Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/b76Y0n5HqXrh3_VjChWPMGpK-fs.roa
File: b76Y0n5HqXrh3_VjChWPMGpK-fs.roa (raw, json)
Hash identifier: WyitPfZX46jE0R5q8hInd6xxygqrz7nGayJ32kVD6N8=
Subject key identifier: 6F:BE:98:D2:7E:47:A9:7A:E1:DF:F5:63:0A:15:8F:30:6A:4A:F9:FB
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018EF5B5F35A75E4BA17F86F62A2CD0BB717
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/b76Y0n5HqXrh3_VjChWPMGpK-fs.roa
Signing time: Fri 19 Apr 2024 09:35:25 +0000
ROA not before: Fri 19 Apr 2024 09:35:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:ed00::/29 maxlen: 29
2a0f:f900::/29 maxlen: 29
2a13:a440::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 19 Apr 2024 13:35:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:b5:f3:5a:75:e4:ba:17:f8:6f:62:a2:cd:0b:b7:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Apr 19 09:35:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fbe98d27e47a97ae1dff5630a158f306a4af9fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:06:26:20:85:34:0b:50:e4:6d:a7:07:fb:52:
f5:c2:8b:3e:d5:24:08:4f:ab:98:be:b4:b8:19:d1:
d8:41:dd:fe:a1:a6:56:cb:b7:05:e3:80:10:8d:88:
9c:8e:b9:32:e0:ab:fd:9a:f7:b8:cb:b2:79:e4:a3:
57:64:14:c1:07:c3:32:29:0c:eb:ce:e6:99:9e:d6:
a0:85:f5:d6:0a:cb:42:d5:e3:84:6d:de:db:71:9b:
2c:36:09:61:67:91:e1:c5:9d:02:7c:a5:8c:93:70:
d2:9f:66:63:5f:59:65:fd:05:af:89:70:20:b0:cc:
aa:cf:e1:49:48:23:77:b8:91:42:b9:51:6f:0b:8e:
0d:6b:6d:e9:59:74:ee:d4:ab:93:e0:8b:79:fc:a7:
2e:82:d5:67:cb:05:2e:2b:cc:5a:5e:74:69:a4:ad:
56:51:df:7a:09:e7:58:89:ff:f0:d1:87:f6:a6:6e:
31:11:8e:1b:2c:6f:6b:ec:c0:9e:de:1e:47:18:fa:
d2:e7:f8:13:31:b6:2c:25:af:eb:9c:54:e6:fe:00:
2f:36:51:6b:0c:32:e9:1b:89:ea:50:ec:81:d3:26:
d7:35:ae:11:7f:5c:24:97:a3:31:25:82:fe:0e:ab:
dd:4d:a9:82:c2:95:6c:39:be:74:c4:9f:23:b3:ca:
3d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BE:98:D2:7E:47:A9:7A:E1:DF:F5:63:0A:15:8F:30:6A:4A:F9:FB
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/b76Y0n5HqXrh3_VjChWPMGpK-fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.107.0/24
45.131.0.0/23
45.131.3.0/24
45.136.5.0/24
45.141.148.0/24
45.147.44.0/24
77.83.200.0/22
194.116.228.0/24
194.116.236.0/23
194.146.26.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440::/29
Signature Algorithm: sha256WithRSAEncryption
7e:dd:af:89:b8:f9:e2:9c:2d:0c:5c:05:8e:f1:35:b2:d6:15:
90:59:5a:0d:a5:2b:da:9c:7d:fa:0d:93:5e:f8:f2:78:05:c3:
9a:a8:5a:34:fc:62:37:2b:72:c3:4a:c8:08:d8:99:ef:f0:65:
e1:f3:a4:8f:06:50:60:6a:ad:ab:bc:59:15:a6:9a:dd:7c:dc:
90:ea:11:dd:78:dc:ee:98:d3:4e:45:d3:bd:ce:d4:62:b5:da:
82:c6:65:ef:17:87:ed:02:6f:e9:4a:70:ed:db:cd:19:64:97:
da:4b:36:48:ed:fa:6c:59:35:ff:04:f1:a9:5b:81:bb:50:dd:
c0:a9:a9:da:d6:06:ae:9b:0f:17:88:26:b5:60:c0:11:99:b3:
c8:7b:4e:b9:c2:05:d3:2e:12:87:be:b3:a3:ca:71:1b:af:2b:
fc:11:68:69:5d:45:91:fb:91:55:38:e2:31:05:da:54:4b:09:
55:b5:5b:09:f0:dd:ea:ee:a2:83:7a:3d:ba:d1:87:91:98:6e:
13:ac:ef:48:e3:bf:66:51:c0:aa:39:69:3b:51:56:5e:c1:02:
b5:a2:e2:9c:c4:e4:0a:f1:48:90:38:ee:fe:ba:07:15:f8:05:
40:e3:68:f4:be:32:47:8c:32:8c:b7:78:d6:a0:e3:25:ed:f4:
24:78:49:f7
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAY71tfNadeS6F/hvYqLNC7cXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwNDE5MDkzNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmJlOThkMjdlNDdhOTdhZTFkZmY1NjMwYTE1OGYzMDZhNGFmOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngYmIIU0C1DkbacH+1L1wos+1SQI
T6uYvrS4GdHYQd3+oaZWy7cF44AQjYicjrky4Kv9mve4y7J55KNXZBTBB8MyKQzr
zuaZntaghfXWCstC1eOEbd7bcZssNglhZ5HhxZ0CfKWMk3DSn2ZjX1ll/QWviXAg
sMyqz+FJSCN3uJFCuVFvC44Na23pWXTu1KuT4It5/KcugtVnywUuK8xaXnRppK1W
Ud96CedYif/w0Yf2pm4xEY4bLG9r7MCe3h5HGPrS5/gTMbYsJa/rnFTm/gAvNlFr
DDLpG4nqUOyB0ybXNa4Rf1wkl6MxJYL+DqvdTamCwpVsOb50xJ8js8o9XQIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFG++mNJ+R6l64d/1YwoVjzBqSvn7MB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvYjc2WTBuNUhxWHJoM19WakNoV1BNR3BLLWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBOBAIAATBIAwQABbRr
AwQBLYMAAwQALYMDAwQALYgFAwQALY2UAwQALZMsAwQCTVPIAwQAwnTkAwQBwnTs
AwQAwpIaAwQAwpIkAwQAwpIvMDAEAgACMCoDBQMqCYeAAwUDKg/pAAMFAyoP6wAD
BQMqD+0AAwUDKg/5AAMFAyoTpEAwDQYJKoZIhvcNAQELBQADggEBAH7dr4m4+eKc
LQxcBY7xNbLWFZBZWg2lK9qcffoNk1748ngFw5qoWjT8YjcrcsNKyAjYme/wZeHz
pI8GUGBqrau8WRWmmt183JDqEd143O6Y005F073O1GK12oLGZe8Xh+0Cb+lKcO3b
zRlkl9pLNkjt+mxZNf8E8albgbtQ3cCpqdrWBq6bDxeIJrVgwBGZs8h7TrnCBdMu
Eoe+s6PKcRuvK/wRaGldRZH7kVU44jEF2lRLCVW1Wwnw3eruooN6PbrRh5GYbhOs
70jjv2ZRwKo5aTtRVl7BArWi4pzE5ArxSJA47v66BxX4BUDjaPS+MkeMMoy3eNag
4yXt9CR4Sfc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:47 2025 by rpki-client