Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/rtfxY8b0rFotzWSKWZrqBH4uqXw.roa
File: rtfxY8b0rFotzWSKWZrqBH4uqXw.roa (raw, json)
Hash identifier: /s8jq/oX3O7YCgBG4R1Uy84P45VA+wX2erLACgWUrJs=
Subject key identifier: AE:D7:F1:63:C6:F4:AC:5A:2D:CD:64:8A:59:9A:EA:04:7E:2E:A9:7C
Certificate issuer: /CN=b45f5560d79f04a92d7a150f3ed8da4308abea33
Certificate serial: 018D045F7338403E6DFAA3F5AA5F6FD71EBF
Authority key identifier: B4:5F:55:60:D7:9F:04:A9:2D:7A:15:0F:3E:D8:DA:43:08:AB:EA:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tF9VYNefBKktehUPPtjaQwir6jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/rtfxY8b0rFotzWSKWZrqBH4uqXw.roa
Signing time: Sat 13 Jan 2024 19:49:40 +0000
ROA not before: Sat 13 Jan 2024 19:49:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198317
IP address blocks: 185.235.125.0/24 maxlen: 24
185.235.124.0/22 maxlen: 22
185.235.124.0/23 maxlen: 23
185.235.124.0/24 maxlen: 24
185.235.126.0/23 maxlen: 23
185.235.127.0/24 maxlen: 24
185.235.126.0/24 maxlen: 24
91.200.107.0/24 maxlen: 24
91.200.106.0/24 maxlen: 24
91.200.106.0/23 maxlen: 23
155.133.58.0/24 maxlen: 24
155.133.58.0/23 maxlen: 23
155.133.56.0/23 maxlen: 23
155.133.56.0/22 maxlen: 22
155.133.57.0/24 maxlen: 24
155.133.56.0/24 maxlen: 24
155.133.59.0/24 maxlen: 24
193.106.219.0/24 maxlen: 24
193.106.218.0/24 maxlen: 24
193.106.218.0/23 maxlen: 23
193.106.217.0/24 maxlen: 24
193.106.216.0/24 maxlen: 24
193.106.216.0/23 maxlen: 23
193.106.216.0/22 maxlen: 22
185.96.123.0/24 maxlen: 24
185.96.122.0/23 maxlen: 23
185.96.122.0/24 maxlen: 24
185.96.121.0/24 maxlen: 24
185.96.120.0/22 maxlen: 22
185.96.120.0/24 maxlen: 24
185.96.120.0/23 maxlen: 23
195.88.145.0/24 maxlen: 24
195.88.144.0/24 maxlen: 24
195.88.144.0/23 maxlen: 23
91.200.105.0/24 maxlen: 24
91.200.104.0/24 maxlen: 24
91.200.104.0/22 maxlen: 22
91.200.104.0/23 maxlen: 23
91.239.199.0/24 maxlen: 24
91.239.198.0/24 maxlen: 24
91.239.197.0/24 maxlen: 24
91.239.198.0/23 maxlen: 23
91.239.196.0/23 maxlen: 23
91.239.196.0/22 maxlen: 22
91.239.196.0/24 maxlen: 24
2a05:ffc0::/34 maxlen: 34
2a05:ffc0:4000::/34 maxlen: 34
2a05:ffc0:8000::/34 maxlen: 34
2a05:ffc0:c000::/34 maxlen: 34
2a05:ffc0::/33 maxlen: 33
2a05:ffc0:8000::/33 maxlen: 33
2a05:ffc0::/32 maxlen: 32
2a05:ffc2::/34 maxlen: 34
2a05:ffc2:4000::/34 maxlen: 34
2a05:ffc2:8000::/34 maxlen: 34
2a05:ffc2:c000::/34 maxlen: 34
2a05:ffc2::/32 maxlen: 32
