Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/71FX_4A119IhuC8f7Bs2Xv3DNc8.roa
File: 71FX_4A119IhuC8f7Bs2Xv3DNc8.roa (raw, json)
Hash identifier: S8IGbQh64+6h6zHqJyAc+cCUyK59GfIN1I9QddYyZQo=
Subject key identifier: EF:51:57:FF:80:35:D7:D2:21:B8:2F:1F:EC:1B:36:5E:FD:C3:35:CF
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 019473423586E18DE040A6E5E358E9738246
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/71FX_4A119IhuC8f7Bs2Xv3DNc8.roa
Signing time: Fri 17 Jan 2025 07:55:06 +0000
ROA not before: Fri 17 Jan 2025 07:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 86.104.215.0/24 maxlen: 24
89.32.200.0/24 maxlen: 24
89.32.204.0/24 maxlen: 24
89.33.83.0/24 maxlen: 24
103.47.52.0/22 maxlen: 22
162.218.158.0/24 maxlen: 24
188.215.5.0/24 maxlen: 24
194.26.149.0/24 maxlen: 24
212.102.116.0/24 maxlen: 24
2a0a:eb00::/29 maxlen: 29
2a0a:eb00::/30 maxlen: 30
2a11:3bc0::/29 maxlen: 29
2a11:3bc0::/30 maxlen: 30
Validation: Failed, certificate revoked on Fri 31 Jan 2025 12:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:73:42:35:86:e1:8d:e0:40:a6:e5:e3:58:e9:73:82:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 17 07:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef5157ff8035d7d221b82f1fec1b365efdc335cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:02:f8:c3:6b:f7:eb:fd:1d:cd:1c:04:a7:76:
52:c0:b1:52:ab:15:ce:79:e5:b1:58:76:06:a9:df:
c6:20:d2:a5:6d:2e:04:60:25:e0:8c:3c:cb:88:91:
48:3b:84:4b:d5:1e:41:b6:89:81:88:17:31:45:85:
41:b3:f3:d2:f3:c4:66:05:68:96:d4:b3:3d:92:61:
d7:aa:80:9b:66:35:b4:94:ea:08:1f:ff:f6:3a:34:
cd:d4:0a:c5:f7:96:9c:aa:94:3b:78:78:34:41:6c:
0d:ed:cb:bc:1e:ac:c3:50:76:d6:84:3a:7c:43:67:
59:c5:e6:95:fc:e6:07:7a:f1:08:5b:ad:49:2b:bb:
ae:91:13:c4:b5:fd:99:aa:00:60:d2:35:76:cd:f9:
c8:db:33:15:5d:38:89:ac:4c:b3:cb:3d:22:ef:6e:
5d:ac:3e:e9:6d:eb:51:d4:8f:73:47:ea:46:bf:9d:
8b:d7:01:65:b0:f2:4f:c3:70:73:e4:0d:82:6c:dc:
b9:bb:a9:b8:c9:31:43:5b:ae:1c:c6:4d:4f:4f:b6:
7e:5e:93:35:14:c4:22:4f:40:48:91:8b:c2:c6:02:
bd:13:0d:1e:ee:ea:52:c7:d5:3a:73:0b:be:6e:19:
d0:ab:65:5f:60:5a:54:cd:d1:d5:f4:c0:ab:f1:55:
3e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:51:57:FF:80:35:D7:D2:21:B8:2F:1F:EC:1B:36:5E:FD:C3:35:CF
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/71FX_4A119IhuC8f7Bs2Xv3DNc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.215.0/24
89.32.200.0/24
89.32.204.0/24
