Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/Fd2jXGHSTJ3DhMfJB-9TwjI2cEU.roa
File: Fd2jXGHSTJ3DhMfJB-9TwjI2cEU.roa (raw, json)
Hash identifier: fjDYmMh/i4M/FGBTMI9ZrQheASSKOTdVNoo1GWVF4z8=
Subject key identifier: 15:DD:A3:5C:61:D2:4C:9D:C3:84:C7:C9:07:EF:53:C2:32:36:70:45
Certificate issuer: /CN=2c40fcd53987b209f8af39ca1211f27060a8902e
Certificate serial: 018CC7268AE8B38654222E9A64C914C1F120
Authority key identifier: 2C:40:FC:D5:39:87:B2:09:F8:AF:39:CA:12:11:F2:70:60:A8:90:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LED81TmHsgn4rznKEhHycGCokC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/Fd2jXGHSTJ3DhMfJB-9TwjI2cEU.roa
Signing time: Mon 01 Jan 2024 22:30:41 +0000
ROA not before: Mon 01 Jan 2024 22:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208800
IP address blocks: 188.116.29.0/24 maxlen: 24
188.116.28.0/24 maxlen: 24
188.116.28.0/22 maxlen: 22
188.116.31.0/24 maxlen: 24
188.116.30.0/24 maxlen: 24
77.242.240.0/24 maxlen: 24
77.242.240.0/23 maxlen: 23
77.242.240.0/22 maxlen: 22
77.242.240.0/21 maxlen: 21
77.242.242.0/24 maxlen: 24
77.242.242.0/23 maxlen: 23
77.242.241.0/24 maxlen: 24
77.242.245.0/24 maxlen: 24
77.242.244.0/22 maxlen: 22
77.242.244.0/23 maxlen: 23
77.242.244.0/24 maxlen: 24
77.242.243.0/24 maxlen: 24
77.242.246.0/24 maxlen: 24
77.242.246.0/23 maxlen: 23
77.242.253.0/24 maxlen: 24
77.242.249.0/24 maxlen: 24
77.242.248.0/24 maxlen: 24
77.242.247.0/24 maxlen: 24
77.242.251.0/24 maxlen: 24
77.242.250.0/24 maxlen: 24
77.242.255.0/24 maxlen: 24
91.201.4.0/24 maxlen: 24
91.201.4.0/22 maxlen: 22
91.201.7.0/24 maxlen: 24
91.201.6.0/24 maxlen: 24
91.201.5.0/24 maxlen: 24
2a0e:6e80::/44 maxlen: 44
Validation: Failed, certificate revoked on Fri 05 Apr 2024 05:59:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:8a:e8:b3:86:54:22:2e:9a:64:c9:14:c1:f1:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c40fcd53987b209f8af39ca1211f27060a8902e
Validity
Not Before: Jan 1 22:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15dda35c61d24c9dc384c7c907ef53c232367045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c2:aa:b1:aa:f3:7b:88:45:4a:f7:80:87:93:
ed:29:2c:b3:52:5a:08:42:d2:22:b0:76:1a:13:b7:
30:9b:0c:c6:9d:07:fa:71:ef:f7:85:5f:4f:34:cf:
51:02:8e:73:a2:26:9c:2e:4c:c3:ac:ea:90:42:e5:
a9:37:59:90:ab:bd:4d:dc:10:44:b0:4a:fb:73:d7:
d7:9d:ac:2a:ac:49:bb:6e:ef:83:9b:44:93:fd:92:
b4:22:4e:fe:34:1f:8d:97:5a:30:18:ce:fd:fb:5a:
74:58:27:a8:5c:0a:36:04:37:5a:10:ee:37:55:8f:
0a:e7:b8:cd:53:39:9f:0f:4d:0b:76:54:20:48:4b:
6f:0a:e2:84:5c:36:b2:65:90:db:ac:21:16:e5:93:
4d:f1:4b:c4:56:0c:d3:ce:96:e1:13:0f:6f:74:38:
83:bf:da:a5:da:1e:c2:27:55:f4:3b:13:2a:83:b1:
70:2a:6a:70:43:eb:ba:77:a0:a8:0e:a5:4f:d0:97:
cd:ad:8c:c6:f9:89:bd:60:3d:1a:b9:4f:c6:da:48:
6f:74:5b:84:62:cd:1c:d3:90:08:93:4d:92:3a:8c:
1e:32:7a:bc:30:ad:80:9e:fe:36:18:d2:60:cc:f5:
18:98:65:f2:ae:89:bd:d1:3c:39:29:72:c6:66:16:
8a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:DD:A3:5C:61:D2:4C:9D:C3:84:C7:C9:07:EF:53:C2:32:36:70:45
X509v3 Authority Key Identifier:
