Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/fgGecFhTg-Af6NcWlyoD-hTFjmw.roa
File: fgGecFhTg-Af6NcWlyoD-hTFjmw.roa (raw, json)
Hash identifier: 4127dK+nuJJeWKgNRJpkDKtp+aYit3XATSumoeNOJhI=
Subject key identifier: 7E:01:9E:70:58:53:83:E0:1F:E8:D7:16:97:2A:03:FA:14:C5:8E:6C
Certificate issuer: /CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Certificate serial: 01924DA7B276FD5056AB2A368BE4A07B2CC9
Authority key identifier: 9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/fgGecFhTg-Af6NcWlyoD-hTFjmw.roa
Signing time: Wed 02 Oct 2024 14:34:48 +0000
ROA not before: Wed 02 Oct 2024 14:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43915
IP address blocks: 45.66.36.0/22 maxlen: 22
62.169.148.0/23 maxlen: 23
79.135.122.0/23 maxlen: 24
87.117.64.0/22 maxlen: 22
87.117.68.0/23 maxlen: 23
91.239.57.0/24 maxlen: 24
94.154.184.0/22 maxlen: 24
109.224.216.0/22 maxlen: 22
109.224.224.0/22 maxlen: 24
109.224.224.0/23 maxlen: 23
109.224.226.0/23 maxlen: 24
109.224.234.0/23 maxlen: 24
109.224.236.0/22 maxlen: 22
109.224.240.0/23 maxlen: 24
144.178.104.0/23 maxlen: 23
144.178.118.0/23 maxlen: 23
144.178.252.0/23 maxlen: 23
147.189.156.0/22 maxlen: 24
147.189.214.0/24 maxlen: 24
176.116.116.0/22 maxlen: 22
178.248.128.0/21 maxlen: 21
185.23.254.0/23 maxlen: 24
185.147.184.0/22 maxlen: 22
185.161.4.0/22 maxlen: 22
185.231.136.0/21 maxlen: 21
193.35.146.0/23 maxlen: 23
194.105.134.0/23 maxlen: 24
194.145.242.0/23 maxlen: 24
194.146.160.0/22 maxlen: 24
195.184.250.0/23 maxlen: 23
195.206.172.0/22 maxlen: 24
212.59.72.0/21 maxlen: 24
212.108.90.0/23 maxlen: 23
213.225.224.0/22 maxlen: 24
217.14.184.0/21 maxlen: 21
217.20.244.0/22 maxlen: 24
2a07:5940::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 23 Oct 2024 09:46:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:a7:b2:76:fd:50:56:ab:2a:36:8b:e4:a0:7b:2c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Validity
Not Before: Oct 2 14:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e019e70585383e01fe8d716972a03fa14c58e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f2:65:41:f0:85:60:43:63:8c:4c:9e:2b:2c:
40:9f:8a:47:86:6c:89:fa:6e:bf:d7:62:2d:2d:9a:
d4:74:71:07:3b:3b:b4:5f:e6:9a:7c:99:57:ca:0c:
60:81:c2:5b:c2:09:76:3d:38:b7:f6:b0:fe:75:47:
f5:94:2a:07:4f:e1:d7:7c:af:dc:30:1e:80:f2:41:
45:80:e5:d6:a3:b4:92:38:f7:1c:a1:9e:32:9a:89:
10:cd:c5:03:d5:9c:ec:b5:36:ee:99:02:e7:83:f7:
8d:f1:c1:7c:c8:b7:73:ff:b6:c7:4e:8d:9b:4f:5c:
64:cc:59:53:db:1b:e1:e4:71:7d:c8:bb:97:d7:f3:
87:30:38:f0:ca:15:26:9f:f4:32:a4:e4:cd:ea:c8:
90:14:86:1c:3b:e5:d9:25:71:f9:72:51:dc:34:8b:
06:dd:d9:cb:4f:d4:5c:36:ea:85:68:e1:f3:45:ce:
be:38:3b:e0:8d:4d:54:44:e9:8f:e6:48:52:03:91:
a0:b1:00:cb:05:bd:82:84:b2:32:37:39:e7:37:a8:
2c:3b:4c:3b:76:af:33:d5:2d:c7:f2:c2:18:23:e6:
92:eb:49:43:1b:30:eb:f7:10:7c:16:76:15:3b:43:
51:b8:70:b7:9a:03:3c:48:45:99:c5:e3:ca:59:c3:
03:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:01:9E:70:58:53:83:E0:1F:E8:D7:16:97:2A:03:FA:14:C5:8E:6C
X509v3 Authority Key Identifier:
keyid:9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/fgGecFhTg-Af6NcWlyoD-hTFjmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.36.0/22
62.169.148.0/23
