Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/ffARfiiE_U9yb1fc1Ih1xTWU6aw.roa
File: ffARfiiE_U9yb1fc1Ih1xTWU6aw.roa (raw, json)
Hash identifier: Ye729UKwzF0F4aN1YApoYPDn54fG9QRI2mtZkwk+BTI=
Subject key identifier: 7D:F0:11:7E:28:84:FD:4F:72:6F:57:DC:D4:88:75:C5:35:94:E9:AC
Certificate issuer: /CN=b45f5560d79f04a92d7a150f3ed8da4308abea33
Certificate serial: 018F8B3BD3004DFD595B4D9AC2839CE7BAFE
Authority key identifier: B4:5F:55:60:D7:9F:04:A9:2D:7A:15:0F:3E:D8:DA:43:08:AB:EA:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tF9VYNefBKktehUPPtjaQwir6jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/ffARfiiE_U9yb1fc1Ih1xTWU6aw.roa
Signing time: Sat 18 May 2024 10:25:04 +0000
ROA not before: Sat 18 May 2024 10:25:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198317
IP address blocks: 91.200.104.0/22 maxlen: 22
91.200.104.0/23 maxlen: 23
91.200.104.0/24 maxlen: 24
91.200.105.0/24 maxlen: 24
91.200.106.0/23 maxlen: 23
91.200.106.0/24 maxlen: 24
91.200.107.0/24 maxlen: 24
91.239.196.0/22 maxlen: 22
91.239.196.0/23 maxlen: 23
91.239.196.0/24 maxlen: 24
91.239.197.0/24 maxlen: 24
91.239.198.0/23 maxlen: 23
91.239.198.0/24 maxlen: 24
91.239.199.0/24 maxlen: 24
155.133.56.0/22 maxlen: 22
155.133.56.0/23 maxlen: 23
155.133.56.0/24 maxlen: 24
155.133.57.0/24 maxlen: 24
155.133.58.0/23 maxlen: 23
155.133.58.0/24 maxlen: 24
155.133.59.0/24 maxlen: 24
185.96.120.0/22 maxlen: 22
185.96.120.0/23 maxlen: 23
185.96.120.0/24 maxlen: 24
185.96.121.0/24 maxlen: 24
185.96.122.0/23 maxlen: 23
185.96.122.0/24 maxlen: 24
185.96.123.0/24 maxlen: 24
185.235.124.0/22 maxlen: 22
185.235.124.0/23 maxlen: 23
185.235.124.0/24 maxlen: 24
185.235.125.0/24 maxlen: 24
185.235.126.0/23 maxlen: 23
185.235.126.0/24 maxlen: 24
185.235.127.0/24 maxlen: 24
193.106.216.0/22 maxlen: 22
193.106.216.0/23 maxlen: 23
193.106.216.0/24 maxlen: 24
193.106.217.0/24 maxlen: 24
193.106.218.0/23 maxlen: 23
193.106.218.0/24 maxlen: 24
193.106.219.0/24 maxlen: 24
195.88.144.0/23 maxlen: 23
195.88.144.0/24 maxlen: 24
195.88.145.0/24 maxlen: 24
2a05:ffc0::/32 maxlen: 32
2a05:ffc0::/33 maxlen: 33
2a05:ffc0::/34 maxlen: 34
2a05:ffc0:4000::/34 maxlen: 34
2a05:ffc0:8000::/33 maxlen: 33
2a05:ffc0:8000::/34 maxlen: 34
2a05:ffc0:c000::/34 maxlen: 34
2a05:ffc1::/32 maxlen: 32
2a05:ffc1::/33 maxlen: 33
2a05:ffc1::/34 maxlen: 34
2a05:ffc1:4000::/34 maxlen: 34
2a05:ffc1:8000::/33 maxlen: 33
