14:dc:34:be:76:27:b9:0f:d4:a1:a3:9b:6d:85:f8:06:03:39:
df:a2:41:74:5f:cd:44:44:3c:38:47:ab:69:f7:1c:ee:b8:4b:
94:95:f2:98:8d:6c:5c:80:2d:26:ac:bc:e7:88:cb:fe:e2:6a:
67:af:a1:40:32:40:81:9c:e0:90:58:de:8f:6a:5d:a4:b5:58:
06:f3:75:32:d8:d3:c0:b8:39:cf:13:7d:2a:f8:58:45:c7:7c:
4e:63:50:53:94:ab:75:2c:a6:94:d4:49:5f:c3:15:33:b9:86:
a4:70:bf:2b:b9:2f:ec:a9:93:9a:37:a4:7b:c2:16:39:c5:a8:
db:90:3e:75:9e:04:cb:88:7a:17:2f:51:e1:a9:4b:58:5e:21:
dd:d9:1d:75:c9:54:bc:0e:c4:6a:2f:68:09:1c:25:ab:c7:ee:
71:2c:03:4d:d9:3c:c6:26:33:03:d1:5f:9c:8b:61:bd:01:18:
8c:f6:1f:73
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZQks/VKE7pRLqyFLFwh//YTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkN2Q4MTc4Y2VjNWNkMzc2NTQ4YTkwNDkxMTdmNDY5YzBh
NzQzMWMwHhcNMjUwMTAyMDE0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDU0NzE5NzQ1NWE2Njk1OGQwZGQyMTAzNGY0ODYyMGQzM2Y5ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucDHRaV4pbbBmTLG1L6d5PIzXpvc
nIjj4WVWx52RscyJjCLZSbYZYHAfHawRS9fgCO7eItbTx+4BmAMPxTOLbOAX7dlo
mQmOpHo5SB4NZe6DopHXC5ZHCvoCXqrWjdS8WOM5yDqqdI8JcrvDRzDFy9YcCN0B
IEo5eqYXuKIl9zVzwvOXy+Lg6wTpndx2adle/mhlpybGNZrIzBeCNqjqTkIn928o
B0Kw5jn7DH+GnfSg7Nu1UE1RfLysKeEcMt/bMXSme3WrPwJnj0MGsF8PsJ33p2+x
9T6ktFX1pM0+5/PcgXqh12tYGG/cSMTRcSeTjVG7QYhAX8CXVkqs1bzbzQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFORUcZdFWmaVjQ3SEDT0hiDTP53/MB8GA1UdIwQY
MBaAFL19gXjOxc03ZUipBJEX9GnAp0McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlgyQmVNN0Z6VGRsU0trRWtSZjBhY0NuUXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mMzE3YjMtMDY2OC00ZTA0LTliNmQt
NjE1YWNhNTFlMmY2LzEvNUZSeGwwVmFacFdORGRJUU5QU0dJTk1fbmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mMzE3YjMtMDY2OC00ZTA0LTliNmQtNjE1YWNhNTFlMmY2
LzEvdlgyQmVNN0Z6VGRsU0trRWtSZjBhY0NuUXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQDThgwAwQF
UnSAAwQEXr6QAwQCZ/V0AwQDsv8IAwQCuQawAwQBufneMAwDBAXVu+ADBAHVu+gw
DAMEANW76wMEBNW74AMEA9W7+DANBAIAAjAHAwUAKgJ5gDANBgkqhkiG9w0BAQsF
AAOCAQEAScnyGcdkV7Smvu0RvINZdMU71o24XSHOMr8MCj2TSIe3d8i8v4Vb8mTD
9O9OAvGE6iprE4eByOrZ8y16DbvdC9PWSAIK8/s3FNw0vnYnuQ/UoaObbYX4BgM5
36JBdF/NREQ8OEerafcc7rhLlJXymI1sXIAtJqy854jL/uJqZ6+hQDJAgZzgkFje
j2pdpLVYBvN1MtjTwLg5zxN9KvhYRcd8TmNQU5SrdSymlNRJX8MVM7mGpHC/K7kv
7KmTmjeke8IWOcWo25A+dZ4Ey4h6Fy9R4alLWF4h3dkddclUvA7Eai9oCRwlq8fu
cSwDTdk8xiYzA9FfnIthvQEYjPYfcw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:22:31 2025 by rpki-client