Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/fSa6XOKSw1xrH2ZWm68eMpAhB3Y.roa
File: fSa6XOKSw1xrH2ZWm68eMpAhB3Y.roa (raw, json)
Hash identifier: /jmFrW3hG2zuSAck3gHSfBef5/eDJHz1ih96/KeiOQE=
Subject key identifier: 7D:26:BA:5C:E2:92:C3:5C:6B:1F:66:56:9B:AF:1E:32:90:21:07:76
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 019509421DDC9EF9509A25C0B67F0091F615
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/fSa6XOKSw1xrH2ZWm68eMpAhB3Y.roa
Signing time: Sat 15 Feb 2025 10:58:02 +0000
ROA not before: Sat 15 Feb 2025 10:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59711
IP address blocks: 5.149.248.0/23 maxlen: 23
5.149.254.0/23 maxlen: 23
77.83.196.0/24 maxlen: 24
77.83.197.0/24 maxlen: 24
77.83.198.0/24 maxlen: 24
79.141.164.0/23 maxlen: 23
79.141.174.0/23 maxlen: 23
85.158.108.0/24 maxlen: 24
85.158.109.0/24 maxlen: 24
89.150.40.0/24 maxlen: 24
89.150.45.0/24 maxlen: 24
89.150.48.0/24 maxlen: 24
89.150.57.0/24 maxlen: 24
91.193.18.0/24 maxlen: 24
91.220.8.0/24 maxlen: 24
185.40.86.0/24 maxlen: 24
185.80.52.0/23 maxlen: 23
185.80.54.0/23 maxlen: 23
185.81.114.0/23 maxlen: 23
185.81.114.0/24 maxlen: 24
185.81.115.0/24 maxlen: 24
185.104.192.0/24 maxlen: 24
185.104.193.0/24 maxlen: 24
185.104.194.0/24 maxlen: 24
185.117.88.0/23 maxlen: 23
185.117.90.0/23 maxlen: 23
185.123.102.0/24 maxlen: 24
185.174.133.0/24 maxlen: 24
185.174.135.0/24 maxlen: 24
185.235.137.0/24 maxlen: 24
185.235.138.0/24 maxlen: 24
185.253.116.0/24 maxlen: 24
185.253.117.0/24 maxlen: 24
185.253.118.0/24 maxlen: 24
193.42.36.0/24 maxlen: 24
193.42.39.0/24 maxlen: 24
193.111.208.0/24 maxlen: 24
195.95.155.0/24 maxlen: 24
2a01:8640::/48 maxlen: 48
2a01:8640:2::/48 maxlen: 48
2a01:8640:6::/48 maxlen: 48
2a01:8640:9::/48 maxlen: 48
2a01:8640:a::/48 maxlen: 48
2a01:8640:f::/48 maxlen: 48
2a01:8640:11::/48 maxlen: 48
2a01:8640:12::/48 maxlen: 48
2a01:8640:13::/48 maxlen: 48
2a01:8640:14::/48 maxlen: 48
2a01:8640:15::/48 maxlen: 48
2a01:8640:1a::/48 maxlen: 48
2a01:8640:1b::/48 maxlen: 48
2a01:8640:1c::/48 maxlen: 48
2a01:8640:1d::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 19 Feb 2025 09:18:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:09:42:1d:dc:9e:f9:50:9a:25:c0:b6:7f:00:91:f6:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Feb 15 10:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d26ba5ce292c35c6b1f66569baf1e3290210776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d9:1a:b7:6b:fb:4e:07:8b:8d:14:cb:12:01:
a0:6e:4a:06:88:51:10:ea:90:1f:8a:72:19:8b:41:
95:d5:2c:10:96:27:c9:f5:4e:2f:20:f6:fa:4d:21:
65:3f:d6:e1:af:2b:a4:fb:d6:a6:f1:86:1b:5a:fa:
4d:28:48:7a:64:58:cd:aa:e3:f2:d5:79:6a:4e:03:
17:6e:44:43:64:f0:e0:be:0f:63:92:0f:19:ba:62:
bf:25:38:a1:97:d6:c5:2f:4a:a3:c3:10:44:89:71:
fe:3c:48:6b:cc:cd:cc:b7:c3:0d:83:4e:92:f7:17:
6c:ae:80:55:fa:62:4a:bc:92:91:7b:a8:25:41:57:
70:2d:4d:8f:03:d9:4a:f8:b6:4c:94:fd:8c:1c:0b:
1a:75:aa:5b:8b:85:1e:e9:b9:b8:89:04:cc:75:b5:
60:79:f1:d6:d4:be:0b:fd:9c:cb:f3:1e:f8:65:16:
cd:f7:c5:51:32:ed:97:ef:b4:5c:68:c5:77:b5:fb:
2a:e3:f9:4f:9e:e6:d7:bd:55:1f:1e:61:6e:12:9e:
95:14:92:98:56:aa:89:9b:d3:a6:c6:29:51:19:af:
ba:fb:3d:79:e2:f6:88:b0:12:aa:ea:85:d6:ed:8b:
ca:c3:b4:b2:f1:72:7d:63:06:74:b5:9d:58:75:5f:
d7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:26:BA:5C:E2:92:C3:5C:6B:1F:66:56:9B:AF:1E:32:90:21:07:76