keyid:2C:40:FC:D5:39:87:B2:09:F8:AF:39:CA:12:11:F2:70:60:A8:90:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LED81TmHsgn4rznKEhHycGCokC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/Fd2jXGHSTJ3DhMfJB-9TwjI2cEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/709fc9-68ef-411e-a1cc-e1e807ecd4df/1/LED81TmHsgn4rznKEhHycGCokC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.240.0-77.242.251.255
77.242.253.0/24
77.242.255.0/24
91.201.4.0/22
188.116.28.0/22
IPv6:
2a0e:6e80::/44
Signature Algorithm: sha256WithRSAEncryption
09:de:60:9a:63:ed:0c:90:5e:e3:fe:de:27:a9:2b:b6:c9:f5:
a5:d8:c1:97:b2:f0:eb:ec:ba:4f:0e:cb:21:fd:15:90:15:0b:
fe:e1:02:dc:a2:9c:0c:72:d2:81:2a:62:a3:a8:50:39:e8:cb:
3b:18:6c:84:4c:24:9a:f8:74:77:fd:fa:3c:c0:d1:17:72:83:
af:b0:7d:fd:c5:4a:63:6c:c3:f4:d1:8a:6e:d4:80:2c:ae:46:
c3:c4:93:ee:47:94:eb:77:8e:f2:cc:ac:ee:43:ea:55:f7:be:
f5:aa:b0:27:30:30:29:b9:56:a7:1d:bf:8a:c1:05:5b:3c:46:
1e:dc:43:36:e2:af:e9:f0:c0:2a:ea:29:6e:72:a6:8e:86:7f:
f5:4d:83:dc:d4:9f:94:ec:fe:9b:94:6a:e7:3a:24:7a:0b:fa:
54:1e:68:8f:39:6a:29:bd:79:df:74:b1:cd:31:3a:87:3e:42:
11:ba:2d:e7:73:da:67:d4:fc:33:ec:df:d6:7f:6c:54:b2:66:
d5:2c:16:69:e4:3a:09:75:85:b5:be:8f:cd:9e:b4:c2:62:0d:
74:2b:da:02:b2:df:d0:1f:f6:7a:48:e9:2a:68:bd:f1:4f:3c:
5a:4e:01:f2:ce:ab:53:12:3b:1a:5e:b1:75:db:c0:40:70:d6:
7e:39:5a:47
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzHJoros4ZUIi6aZMkUwfEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNDBmY2Q1Mzk4N2IyMDlmOGFmMzljYTEyMTFmMjcwNjBh
ODkwMmUwHhcNMjQwMTAxMjIzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWRkYTM1YzYxZDI0YzlkYzM4NGM3YzkwN2VmNTNjMjMyMzY3MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMKqsarze4hFSveAh5PtKSyzUloI
QtIisHYaE7cwmwzGnQf6ce/3hV9PNM9RAo5zoiacLkzDrOqQQuWpN1mQq71N3BBE
sEr7c9fXnawqrEm7bu+Dm0ST/ZK0Ik7+NB+Nl1owGM79+1p0WCeoXAo2BDdaEO43
VY8K57jNUzmfD00LdlQgSEtvCuKEXDayZZDbrCEW5ZNN8UvEVgzTzpbhEw9vdDiD
v9ql2h7CJ1X0OxMqg7FwKmpwQ+u6d6CoDqVP0JfNrYzG+Ym9YD0auU/G2khvdFuE
Ys0c05AIk02SOoweMnq8MK2Anv42GNJgzPUYmGXyrom90Tw5KXLGZhaKewIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFBXdo1xh0kydw4THyQfvU8IyNnBFMB8GA1UdIwQY
MBaAFCxA/NU5h7IJ+K85yhIR8nBgqJAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEVEODFUbUhzZ240cnpuS0VoSHljR0Nva0M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy83MDlmYzktNjhlZi00MTFlLWExY2Mt
ZTFlODA3ZWNkNGRmLzEvRmQyalhHSFNUSjNEaE1mSkItOVR3akkyY0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy83MDlmYzktNjhlZi00MTFlLWExY2MtZTFlODA3ZWNkNGRm
LzEvTEVEODFUbUhzZ240cnpuS0VoSHljR0Nva0M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmMAwDBARN8vAD
BAJN8vgDBABN8v0DBABN8v8DBAJbyQQDBAK8dBwwDwQCAAIwCQMHBCoOboAAADAN
BgkqhkiG9w0BAQsFAAOCAQEACd5gmmPtDJBe4/7eJ6krtsn1pdjBl7Lw6+y6Tw7L
If0VkBUL/uEC3KKcDHLSgSpio6hQOejLOxhshEwkmvh0d/36PMDRF3KDr7B9/cVK
Y2zD9NGKbtSALK5Gw8ST7keU63eO8sys7kPqVfe+9aqwJzAwKblWpx2/isEFWzxG
HtxDNuKv6fDAKuopbnKmjoZ/9U2D3NSflOz+m5Rq5zokegv6VB5ojzlqKb1533Sx
zTE6hz5CEbot53PaZ9T8M+zf1n9sVLJm1SwWaeQ6CXWFtb6PzZ60wmINdCvaArLf
0B/2ekjpKmi98U88Wk4B8s6rUxI7Gl6xddvAQHDWfjlaRw==
-----END CERTIFICATE-----
Generated at Fri Apr 5 09:45:33 2024 by rpki-client on console-fra.rpki-client.org