Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/fmf2kxR18WlBrkZ7BjoGfBCVJ08.roa
File: fmf2kxR18WlBrkZ7BjoGfBCVJ08.roa (raw, json)
Hash identifier: C1XOLFdO9LtrUt8DKDBMnFZEs0SyyGrpq/NzjPh12x8=
Subject key identifier: 7E:67:F6:93:14:75:F1:69:41:AE:46:7B:06:3A:06:7C:10:95:27:4F
Certificate issuer: /CN=c1098a1905bbd3381533828f6b7fd227170431ef
Certificate serial: 018E9617C97207F50B01BF37DC153D391E3C
Authority key identifier: C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/fmf2kxR18WlBrkZ7BjoGfBCVJ08.roa
Signing time: Sun 31 Mar 2024 19:58:44 +0000
ROA not before: Sun 31 Mar 2024 19:58:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57324
IP address blocks: 79.132.195.0/24 maxlen: 24
79.132.196.0/24 maxlen: 24
79.132.197.0/24 maxlen: 24
79.132.198.0/24 maxlen: 24
79.132.199.0/24 maxlen: 24
86.111.144.0/24 maxlen: 24
86.111.145.0/24 maxlen: 24
86.111.146.0/24 maxlen: 24
86.111.147.0/24 maxlen: 24
109.230.112.0/24 maxlen: 24
109.230.113.0/24 maxlen: 24
109.230.114.0/24 maxlen: 24
109.230.115.0/24 maxlen: 24
109.230.116.0/24 maxlen: 24
109.230.117.0/24 maxlen: 24
109.230.118.0/24 maxlen: 24
109.230.119.0/24 maxlen: 24
109.230.120.0/24 maxlen: 24
109.230.122.0/24 maxlen: 24
109.230.123.0/24 maxlen: 24
109.230.124.0/24 maxlen: 24
109.230.125.0/24 maxlen: 24
109.230.126.0/24 maxlen: 24
109.230.127.0/24 maxlen: 24
122.102.116.0/24 maxlen: 24
122.102.117.0/24 maxlen: 24
122.102.118.0/24 maxlen: 24
122.102.119.0/24 maxlen: 24
185.113.105.0/24 maxlen: 24
185.113.107.0/24 maxlen: 24
202.164.192.0/24 maxlen: 24
202.164.193.0/24 maxlen: 24
202.164.194.0/24 maxlen: 24
202.164.195.0/24 maxlen: 24
202.164.197.0/24 maxlen: 24
202.164.198.0/24 maxlen: 24
202.164.199.0/24 maxlen: 24
202.164.200.0/24 maxlen: 24
202.164.201.0/24 maxlen: 24
202.164.202.0/24 maxlen: 24
202.164.203.0/24 maxlen: 24
202.164.204.0/24 maxlen: 24
202.164.205.0/24 maxlen: 24
2a03:c340::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Apr 2024 19:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:96:17:c9:72:07:f5:0b:01:bf:37:dc:15:3d:39:1e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1098a1905bbd3381533828f6b7fd227170431ef
Validity
Not Before: Mar 31 19:58:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e67f6931475f16941ae467b063a067c1095274f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d9:4f:a5:e0:c0:74:c8:c0:a0:ed:03:52:a6:
dd:2f:74:87:4c:a2:2c:97:23:ef:9e:d3:62:60:da:
22:d5:b8:ac:2d:38:26:e1:aa:94:5d:c3:3c:48:a5:
24:08:5f:6f:7f:8f:b1:f6:4e:36:9f:cf:2f:24:0e:
9b:21:6a:22:61:c9:34:aa:e8:f5:f3:66:32:1d:b4:
a0:66:25:b4:62:49:d8:87:6f:91:74:be:6c:3b:9e:
fa:77:43:7a:68:ea:74:3d:8f:51:e5:08:60:4b:e0:
54:84:20:28:c0:ae:44:63:01:53:32:7f:97:a7:bd:
24:5a:43:6b:37:14:d0:aa:01:48:91:41:90:53:f2:
f4:df:14:27:9f:b5:50:70:e0:90:23:6e:d9:04:79:
04:10:73:2b:2e:4f:3b:14:d0:db:03:6a:f4:67:20:
4a:02:95:73:98:76:54:4b:5a:c9:a3:cf:4a:c1:ee:
e9:d4:ef:5a:05:9a:a0:17:29:9a:c7:83:e2:da:17:
21:27:8f:80:ca:b0:54:ef:2e:93:d8:13:76:0d:bd:
01:08:79:2d:38:2a:94:87:af:7d:b6:dd:6a:4b:34:
58:9c:b8:c5:f7:7c:66:fb:4d:6d:3c:a3:e0:60:20:
77:41:9c:36:f7:9f:ea:a9:12:7a:99:3c:df:28:2f:
f8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:67:F6:93:14:75:F1:69:41:AE:46:7B:06:3A:06:7C:10:95:27:4F
X509v3 Authority Key Identifier:
keyid:C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/fmf2kxR18WlBrkZ7BjoGfBCVJ08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.195.0-79.132.199.255
86.111.144.0/22
109.230.112.0-109.230.120.255
109.230.122.0-109.230.127.255
122.102.116.0/22
185.113.105.0/24
185.113.107.0/24
202.164.192.0/22
202.164.197.0-202.164.205.255
IPv6:
2a03:c340::/32
Signature Algorithm: sha256WithRSAEncryption
7e:c6:b9:a8:ff:7e:3b:c8:0f:55:6f:f6:dc:ac:d8:89:61:a0:
04:d9:21:ec:7e:ed:f4:d7:8a:1d:2e:07:d1:6d:1f:11:5a:8c:
6f:63:14:04:49:2b:31:07:01:2d:5a:9a:38:b9:d8:d2:95:d0:
ad:6c:35:a7:12:0d:12:bd:ee:09:1f:a4:5b:5c:f1:8b:9e:af:
f3:9a:f3:89:76:67:ed:34:18:0e:93:1b:f1:48:65:00:27:cd:
23:22:ed:b9:13:eb:dd:ab:b0:9c:66:9c:c4:8b:59:b9:2a:1e:
a6:65:60:87:a3:67:47:00:eb:a4:65:d2:cb:f6:3a:c4:9c:c4:
ba:99:9e:dc:d8:74:7a:86:39:c7:0d:3a:47:80:8e:2e:b9:fa:
14:64:3f:b6:2d:c1:31:34:98:6b:54:9a:17:a7:e0:c9:bf:3d:
f5:12:0d:f0:e8:06:e1:40:a8:a9:6f:40:6e:27:56:ce:a3:f9:
11:3d:6a:3e:f4:8c:d0:af:46:c5:51:97:1e:d4:0f:20:52:6d:
6f:39:e5:3a:b9:96:85:59:6d:51:bd:7c:11:b6:4e:39:3a:ec:
83:0a:37:35:9b:bd:cf:18:60:63:7c:b7:4f:1a:95:04:7c:46:
f7:d8:e6:4b:59:7f:62:f1:a6:9c:9e:36:9e:26:bf:d2:59:0a:
3a:f9:a3:95
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAY6WF8lyB/ULAb833BU9OR48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDk4YTE5MDViYmQzMzgxNTMzODI4ZjZiN2ZkMjI3MTcw
NDMxZWYwHhcNMjQwMzMxMTk1ODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTY3ZjY5MzE0NzVmMTY5NDFhZTQ2N2IwNjNhMDY3YzEwOTUyNzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9lPpeDAdMjAoO0DUqbdL3SHTKIs
lyPvntNiYNoi1bisLTgm4aqUXcM8SKUkCF9vf4+x9k42n88vJA6bIWoiYck0quj1
82YyHbSgZiW0YknYh2+RdL5sO576d0N6aOp0PY9R5QhgS+BUhCAowK5EYwFTMn+X
p70kWkNrNxTQqgFIkUGQU/L03xQnn7VQcOCQI27ZBHkEEHMrLk87FNDbA2r0ZyBK
ApVzmHZUS1rJo89Kwe7p1O9aBZqgFymax4Pi2hchJ4+AyrBU7y6T2BN2Db0BCHkt
OCqUh699tt1qSzRYnLjF93xm+01tPKPgYCB3QZw295/qqRJ6mTzfKC/4eQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFH5n9pMUdfFpQa5GewY6BnwQlSdPMB8GA1UdIwQY
MBaAFMEJihkFu9M4FTOCj2t/0icXBDHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUt
YjJhNzEzZDJlYWIyLzEvZm1mMmt4UjE4V2xCcmtaN0Jqb0dmQkNWSjA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUtYjJhNzEzZDJlYWIy
LzEvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWMAwDBABPhMMD
BANPhMADBAJWb5AwDAMEBG3mcAMEAG3meDAMAwQBbeZ6AwQHbeYAAwQCemZ0AwQA
uXFpAwQAuXFrAwQCyqTAMAwDBADKpMUDBAHKpMwwDQQCAAIwBwMFACoDw0AwDQYJ
KoZIhvcNAQELBQADggEBAH7Guaj/fjvID1Vv9tys2IlhoATZIex+7fTXih0uB9Ft
HxFajG9jFARJKzEHAS1amji52NKV0K1sNacSDRK97gkfpFtc8Yuer/Oa84l2Z+00
GA6TG/FIZQAnzSMi7bkT692rsJxmnMSLWbkqHqZlYIejZ0cA66Rl0sv2OsScxLqZ
ntzYdHqGOccNOkeAji65+hRkP7YtwTE0mGtUmhen4Mm/PfUSDfDoBuFAqKlvQG4n
Vs6j+RE9aj70jNCvRsVRlx7UDyBSbW855Tq5loVZbVG9fBG2Tjk67IMKNzWbvc8Y
YGN8t08alQR8RvfY5ktZf2LxppyeNp4mv9JZCjr5o5U=
-----END CERTIFICATE-----
Generated at Mon Apr 1 20:32:37 2024 by rpki-client on console-ams.rpki-client.org