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/fSa6XOKSw1xrH2ZWm68eMpAhB3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.248.0/23
5.149.254.0/23
77.83.196.0-77.83.198.255
79.141.164.0/23
79.141.174.0/23
85.158.108.0/23
89.150.40.0/24
89.150.45.0/24
89.150.48.0/24
89.150.57.0/24
91.193.18.0/24
91.220.8.0/24
185.40.86.0/24
185.80.52.0/22
185.81.114.0/23
185.104.192.0-185.104.194.255
185.117.88.0/22
185.123.102.0/24
185.174.133.0/24
185.174.135.0/24
185.235.137.0-185.235.138.255
185.253.116.0-185.253.118.255
193.42.36.0/24
193.42.39.0/24
193.111.208.0/24
195.95.155.0/24
IPv6:
2a01:8640::/48
2a01:8640:2::/48
2a01:8640:6::/48
2a01:8640:9::-2a01:8640:a:ffff:ffff:ffff:ffff:ffff
2a01:8640:f::/48
2a01:8640:11::-2a01:8640:15:ffff:ffff:ffff:ffff:ffff
2a01:8640:1a::-2a01:8640:1d:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2c:0d:ba:39:f9:13:82:a8:67:f3:49:75:02:f7:87:13:32:e5:
1d:26:fb:3d:85:45:0b:ba:27:ba:da:da:b9:87:69:b5:d7:61:
95:d4:1e:a8:c2:7a:fb:12:57:da:59:db:6b:b9:aa:20:7d:91:
d6:85:3e:fc:f6:8b:c5:51:20:dc:99:3e:ef:da:74:04:25:18:
29:16:4c:ab:77:a9:f8:82:7e:22:f1:21:e9:ab:99:be:53:06:
f3:9c:3a:a1:33:ff:1c:47:71:02:1f:b3:33:f4:95:02:8f:87:
d2:df:09:aa:9e:d2:33:0b:15:ee:25:6d:a9:71:2d:9d:f9:70:
35:b9:0c:a0:16:77:25:7d:24:81:66:3c:27:55:69:21:9c:b2:
00:a0:a6:b3:37:18:01:29:68:a7:b4:55:fa:d9:69:9c:5c:b8:
8a:81:9d:b6:6f:64:b1:4b:16:d7:f6:f6:f0:00:08:4b:c6:73:
47:1c:cf:e1:3c:c3:35:b2:4d:7d:bf:0b:db:a2:df:09:c9:46:
38:c4:82:ef:ba:a7:8a:d7:d9:dd:44:b5:db:8e:82:f5:19:94:
3e:50:1d:67:92:ca:41:ef:99:69:06:c7:d7:f6:c9:c8:0d:af:
6a:d0:ee:00:22:23:a3:35:ec:5c:ee:c3:59:19:27:86:ec:df:
05:5b:f7:c1
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgISAZUJQh3cnvlQmiXAtn8AkfYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjUwMjE1MTA1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDI2YmE1Y2UyOTJjMzVjNmIxZjY2NTY5YmFmMWUzMjkwMjEwNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNkat2v7TgeLjRTLEgGgbkoGiFEQ
6pAfinIZi0GV1SwQlifJ9U4vIPb6TSFlP9bhryuk+9am8YYbWvpNKEh6ZFjNquPy
1XlqTgMXbkRDZPDgvg9jkg8ZumK/JTihl9bFL0qjwxBEiXH+PEhrzM3Mt8MNg06S
9xdsroBV+mJKvJKRe6glQVdwLU2PA9lK+LZMlP2MHAsadapbi4Ue6bm4iQTMdbVg
efHW1L4L/ZzL8x74ZRbN98VRMu2X77RcaMV3tfsq4/lPnubXvVUfHmFuEp6VFJKY
VqqJm9OmxilRGa+6+z154vaIsBKq6oXW7YvKw7Sy8XJ9YwZ0tZ1YdV/XgwIDAQAB
o4IDLzCCAyswHQYDVR0OBBYEFH0mulziksNcax9mVpuvHjKQIQd2MB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvZlNhNlhPS1N3MXhySDJaV202OGVNcEFoQjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQwYIKwYBBQUHAQcBAf8EggEyMIIBLjCBwwQCAAEwgbwD
BAEFlfgDBAEFlf4wDAMEAk1TxAMEAE1TxgMEAU+NpAMEAU+NrgMEAVWebAMEAFmW
KAMEAFmWLQMEAFmWMAMEAFmWOQMEAFvBEgMEAFvcCAMEALkoVgMEArlQNAMEAblR
cjAMAwQGuWjAAwQAuWjCAwQCuXVYAwQAuXtmAwQAua6FAwQAua6HMAwDBAC564kD
BAC564owDAMEArn9dAMEALn9dgMEAMEqJAMEAMEqJwMEAMFv0AMEAMNfmzBmBAIA
AjBgAwcAKgGGQAAAAwcAKgGGQAACAwcAKgGGQAAGMBIDBwAqAYZAAAkDBwAqAYZA
AAoDBwAqAYZAAA8wEgMHACoBhkAAEQMHASoBhkAAFDASAwcBKgGGQAAaAwcBKgGG
QAAcMA0GCSqGSIb3DQEBCwUAA4IBAQAsDbo5+ROCqGfzSXUC94cTMuUdJvs9hUUL
uie62tq5h2m112GV1B6ownr7ElfaWdtruaogfZHWhT789ovFUSDcmT7v2nQEJRgp
Fkyrd6n4gn4i8SHpq5m+UwbznDqhM/8cR3ECH7Mz9JUCj4fS3wmqntIzCxXuJW2p
cS2d+XA1uQygFnclfSSBZjwnVWkhnLIAoKazNxgBKWintFX62WmcXLiKgZ22b2Sx
SxbX9vbwAAhLxnNHHM/hPMM1sk19vwvbot8JyUY4xILvuqeK19ndRLXbjoL1GZQ+
UB1nkspB75lpBsfX9snIDa9q0O4AIiOjNexc7sNZGSeG7N8FW/fB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:11 2025 by rpki-client