Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/f3gs9985NZKdFHHm1BOM_HTr19c.roa
File: f3gs9985NZKdFHHm1BOM_HTr19c.roa (raw, json)
Hash identifier: 54iNgvq7MQMCYPcAcga+N+H29TFnE9xcK8qfeEkl2GI=
Subject key identifier: 7F:78:2C:F7:DF:39:35:92:9D:14:71:E6:D4:13:8C:FC:74:EB:D7:D7
Certificate issuer: /CN=610f8f99fca69aa73f88a531db46d228a7e2c3d3
Certificate serial: 018CC5DC94E5CE85115883140452364015CE
Authority key identifier: 61:0F:8F:99:FC:A6:9A:A7:3F:88:A5:31:DB:46:D2:28:A7:E2:C3:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YQ-Pmfymmqc_iKUx20bSKKfiw9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/f3gs9985NZKdFHHm1BOM_HTr19c.roa
Signing time: Mon 01 Jan 2024 16:30:16 +0000
ROA not before: Mon 01 Jan 2024 16:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60517
IP address blocks: 185.118.245.0/24 maxlen: 24
185.118.244.0/24 maxlen: 24
185.118.244.0/22 maxlen: 24
185.118.246.0/24 maxlen: 24
185.118.247.0/24 maxlen: 24
185.51.128.0/24 maxlen: 24
185.51.128.0/22 maxlen: 24
185.51.130.0/24 maxlen: 24
185.51.129.0/24 maxlen: 24
185.51.131.0/24 maxlen: 24
185.36.95.0/24 maxlen: 24
185.36.93.0/24 maxlen: 24
185.36.92.0/24 maxlen: 24
185.36.92.0/22 maxlen: 24
185.36.94.0/24 maxlen: 24
185.131.182.0/24 maxlen: 24
185.131.181.0/24 maxlen: 24
185.131.183.0/24 maxlen: 24
185.131.180.0/22 maxlen: 24
185.131.180.0/24 maxlen: 24
185.175.212.0/22 maxlen: 24
185.91.172.0/24 maxlen: 24
185.91.172.0/22 maxlen: 24
178.157.98.0/24 maxlen: 24
178.157.97.0/24 maxlen: 24
185.91.175.0/24 maxlen: 24
185.91.174.0/24 maxlen: 24
178.157.96.0/24 maxlen: 24
178.157.96.0/22 maxlen: 24
185.91.173.0/24 maxlen: 24
178.157.99.0/24 maxlen: 24
185.27.123.0/24 maxlen: 24
185.27.122.0/24 maxlen: 24
185.27.121.0/24 maxlen: 24
185.27.120.0/22 maxlen: 24
185.27.120.0/24 maxlen: 24
2a06:96c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:94:e5:ce:85:11:58:83:14:04:52:36:40:15:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=610f8f99fca69aa73f88a531db46d228a7e2c3d3
Validity
Not Before: Jan 1 16:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f782cf7df3935929d1471e6d4138cfc74ebd7d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ef:6a:83:9d:05:4d:73:41:48:ae:e6:2f:d0:
c8:dd:73:c1:a8:e2:8a:c8:63:dd:92:d2:be:92:a9:
5f:cc:5b:21:0d:12:50:d1:98:8d:1f:d5:45:6b:72:
e9:bd:14:c2:73:5e:1a:ea:de:ba:10:02:f5:c2:7b:
71:b2:a8:f9:68:65:26:0f:a7:ee:1a:9d:93:7f:29:
9f:66:69:80:b6:26:ac:39:10:b2:27:e0:27:42:b1:
ea:7a:bd:98:89:60:2b:bc:e2:9b:91:03:09:1b:8c:
0f:a9:ed:61:e3:fd:66:76:c5:9a:c1:69:5a:d0:b4:
ea:9a:75:cd:ba:b5:4b:c0:05:e8:f9:07:9e:af:ce:
08:d9:d7:6f:7a:cf:37:c2:0f:c5:b6:e3:3b:1a:01:
8c:7a:34:e5:8d:39:9b:2e:04:4e:92:da:00:1e:d3:
86:41:b0:13:a7:62:8c:68:5e:62:f7:d0:ef:e0:87:
8f:f7:d1:f6:66:a8:73:62:c6:84:b9:55:d1:43:ce:
13:0e:de:b0:ec:05:91:d0:d7:b3:af:11:9b:89:9e:
63:c9:78:c0:b0:ef:9c:0f:03:ae:5a:2e:24:4f:5d:
02:72:20:81:6b:ef:dd:91:da:a1:96:46:75:c9:0d:
e9:ef:64:78:6f:ab:09:5a:53:07:47:b7:cb:22:41:
17:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:78:2C:F7:DF:39:35:92:9D:14:71:E6:D4:13:8C:FC:74:EB:D7:D7
X509v3 Authority Key Identifier:
keyid:61:0F:8F:99:FC:A6:9A:A7:3F:88:A5:31:DB:46:D2:28:A7:E2:C3:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQ-Pmfymmqc_iKUx20bSKKfiw9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/f3gs9985NZKdFHHm1BOM_HTr19c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/YQ-Pmfymmqc_iKUx20bSKKfiw9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.157.96.0/22
185.27.120.0/22
185.36.92.0/22
185.51.128.0/22
185.91.172.0/22
185.118.244.0/22
185.131.180.0/22
185.175.212.0/22
IPv6:
2a06:96c0::/29
Signature Algorithm: sha256WithRSAEncryption
36:c7:ab:d1:17:4b:87:a0:0b:38:e6:b0:47:c0:99:f7:01:e2:
6a:db:ca:67:b2:3f:97:17:40:54:e6:ab:57:62:32:e3:82:75:
c1:6b:76:f1:dd:59:85:5d:81:b3:4c:1e:3c:58:4f:49:70:d3:
1c:3a:07:64:34:b6:d8:e6:dd:8b:40:65:ad:a9:98:19:02:bf:
c2:11:1e:72:96:8f:66:f8:86:6e:d5:12:45:12:fa:91:07:cb:
78:73:f9:d4:28:00:b1:ec:4e:05:9d:39:06:95:00:fd:03:65:
e7:e4:cd:5a:13:b3:b2:e5:8e:b8:c9:a7:c1:d6:07:d9:8e:38:
ef:17:40:12:0d:2e:6f:22:bb:bb:44:04:9c:b8:9f:b1:2a:f0:
9a:81:3c:3e:17:35:9a:ce:66:e7:e0:b2:6f:36:90:16:36:cf:
cb:09:69:0e:3f:c0:8e:74:9a:4f:ff:07:66:b2:90:aa:97:a5:
50:b3:56:7b:0e:9c:3a:f7:9c:6c:58:87:d0:75:3a:12:6d:07:
c7:09:6a:0b:62:1c:c3:65:8e:42:92:cb:5b:fe:ad:53:1e:3d:
59:cf:70:bc:f8:0c:2a:a5:99:ab:60:a7:b4:93:5b:76:43:dc:
c1:48:b8:8b:3a:66:5a:51:e8:cf:fd:59:b3:dd:40:f2:97:52:
b4:59:d8:33
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzF3JTlzoURWIMUBFI2QBXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMGY4Zjk5ZmNhNjlhYTczZjg4YTUzMWRiNDZkMjI4YTdl
MmMzZDMwHhcNMjQwMTAxMTYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjc4MmNmN2RmMzkzNTkyOWQxNDcxZTZkNDEzOGNmYzc0ZWJkN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAle9qg50FTXNBSK7mL9DI3XPBqOKK
yGPdktK+kqlfzFshDRJQ0ZiNH9VFa3LpvRTCc14a6t66EAL1wntxsqj5aGUmD6fu
Gp2TfymfZmmAtiasORCyJ+AnQrHqer2YiWArvOKbkQMJG4wPqe1h4/1mdsWawWla
0LTqmnXNurVLwAXo+Qeer84I2ddves83wg/FtuM7GgGMejTljTmbLgROktoAHtOG
QbATp2KMaF5i99Dv4IeP99H2ZqhzYsaEuVXRQ84TDt6w7AWR0NezrxGbiZ5jyXjA
sO+cDwOuWi4kT10CciCBa+/dkdqhlkZ1yQ3p72R4b6sJWlMHR7fLIkEX4QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFH94LPffOTWSnRRx5tQTjPx069fXMB8GA1UdIwQY
MBaAFGEPj5n8ppqnP4ilMdtG0iin4sPTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVEtUG1meW1tcWNfaUtVeDIwYlNLS2ZpdzlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kOTQ2ODEtYWJlNi00ZTIzLTliOTgt
NzlhMGE1MjhlMGE0LzEvZjNnczk5ODVOWktkRkhIbTFCT01fSFRyMTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9kOTQ2ODEtYWJlNi00ZTIzLTliOTgtNzlhMGE1MjhlMGE0
LzEvWVEtUG1meW1tcWNfaUtVeDIwYlNLS2ZpdzlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCsp1gAwQC
uRt4AwQCuSRcAwQCuTOAAwQCuVusAwQCuXb0AwQCuYO0AwQCua/UMA0EAgACMAcD
BQMqBpbAMA0GCSqGSIb3DQEBCwUAA4IBAQA2x6vRF0uHoAs45rBHwJn3AeJq28pn
sj+XF0BU5qtXYjLjgnXBa3bx3VmFXYGzTB48WE9JcNMcOgdkNLbY5t2LQGWtqZgZ
Ar/CER5ylo9m+IZu1RJFEvqRB8t4c/nUKACx7E4FnTkGlQD9A2Xn5M1aE7Oy5Y64
yafB1gfZjjjvF0ASDS5vIru7RAScuJ+xKvCagTw+FzWazmbn4LJvNpAWNs/LCWkO
P8COdJpP/wdmspCql6VQs1Z7Dpw695xsWIfQdToSbQfHCWoLYhzDZY5Ckstb/q1T
Hj1Zz3C8+AwqpZmrYKe0k1t2Q9zBSLiLOmZaUejP/Vmz3UDyl1K0Wdgz
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:47:54 2025 by rpki-client