2a05:ffc1:8000::/34 maxlen: 34
2a05:ffc1:c000::/34 maxlen: 34
2a05:ffc2::/32 maxlen: 32
2a05:ffc2::/33 maxlen: 33
2a05:ffc2::/34 maxlen: 34
2a05:ffc2::/48 maxlen: 48
2a05:ffc2:4000::/34 maxlen: 34
2a05:ffc2:8000::/33 maxlen: 33
2a05:ffc2:8000::/34 maxlen: 34
2a05:ffc2:c000::/34 maxlen: 34
Validation: Failed, certificate revoked on Mon 20 May 2024 14:18:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8b:3b:d3:00:4d:fd:59:5b:4d:9a:c2:83:9c:e7:ba:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45f5560d79f04a92d7a150f3ed8da4308abea33
Validity
Not Before: May 18 10:25:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7df0117e2884fd4f726f57dcd48875c53594e9ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:82:ab:53:67:8a:23:da:39:23:95:bb:2d:e3:
fb:b4:07:be:0b:fd:e0:01:e5:f9:3b:6c:e9:21:f0:
07:2b:57:b1:56:0d:6b:7b:bb:04:13:49:23:4f:81:
d2:d5:f8:84:34:9d:29:24:a1:df:b0:56:ad:cb:fc:
03:c9:6e:21:ad:2c:b0:cc:d9:22:38:51:e5:8a:0c:
9c:94:b3:b1:4d:11:17:39:16:e3:b4:1e:de:ea:06:
6f:37:d7:46:94:81:ac:50:4d:76:80:9b:f1:64:19:
d4:e1:39:c8:79:b8:de:ba:25:cc:c3:2c:40:71:76:
cb:25:f8:99:9a:89:2b:5f:9c:10:15:ec:80:6e:23:
08:ff:5c:4d:04:3c:cf:d4:35:42:86:b3:34:be:cc:
69:78:33:56:b4:21:6a:57:2f:61:b7:f2:99:bf:c3:
90:09:d6:5f:12:a8:50:05:6d:48:f3:1d:63:6d:f1:
83:63:68:89:d6:7c:37:e6:2a:c7:01:f9:94:91:a5:
ac:51:da:a8:24:06:a7:0f:e7:53:11:e6:9d:3b:a4:
d9:ef:0a:06:df:6a:04:b0:b1:7d:70:b8:62:18:6b:
6c:0f:e2:b5:33:53:23:b5:80:0e:a9:a4:9a:b9:31:
6e:5a:ff:ee:99:36:b0:1b:82:5f:99:81:99:64:66:
45:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F0:11:7E:28:84:FD:4F:72:6F:57:DC:D4:88:75:C5:35:94:E9:AC
X509v3 Authority Key Identifier:
keyid:B4:5F:55:60:D7:9F:04:A9:2D:7A:15:0F:3E:D8:DA:43:08:AB:EA:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tF9VYNefBKktehUPPtjaQwir6jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/ffARfiiE_U9yb1fc1Ih1xTWU6aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/tF9VYNefBKktehUPPtjaQwir6jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.104.0/22
91.239.196.0/22
155.133.56.0/22
185.96.120.0/22
185.235.124.0/22
193.106.216.0/22
195.88.144.0/23
IPv6:
2a05:ffc0::-2a05:ffc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
39:5d:4c:b2:02:e3:16:46:8e:9c:20:6d:f7:3b:a0:cb:f6:47:
ed:51:68:b3:ce:0f:b0:34:70:87:6b:0c:29:bb:9f:df:7a:3b:
e1:72:d3:b7:c0:e7:62:c3:2f:6c:3d:ca:20:5a:0d:10:21:c5:
5f:af:18:7e:9b:5a:fc:de:fc:62:f2:11:69:25:88:2c:69:0b:
65:51:1f:18:66:9b:c3:cc:52:6b:32:1b:3e:63:44:94:76:e9:
23:9b:00:e3:85:69:82:55:31:0b:5e:fa:e8:3a:2b:4b:7d:95:
54:c6:76:42:df:73:57:06:67:01:69:af:ec:c5:ca:b8:2c:46:
61:4a:b2:43:20:0e:55:03:98:1d:f0:2b:0b:03:af:a9:f6:44:
5e:f1:22:4d:1c:89:7a:2c:10:a7:3f:34:d5:45:94:6e:f1:7c:
34:64:ca:66:18:4b:14:f0:eb:8d:eb:b1:42:75:f0:20:10:db:
09:bb:0c:8c:f1:24:b5:67:03:4f:cc:d8:ca:d3:27:c1:0f:b9:
13:44:f2:34:9c:0d:b1:42:e4:e3:92:3c:3c:15:80:64:94:09:
75:6f:7f:13:9a:75:1c:7d:ad:3a:e1:f6:63:03:fb:98:8d:d0:
78:ed:ec:ac:29:62:19:6c:40:c6:dd:ae:78:1c:38:54:77:3c:
ea:26:10:bf
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY+LO9MATf1ZW02awoOc57r+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NWY1NTYwZDc5ZjA0YTkyZDdhMTUwZjNlZDhkYTQzMDhh
YmVhMzMwHhcNMjQwNTE4MTAyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGYwMTE3ZTI4ODRmZDRmNzI2ZjU3ZGNkNDg4NzVjNTM1OTRlOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4KrU2eKI9o5I5W7LeP7tAe+C/3g
AeX5O2zpIfAHK1exVg1re7sEE0kjT4HS1fiENJ0pJKHfsFaty/wDyW4hrSywzNki
OFHligyclLOxTREXORbjtB7e6gZvN9dGlIGsUE12gJvxZBnU4TnIebjeuiXMwyxA
cXbLJfiZmokrX5wQFeyAbiMI/1xNBDzP1DVChrM0vsxpeDNWtCFqVy9ht/KZv8OQ
CdZfEqhQBW1I8x1jbfGDY2iJ1nw35irHAfmUkaWsUdqoJAanD+dTEeadO6TZ7woG
32oEsLF9cLhiGGtsD+K1M1MjtYAOqaSauTFuWv/umTawG4JfmYGZZGZFBQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFH3wEX4ohP1Pcm9X3NSIdcU1lOmsMB8GA1UdIwQY
MBaAFLRfVWDXnwSpLXoVDz7Y2kMIq+ozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEY5VllOZWZCS2t0ZWhVUFB0amFRd2lyNmpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83YjE2OWQtZmMwOS00OWJiLTk2Njkt
YzMyMjI0NzRlZWYxLzEvZmZBUmZpaUVfVTl5YjFmYzFJaDF4VFdVNmF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83YjE2OWQtZmMwOS00OWJiLTk2NjktYzMyMjI0NzRlZWYx
LzEvdEY5VllOZWZCS2t0ZWhVUFB0amFRd2lyNmpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAwBAIAATAqAwQCW8hoAwQC
W+/EAwQCm4U4AwQCuWB4AwQCuet8AwQCwWrYAwQBw1iQMBYEAgACMBAwDgMFBioF
/8ADBQAqBf/CMA0GCSqGSIb3DQEBCwUAA4IBAQA5XUyyAuMWRo6cIG33O6DL9kft
UWizzg+wNHCHawwpu5/fejvhctO3wOdiwy9sPcogWg0QIcVfrxh+m1r83vxi8hFp
JYgsaQtlUR8YZpvDzFJrMhs+Y0SUdukjmwDjhWmCVTELXvroOitLfZVUxnZC33NX
BmcBaa/sxcq4LEZhSrJDIA5VA5gd8CsLA6+p9kRe8SJNHIl6LBCnPzTVRZRu8Xw0
ZMpmGEsU8OuN67FCdfAgENsJuwyM8SS1ZwNPzNjK0yfBD7kTRPI0nA2xQuTjkjw8
FYBklAl1b38TmnUcfa064fZjA/uYjdB47eysKWIZbEDG3a54HDhUdzzqJhC/
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:28 2025 by rpki-client