79.135.122.0/23
87.117.64.0-87.117.69.255
91.239.57.0/24
94.154.184.0/22
109.224.216.0/22
109.224.224.0/22
109.224.234.0-109.224.241.255
144.178.104.0/23
144.178.118.0/23
144.178.252.0/23
147.189.156.0/22
147.189.214.0/24
176.116.116.0/22
178.248.128.0/21
185.23.254.0/23
185.147.184.0/22
185.161.4.0/22
185.231.136.0/21
193.35.146.0/23
194.105.134.0/23
194.145.242.0/23
194.146.160.0/22
195.184.250.0/23
195.206.172.0/22
212.59.72.0/21
212.108.90.0/23
213.225.224.0/22
217.14.184.0/21
217.20.244.0/22
IPv6:
2a07:5940::/32
Signature Algorithm: sha256WithRSAEncryption
d0:d6:cf:7c:90:fa:e6:55:b0:39:3c:93:db:a0:a4:40:a0:eb:
02:04:9f:fc:fb:bd:67:b4:13:2f:40:7e:70:65:a5:60:26:20:
75:f5:10:0d:c8:5d:14:23:05:32:97:b7:db:c4:8a:81:ee:d6:
a6:f0:21:34:c2:09:af:d6:60:16:bc:8f:f6:bb:da:0c:14:51:
82:f2:c2:ca:34:bf:54:5b:0f:f1:db:1a:cf:68:75:b2:50:c9:
67:59:99:f2:47:f5:bf:a7:17:eb:31:f3:2b:a2:25:2e:c0:a9:
b3:a2:17:85:73:21:e2:21:7b:f7:2f:02:6b:a9:ac:04:e8:70:
ac:f6:2f:e6:13:db:69:a8:20:35:02:b2:e5:cd:25:ce:8d:75:
ad:00:74:6e:73:5f:87:4d:bf:33:9b:65:bd:83:c5:2e:7c:f8:
12:74:ab:7f:58:cd:9c:2f:72:69:96:3a:46:39:e2:cb:de:9f:
5a:f8:d6:e5:13:2e:da:72:27:9a:9a:e3:30:7d:5c:fe:74:b5:
00:4f:43:d3:65:8b:cd:0d:57:04:41:48:52:c3:54:da:30:d2:
28:db:f4:fc:52:5e:94:b6:e9:a2:88:58:56:3e:2b:3a:59:31:
12:dd:a7:af:5c:76:66:5d:ad:6a:79:22:02:f2:85:84:df:80:
b0:dc:71:b4
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAZJNp7J2/VBWqyo2i+SgeyzJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjZhYzllZWIzYTJjZmEyZjZjYTNmNDEzZWZiOWNkZmZl
OTcyNGUwHhcNMjQxMDAyMTQzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTAxOWU3MDU4NTM4M2UwMWZlOGQ3MTY5NzJhMDNmYTE0YzU4ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfJlQfCFYENjjEyeKyxAn4pHhmyJ
+m6/12ItLZrUdHEHOzu0X+aafJlXygxggcJbwgl2PTi39rD+dUf1lCoHT+HXfK/c
MB6A8kFFgOXWo7SSOPccoZ4ymokQzcUD1ZzstTbumQLng/eN8cF8yLdz/7bHTo2b
T1xkzFlT2xvh5HF9yLuX1/OHMDjwyhUmn/QypOTN6siQFIYcO+XZJXH5clHcNIsG
3dnLT9RcNuqFaOHzRc6+ODvgjU1UROmP5khSA5GgsQDLBb2ChLIyNznnN6gsO0w7
dq8z1S3H8sIYI+aS60lDGzDr9xB8FnYVO0NRuHC3mgM8SEWZxePKWcMD/wIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFH4BnnBYU4PgH+jXFpcqA/oUxY5sMB8GA1UdIwQY
MBaAFJ8mrJ7rOiz6L2yj9BPvuc3/6XJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWIt
N2Q0MjY2Y2Y4MjJhLzEvZmdHZWNGaFRnLUFmNk5jV2x5b0QtaFRGam13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWItN2Q0MjY2Y2Y4MjJh
LzEvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCB0QQCAAEwgcoDBAIt
QiQDBAE+qZQDBAFPh3owDAMEBld1QAMEAVd1RAMEAFvvOQMEAl6auAMEAm3g2AME
Am3g4DAMAwQBbeDqAwQBbeDwAwQBkLJoAwQBkLJ2AwQBkLL8AwQCk72cAwQAk73W
AwQCsHR0AwQDsviAAwQBuRf+AwQCuZO4AwQCuaEEAwQDueeIAwQBwSOSAwQBwmmG
AwQBwpHyAwQCwpKgAwQBw7j6AwQCw86sAwQD1DtIAwQB1GxaAwQC1eHgAwQD2Q64
AwQC2RT0MA0EAgACMAcDBQAqB1lAMA0GCSqGSIb3DQEBCwUAA4IBAQDQ1s98kPrm
VbA5PJPboKRAoOsCBJ/8+71ntBMvQH5wZaVgJiB19RANyF0UIwUyl7fbxIqB7tam
8CE0wgmv1mAWvI/2u9oMFFGC8sLKNL9UWw/x2xrPaHWyUMlnWZnyR/W/pxfrMfMr
oiUuwKmzoheFcyHiIXv3LwJrqawE6HCs9i/mE9tpqCA1ArLlzSXOjXWtAHRuc1+H
Tb8zm2W9g8UufPgSdKt/WM2cL3JpljpGOeLL3p9a+NblEy7acieamuMwfVz+dLUA
T0PTZYvNDVcEQUhSw1TaMNIo2/T8Ul6UtumiiFhWPis6WTES3aevXHZmXa1qeSIC
8oWE34Cw3HG0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:19 2025 by rpki-client