Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/F7n7Qi76HuSvoq5Kw1OPh92TK6g.roa
File: F7n7Qi76HuSvoq5Kw1OPh92TK6g.roa (raw, json)
Hash identifier: 4pP5CgMnRJ1HBahiRwTQ7erO778lNjhweh2i1WF1sWw=
Subject key identifier: 17:B9:FB:42:2E:FA:1E:E4:AF:A2:AE:4A:C3:53:8F:87:DD:93:2B:A8
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B24EB7C08233AC5205ED964306EFB1
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/F7n7Qi76HuSvoq5Kw1OPh92TK6g.roa
Signing time: Wed 01 Jan 2025 11:48:41 +0000
ROA not before: Wed 01 Jan 2025 11:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 45.83.148.0/24 maxlen: 24
185.166.154.0/24 maxlen: 24
185.166.155.0/24 maxlen: 24
185.203.4.0/24 maxlen: 24
185.203.5.0/24 maxlen: 24
185.203.6.0/24 maxlen: 24
185.203.7.0/24 maxlen: 24
194.76.136.0/24 maxlen: 24
194.76.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Jan 2025 17:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4e:b7:c0:82:33:ac:52:05:ed:96:43:06:ef:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17b9fb422efa1ee4afa2ae4ac3538f87dd932ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:42:65:eb:5c:ec:bb:8e:13:95:60:17:b5:73:
d9:09:01:03:24:3d:a1:78:bf:f8:50:e1:b7:55:4f:
39:7e:12:da:5a:70:62:9f:35:4b:8b:f6:bc:dd:b4:
b0:19:db:d9:1e:18:1c:da:6a:5d:af:d3:d5:4c:12:
34:16:4f:10:86:66:87:26:c1:c7:87:cb:b1:46:0f:
8f:df:57:42:30:e9:ef:8d:42:e9:7d:2c:dc:84:74:
58:dd:78:65:c8:c8:70:68:05:d7:72:7b:4b:b8:3b:
60:67:fd:64:21:3a:0d:ce:04:9a:ef:49:2c:b0:b4:
e9:ce:44:ae:f9:50:0f:7b:d9:78:66:bf:b1:7f:55:
5e:cb:fc:81:76:aa:78:fe:90:1b:d1:f4:8d:b8:74:
b0:a7:b2:11:fe:74:af:c9:a8:90:48:65:26:15:d2:
71:5b:c0:3a:6b:02:5f:b1:53:51:f3:f5:cf:2d:56:
b0:c4:c7:c7:5d:b9:a4:fd:85:17:5d:2a:99:00:1a:
a4:ab:71:67:e2:a1:cc:98:fc:9a:8b:e5:5b:ec:fb:
b5:1e:57:b0:0f:1e:14:b0:b0:32:a7:f7:cd:5f:20:
1f:6b:e1:28:5f:1b:6d:ad:78:ad:7b:04:7c:2f:4d:
24:ac:71:dd:40:6e:0e:0d:95:ac:fc:b0:a5:b9:b6:
c8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B9:FB:42:2E:FA:1E:E4:AF:A2:AE:4A:C3:53:8F:87:DD:93:2B:A8
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/F7n7Qi76HuSvoq5Kw1OPh92TK6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.148.0/24
185.166.154.0/23
185.203.4.0/22
194.76.136.0/24
194.76.138.0/24
Signature Algorithm: sha256WithRSAEncryption
61:ff:1e:7e:7b:a2:97:a4:c3:ee:82:93:1b:98:71:b2:bb:79:
6b:6c:a4:78:90:39:dd:ad:79:06:25:df:ba:34:2d:39:ef:ed:
82:c1:d1:b4:1d:8a:ae:b8:4f:eb:79:67:ab:a1:a4:5c:03:60:
42:f2:89:9e:70:a8:f0:2f:4c:42:1a:0f:b4:f2:b8:fc:ab:2b:
8c:17:e4:5f:77:7b:2d:b8:01:48:d0:ab:48:6e:b7:52:59:ed:
f9:ee:8f:e5:2a:07:07:a3:5d:99:6b:dd:f0:f3:0e:db:20:70:
ab:ed:5a:f5:68:fc:6f:88:4a:14:bd:90:9a:56:32:60:c8:b5:
2e:6b:5b:a7:44:2a:5b:11:c8:eb:c9:90:62:f0:ba:6c:da:36:
71:05:1e:a1:09:bf:9d:ad:8d:2f:3e:6b:67:bd:cb:57:87:da:
fb:64:25:ad:0e:f9:91:ac:be:54:a6:c0:f6:ee:8c:74:88:73:
26:b1:08:80:1a:12:d9:be:e0:2c:f2:c8:8b:8c:63:71:8e:5b:
2e:af:55:88:d1:c6:39:71:df:ec:9b:f6:f6:05:71:6c:84:7e:
d6:e4:e5:0e:9e:49:82:63:89:37:da:9a:f3:10:8e:70:da:60:
33:82:96:ee:59:da:68:e5:68:29:87:c1:ee:bc:9b:82:fd:9c:
7f:b9:c1:5f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQhsk63wIIzrFIF7ZZDBu+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2I5ZmI0MjJlZmExZWU0YWZhMmFlNGFjMzUzOGY4N2RkOTMyYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUJl61zsu44TlWAXtXPZCQEDJD2h
eL/4UOG3VU85fhLaWnBinzVLi/a83bSwGdvZHhgc2mpdr9PVTBI0Fk8QhmaHJsHH
h8uxRg+P31dCMOnvjULpfSzchHRY3XhlyMhwaAXXcntLuDtgZ/1kIToNzgSa70ks
sLTpzkSu+VAPe9l4Zr+xf1Vey/yBdqp4/pAb0fSNuHSwp7IR/nSvyaiQSGUmFdJx
W8A6awJfsVNR8/XPLVawxMfHXbmk/YUXXSqZABqkq3Fn4qHMmPyai+Vb7Pu1Hlew
Dx4UsLAyp/fNXyAfa+EoXxttrXitewR8L00krHHdQG4ODZWs/LClubbIBwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBe5+0Iu+h7kr6KuSsNTj4fdkyuoMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvRjduN1FpNzZIdVN2b3E1S3cxT1BoOTJUSzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVOUAwQB
uaaaAwQCucsEAwQAwkyIAwQAwkyKMA0GCSqGSIb3DQEBCwUAA4IBAQBh/x5+e6KX
pMPugpMbmHGyu3lrbKR4kDndrXkGJd+6NC057+2CwdG0HYquuE/reWeroaRcA2BC
8omecKjwL0xCGg+08rj8qyuMF+Rfd3stuAFI0KtIbrdSWe357o/lKgcHo12Za93w
8w7bIHCr7Vr1aPxviEoUvZCaVjJgyLUua1unRCpbEcjryZBi8Lps2jZxBR6hCb+d
rY0vPmtnvctXh9r7ZCWtDvmRrL5UpsD27ox0iHMmsQiAGhLZvuAs8siLjGNxjlsu
r1WI0cY5cd/sm/b2BXFshH7W5OUOnkmCY4k32przEI5w2mAzgpbuWdpo5Wgph8Hu
vJuC/Zx/ucFf
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:12:10 2025 by rpki-client