89.33.83.0/24
103.47.52.0/22
162.218.158.0/24
188.215.5.0/24
194.26.149.0/24
212.102.116.0/24
IPv6:
2a0a:eb00::/29
2a11:3bc0::/29
Signature Algorithm: sha256WithRSAEncryption
ab:be:db:9a:f3:da:27:44:c5:dc:0d:5f:cd:f5:6d:5d:9f:41:
18:c8:45:e0:e7:4d:b3:d9:ad:32:2c:e4:5f:02:5a:d4:59:30:
e3:b5:94:7e:38:af:a6:6d:61:7f:dd:94:d0:30:66:87:26:e8:
4e:06:a4:b6:21:e9:ca:fc:5c:9e:4e:c8:07:df:46:c3:04:13:
ac:7d:14:aa:82:5d:ae:e8:27:15:95:2d:39:b8:f0:e7:67:d7:
b2:60:8c:74:f8:17:fe:c9:d7:37:ad:7c:81:81:21:ce:da:f2:
78:ab:b7:6e:2c:8e:35:d8:d2:2d:4d:aa:dc:19:d0:7e:cf:61:
38:a7:ec:7f:61:a7:82:9f:71:9e:99:a2:db:a0:11:12:e4:af:
b0:0e:3c:bd:4f:a3:28:23:85:73:83:32:e1:91:d9:1e:eb:3e:
59:aa:42:f2:91:40:7d:b4:ba:46:d2:4c:12:2c:d8:a5:ee:ec:
59:10:ce:b2:66:6c:29:62:ae:64:5a:63:bf:bc:1e:f4:b6:4e:
b7:16:12:ac:59:e1:c3:f9:47:8c:c8:8e:9b:cf:2a:51:dc:24:
cf:39:d0:e4:88:af:ca:d7:cd:7d:ce:83:9d:7a:6e:e6:16:54:
d6:4d:14:94:62:25:9a:22:3d:8a:58:e3:4a:27:7c:e6:57:58:
fe:ab:59:f7
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZRzQjWG4Y3gQKbl41jpc4JGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjUwMTE3MDc1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjUxNTdmZjgwMzVkN2QyMjFiODJmMWZlYzFiMzY1ZWZkYzMzNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QL4w2v36/0dzRwEp3ZSwLFSqxXO
eeWxWHYGqd/GINKlbS4EYCXgjDzLiJFIO4RL1R5BtomBiBcxRYVBs/PS88RmBWiW
1LM9kmHXqoCbZjW0lOoIH//2OjTN1ArF95acqpQ7eHg0QWwN7cu8HqzDUHbWhDp8
Q2dZxeaV/OYHevEIW61JK7uukRPEtf2ZqgBg0jV2zfnI2zMVXTiJrEyzyz0i725d
rD7pbetR1I9zR+pGv52L1wFlsPJPw3Bz5A2CbNy5u6m4yTFDW64cxk1PT7Z+XpM1
FMQiT0BIkYvCxgK9Ew0e7upSx9U6cwu+bhnQq2VfYFpUzdHV9MCr8VU+uQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFO9RV/+ANdfSIbgvH+wbNl79wzXPMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvNzFGWF80QTExOUlodUM4ZjdCczJYdjNETmM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQAVmjXAwQA
WSDIAwQAWSDMAwQAWSFTAwQCZy80AwQAotqeAwQAvNcFAwQAwhqVAwQA1GZ0MBQE
AgACMA4DBQMqCusAAwUDKhE7wDANBgkqhkiG9w0BAQsFAAOCAQEAq77bmvPaJ0TF
3A1fzfVtXZ9BGMhF4OdNs9mtMizkXwJa1Fkw47WUfjivpm1hf92U0DBmhyboTgak
tiHpyvxcnk7IB99GwwQTrH0UqoJdrugnFZUtObjw52fXsmCMdPgX/snXN618gYEh
ztryeKu3biyONdjSLU2q3BnQfs9hOKfsf2Gngp9xnpmi26AREuSvsA48vU+jKCOF
c4My4ZHZHus+WapC8pFAfbS6RtJMEizYpe7sWRDOsmZsKWKuZFpjv7we9LZOtxYS
rFnhw/lHjMiOm88qUdwkzznQ5IivytfNfc6DnXpu5hZU1k0UlGIlmiI9iljjSid8
5ldY/qtZ9w==
-----END CERTIFICATE-----
Generated at Sat Apr 12 19:56:49 2025 by rpki-client