2a05:ffc2::/33 maxlen: 33
2a05:ffc2:8000::/33 maxlen: 33
2a05:ffc1::/33 maxlen: 33
2a05:ffc1:8000::/33 maxlen: 33
2a05:ffc1::/32 maxlen: 32
2a05:ffc1::/34 maxlen: 34
2a05:ffc1:4000::/34 maxlen: 34
2a05:ffc1:8000::/34 maxlen: 34
2a05:ffc1:c000::/34 maxlen: 34
Validation: Failed, certificate revoked on Sat 18 May 2024 10:25:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:04:5f:73:38:40:3e:6d:fa:a3:f5:aa:5f:6f:d7:1e:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45f5560d79f04a92d7a150f3ed8da4308abea33
Validity
Not Before: Jan 13 19:49:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aed7f163c6f4ac5a2dcd648a599aea047e2ea97c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7e:14:e8:2c:3d:c4:eb:9f:5c:36:cc:a0:2b:
8b:cf:6c:09:cc:60:7a:83:54:6d:5c:f1:5a:11:a2:
1d:f1:44:33:d6:4c:be:8b:90:59:02:2e:ff:d0:05:
3b:0a:53:36:11:11:b6:3f:30:74:65:ef:02:9b:36:
04:89:08:e6:1f:80:ec:3f:be:d3:80:65:9d:92:39:
cf:eb:57:25:4c:10:7d:42:5b:bd:90:09:43:fc:83:
ff:49:e7:f3:1f:4d:c6:90:eb:61:d8:17:c7:70:f5:
05:c5:d5:24:70:a6:51:51:51:bb:4e:44:79:3f:35:
16:54:a1:f1:a0:97:44:0c:b0:bf:98:fd:05:2c:b8:
2d:bc:e9:60:1a:51:30:26:1d:00:57:86:52:f7:51:
16:1f:e5:aa:f6:29:26:4d:47:a5:d1:41:44:07:d5:
77:2d:63:ea:02:b8:55:ea:07:a6:60:57:d6:e5:e6:
e2:3d:a1:bd:6c:11:c6:0e:db:b6:3e:95:cd:42:b0:
7f:e5:98:15:cc:57:a0:b7:ed:e9:dc:42:fc:6b:ad:
7f:78:56:e4:b5:92:28:32:74:36:6d:01:39:b6:b1:
58:91:29:69:a2:b2:8c:3b:8a:6c:a3:f6:65:1c:76:
d7:42:a3:45:0f:6c:5f:c4:b7:81:a0:a0:f9:66:5b:
2c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D7:F1:63:C6:F4:AC:5A:2D:CD:64:8A:59:9A:EA:04:7E:2E:A9:7C
X509v3 Authority Key Identifier:
keyid:B4:5F:55:60:D7:9F:04:A9:2D:7A:15:0F:3E:D8:DA:43:08:AB:EA:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tF9VYNefBKktehUPPtjaQwir6jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/rtfxY8b0rFotzWSKWZrqBH4uqXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/7b169d-fc09-49bb-9669-c3222474eef1/1/tF9VYNefBKktehUPPtjaQwir6jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.104.0/22
91.239.196.0/22
155.133.56.0/22
185.96.120.0/22
185.235.124.0/22
193.106.216.0/22
195.88.144.0/23
IPv6:
2a05:ffc0::-2a05:ffc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7d:00:ec:92:a1:cf:4b:9f:d4:1b:39:8a:1d:03:fd:d5:3b:cd:
2a:5f:ce:56:1c:7b:cb:3e:0c:f3:a4:4f:06:f3:08:8e:cb:82:
50:33:2e:16:4b:e6:35:e9:b5:d4:04:4d:67:ed:63:21:59:bd:
c2:a8:ec:d4:0c:fd:bc:79:df:f2:3a:d3:3f:c6:e0:fb:cc:93:
df:a7:2f:ad:61:d7:20:5f:aa:17:15:e6:99:ef:5c:f4:05:10:
27:71:95:b7:b7:f4:bc:c3:12:b3:da:c5:2a:83:f0:30:4a:43:
63:8f:77:8c:03:93:a6:4e:51:69:51:cf:e7:3e:27:34:1f:78:
87:73:c5:f5:ec:e6:7a:f8:9a:0a:ea:67:87:63:6f:a4:53:5c:
c5:a7:2f:33:b5:b6:c4:33:c4:d7:1b:d9:70:58:84:79:47:26:
38:f2:66:db:0a:cc:11:e7:70:cf:f9:08:06:a7:e0:88:1a:42:
84:fe:a3:b7:05:b8:cf:b6:bb:2e:98:1d:f0:6c:50:c6:cc:a0:
21:0a:9b:2f:b2:33:32:5e:6a:e3:82:86:53:73:d1:b8:69:35:
cb:18:b8:73:87:29:63:24:19:20:ab:2c:fa:a4:3c:89:07:3a:
89:79:cd:1e:29:a2:e6:af:e9:b9:d3:f0:76:12:05:1e:d1:45:
41:a3:b3:0c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY0EX3M4QD5t+qP1ql9v1x6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NWY1NTYwZDc5ZjA0YTkyZDdhMTUwZjNlZDhkYTQzMDhh
YmVhMzMwHhcNMjQwMTEzMTk0OTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQ3ZjE2M2M2ZjRhYzVhMmRjZDY0OGE1OTlhZWEwNDdlMmVhOTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH4U6Cw9xOufXDbMoCuLz2wJzGB6
g1RtXPFaEaId8UQz1ky+i5BZAi7/0AU7ClM2ERG2PzB0Ze8CmzYEiQjmH4DsP77T
gGWdkjnP61clTBB9Qlu9kAlD/IP/SefzH03GkOth2BfHcPUFxdUkcKZRUVG7TkR5
PzUWVKHxoJdEDLC/mP0FLLgtvOlgGlEwJh0AV4ZS91EWH+Wq9ikmTUel0UFEB9V3
LWPqArhV6gemYFfW5ebiPaG9bBHGDtu2PpXNQrB/5ZgVzFegt+3p3EL8a61/eFbk
tZIoMnQ2bQE5trFYkSlporKMO4pso/ZlHHbXQqNFD2xfxLeBoKD5Zlss8wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFK7X8WPG9KxaLc1kilma6gR+Lql8MB8GA1UdIwQY
MBaAFLRfVWDXnwSpLXoVDz7Y2kMIq+ozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEY5VllOZWZCS2t0ZWhVUFB0amFRd2lyNmpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83YjE2OWQtZmMwOS00OWJiLTk2Njkt
YzMyMjI0NzRlZWYxLzEvcnRmeFk4YjByRm90eldTS1dacnFCSDR1cVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83YjE2OWQtZmMwOS00OWJiLTk2NjktYzMyMjI0NzRlZWYx
LzEvdEY5VllOZWZCS2t0ZWhVUFB0amFRd2lyNmpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAwBAIAATAqAwQCW8hoAwQC
W+/EAwQCm4U4AwQCuWB4AwQCuet8AwQCwWrYAwQBw1iQMBYEAgACMBAwDgMFBioF
/8ADBQAqBf/CMA0GCSqGSIb3DQEBCwUAA4IBAQB9AOySoc9Ln9QbOYodA/3VO80q
X85WHHvLPgzzpE8G8wiOy4JQMy4WS+Y16bXUBE1n7WMhWb3CqOzUDP28ed/yOtM/
xuD7zJPfpy+tYdcgX6oXFeaZ71z0BRAncZW3t/S8wxKz2sUqg/AwSkNjj3eMA5Om
TlFpUc/nPic0H3iHc8X17OZ6+JoK6meHY2+kU1zFpy8ztbbEM8TXG9lwWIR5RyY4
8mbbCswR53DP+QgGp+CIGkKE/qO3BbjPtrsumB3wbFDGzKAhCpsvsjMyXmrjgoZT
c9G4aTXLGLhzhyljJBkgqyz6pDyJBzqJec0eKaLmr+m50/B2EgUe0UVBo7MM
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:12:33 2025 by rpki-client