Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/fGFhY2vgDLaCSoWxq6S-Ze3ulUI.roa
File: fGFhY2vgDLaCSoWxq6S-Ze3ulUI.roa (raw, json)
Hash identifier: J/L2JR/TIcGnKH/QO0ll22lS5UO6VzZ1TJI7L05aGYA=
Subject key identifier: 7C:61:61:63:6B:E0:0C:B6:82:4A:85:B1:AB:A4:BE:65:ED:EE:95:42
Certificate issuer: /CN=ffbcae2b290c801d57d09d025a9348e16706f182
Certificate serial: 01864A08FBC8C67E5F99A716BEA56F95D562
Authority key identifier: FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/fGFhY2vgDLaCSoWxq6S-Ze3ulUI.roa
Signing time: Mon 13 Feb 2023 09:09:08 +0000
ROA not before: Mon 13 Feb 2023 09:09:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198537
IP address blocks: 194.53.61.0/24 maxlen: 24
45.159.238.0/24 maxlen: 24
45.159.239.0/24 maxlen: 24
45.159.237.0/24 maxlen: 24
45.159.238.0/23 maxlen: 23
45.159.236.0/24 maxlen: 24
45.159.236.0/23 maxlen: 23
45.159.236.0/22 maxlen: 22
185.146.54.0/23 maxlen: 23
185.146.55.0/24 maxlen: 24
185.146.53.0/24 maxlen: 24
185.146.54.0/24 maxlen: 24
185.146.52.0/24 maxlen: 24
185.146.52.0/22 maxlen: 22
185.146.52.0/23 maxlen: 23
91.236.35.0/24 maxlen: 24
91.236.32.0/22 maxlen: 22
91.236.32.0/23 maxlen: 23
91.236.33.0/24 maxlen: 24
91.236.34.0/24 maxlen: 24
91.236.34.0/23 maxlen: 23
91.236.32.0/24 maxlen: 24
77.83.42.0/24 maxlen: 24
77.83.40.0/23 maxlen: 23
77.83.43.0/24 maxlen: 24
77.83.40.0/22 maxlen: 22
77.83.40.0/24 maxlen: 24
77.83.42.0/23 maxlen: 23
77.83.41.0/24 maxlen: 24
37.221.102.0/23 maxlen: 23
37.221.102.0/24 maxlen: 24
37.221.103.0/24 maxlen: 24
37.221.100.0/24 maxlen: 24
37.221.101.0/24 maxlen: 24
37.221.100.0/23 maxlen: 23
37.221.100.0/22 maxlen: 22
194.53.1.0/24 maxlen: 24
194.53.2.0/24 maxlen: 24
2a07:4bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4a:08:fb:c8:c6:7e:5f:99:a7:16:be:a5:6f:95:d5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffbcae2b290c801d57d09d025a9348e16706f182
Validity
Not Before: Feb 13 09:09:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c6161636be00cb6824a85b1aba4be65edee9542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c8:6a:7e:94:1e:10:31:60:10:31:68:06:67:
20:f6:6c:10:6f:3b:01:b5:c4:61:4a:81:b2:43:f7:
d7:52:35:b2:5e:88:49:9e:08:98:df:d4:d2:0f:b4:
07:4c:7a:ba:9c:27:36:1e:91:7d:c3:3a:2e:95:0e:
cf:86:f6:47:0a:65:e1:96:85:e5:39:20:0b:70:e9:
2b:ec:38:9e:ba:2e:d7:7f:df:6e:42:a3:d6:da:a1:
8f:87:e3:83:ac:9c:7a:3e:0d:10:95:67:cb:4c:59:
ef:75:2a:ee:91:f4:c7:e2:e7:be:a7:62:7b:73:b4:
8f:cb:f3:42:a5:20:70:87:3e:ea:04:06:32:13:ba:
47:85:de:7c:3e:32:5b:6f:f0:5b:49:fb:d0:94:e3:
29:15:d4:18:6f:5e:b9:4b:de:77:e9:a3:05:4f:78:
59:7d:86:88:bc:26:26:1d:cb:22:8c:50:41:34:c7:
bc:21:b1:c1:51:31:a2:24:5e:3a:84:71:1c:dd:e7:
f1:b0:70:a7:29:e0:26:7e:7b:e8:3a:37:be:18:7a:
7a:e1:a3:9b:35:a7:6e:8e:1e:2f:2f:63:ef:b9:92:
df:fd:88:3f:6d:07:cf:c3:60:e9:3e:31:18:2c:09:
ac:a8:9a:92:dd:e8:97:cc:10:87:0f:e0:71:57:c9:
8e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:61:61:63:6B:E0:0C:B6:82:4A:85:B1:AB:A4:BE:65:ED:EE:95:42
X509v3 Authority Key Identifier:
keyid:FF:BC:AE:2B:29:0C:80:1D:57:D0:9D:02:5A:93:48:E1:67:06:F1:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7yuKykMgB1X0J0CWpNI4WcG8YI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/fGFhY2vgDLaCSoWxq6S-Ze3ulUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/59bcd1-1e0b-485d-9510-096af478f04b/1/_7yuKykMgB1X0J0CWpNI4WcG8YI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.100.0/22
45.159.236.0/22
77.83.40.0/22
91.236.32.0/22
185.146.52.0/22
194.53.1.0-194.53.2.255
194.53.61.0/24
IPv6:
2a07:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:64:50:0e:c4:f6:7b:31:d0:89:75:07:c0:31:af:29:8d:39:
38:a9:e5:ec:bd:43:19:aa:c5:38:c3:79:54:8f:68:bd:06:03:
81:af:35:bd:e9:0f:3c:56:36:6a:1b:63:ab:aa:51:fe:dc:5e:
4e:cb:4c:1d:39:6e:07:47:dc:f2:b6:b1:eb:28:63:1c:ec:7f:
51:60:3a:71:56:30:32:36:51:20:04:8d:ee:b8:90:98:f7:cf:
cb:fd:1b:c6:4d:b4:c2:58:a2:bd:c7:a9:be:f0:f5:fa:df:ed:
5c:49:f4:7d:84:6c:1f:5f:4a:94:09:bc:ec:1b:3a:08:33:5f:
84:58:db:be:04:5d:5d:22:d2:9b:51:52:15:4b:f0:4c:72:3a:
c0:e9:6c:e3:a4:88:8d:13:02:b7:ac:99:59:e7:0d:65:94:ac:
b6:65:56:d2:b9:b9:2e:c0:e8:07:b4:7d:31:d6:b4:95:16:ac:
f7:c9:03:bc:58:b9:43:20:12:73:8e:ea:8b:b2:69:cb:f6:02:
68:72:ab:06:c6:ee:f1:22:9e:71:91:d6:32:42:e8:8a:d1:34:
b7:4c:26:e6:90:4c:9d:4d:26:35:2b:39:a7:98:1a:ef:17:c9:
54:fb:b2:fa:9b:20:83:dd:5f:1a:6b:53:64:ee:6f:2c:51:e9:
42:b8:e6:6c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYZKCPvIxn5fmacWvqVvldViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYmNhZTJiMjkwYzgwMWQ1N2QwOWQwMjVhOTM0OGUxNjcw
NmYxODIwHhcNMjMwMjEzMDkwOTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzYxNjE2MzZiZTAwY2I2ODI0YTg1YjFhYmE0YmU2NWVkZWU5NTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMhqfpQeEDFgEDFoBmcg9mwQbzsB
tcRhSoGyQ/fXUjWyXohJngiY39TSD7QHTHq6nCc2HpF9wzoulQ7PhvZHCmXhloXl
OSALcOkr7Dieui7Xf99uQqPW2qGPh+ODrJx6Pg0QlWfLTFnvdSrukfTH4ue+p2J7
c7SPy/NCpSBwhz7qBAYyE7pHhd58PjJbb/BbSfvQlOMpFdQYb165S9536aMFT3hZ
fYaIvCYmHcsijFBBNMe8IbHBUTGiJF46hHEc3efxsHCnKeAmfnvoOje+GHp64aOb
Nadujh4vL2PvuZLf/Yg/bQfPw2DpPjEYLAmsqJqS3eiXzBCHD+BxV8mOrwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFHxhYWNr4Ay2gkqFsaukvmXt7pVCMB8GA1UdIwQY
MBaAFP+8rispDIAdV9CdAlqTSOFnBvGCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzd5dUt5a01nQjFYMEowQ1dwTkk0V2NHOFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81OWJjZDEtMWUwYi00ODVkLTk1MTAt
MDk2YWY0NzhmMDRiLzEvZkdGaFkydmdETGFDU29XeHE2Uy1aZTN1bFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81OWJjZDEtMWUwYi00ODVkLTk1MTAtMDk2YWY0NzhmMDRi
LzEvXzd5dUt5a01nQjFYMEowQ1dwTkk0V2NHOFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQCJd1kAwQC
LZ/sAwQCTVMoAwQCW+wgAwQCuZI0MAwDBADCNQEDBADCNQIDBADCNT0wDQQCAAIw
BwMFAyoHS8AwDQYJKoZIhvcNAQELBQADggEBAItkUA7E9nsx0Il1B8AxrymNOTip
5ey9QxmqxTjDeVSPaL0GA4GvNb3pDzxWNmobY6uqUf7cXk7LTB05bgdH3PK2seso
Yxzsf1FgOnFWMDI2USAEje64kJj3z8v9G8ZNtMJYor3Hqb7w9frf7VxJ9H2EbB9f
SpQJvOwbOggzX4RY274EXV0i0ptRUhVL8ExyOsDpbOOkiI0TAresmVnnDWWUrLZl
VtK5uS7A6Ae0fTHWtJUWrPfJA7xYuUMgEnOO6ouyacv2AmhyqwbG7vEinnGR1jJC
6IrRNLdMJuaQTJ1NJjUrOaeYGu8XyVT7svqbIIPdXxprU2TubyxR6UK45mw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:08 2024 by rpki-client on console-ams.rpki-client.org