Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/fgpes9fma4kp2J3PhS5ffnsR8cc.roa
File: fgpes9fma4kp2J3PhS5ffnsR8cc.roa (raw, json)
Hash identifier: s3gE2c+7yL+8G5ST7odF8mtkMpjfnBME1x8UyY0Lq+M=
Subject key identifier: 7E:0A:5E:B3:D7:E6:6B:89:29:D8:9D:CF:85:2E:5F:7E:7B:11:F1:C7
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018F63EA65436156CCE5F32063779A35392F
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/fgpes9fma4kp2J3PhS5ffnsR8cc.roa
Signing time: Fri 10 May 2024 19:10:56 +0000
ROA not before: Fri 10 May 2024 19:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:ed00::/29 maxlen: 29
2a0f:f900::/29 maxlen: 29
2a13:a440::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 May 2024 21:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:63:ea:65:43:61:56:cc:e5:f3:20:63:77:9a:35:39:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: May 10 19:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e0a5eb3d7e66b8929d89dcf852e5f7e7b11f1c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:52:79:28:a4:3a:ce:e5:2d:68:ff:60:bd:e2:
6e:7b:ed:6b:da:34:67:a0:9c:90:bc:37:a6:d6:57:
4a:25:87:0c:2d:93:d4:01:cb:92:99:71:7a:2b:6d:
5b:d3:2e:07:8f:5f:5d:c1:34:7e:74:e6:bd:e7:b6:
91:e6:b3:0f:50:b2:4a:b6:ec:8e:d5:76:1a:f6:f4:
99:3f:e5:30:50:26:c5:e7:46:60:e7:ca:ca:af:83:
f9:b3:a6:13:91:d1:41:a8:01:3e:7d:03:18:a4:26:
2e:30:5c:bb:a9:c6:66:c6:30:66:8a:b5:47:58:d5:
b6:2a:fb:21:37:b2:c5:51:5b:7e:b8:71:49:cd:90:
5b:0d:b1:ce:dc:0e:19:92:15:41:d5:49:e1:6b:6a:
56:80:57:c4:31:8e:f9:bc:2b:ba:02:b9:a6:f3:2b:
9e:ed:1b:80:9a:f3:34:02:4e:cb:f7:36:c0:22:0d:
6f:8a:da:cc:2a:29:b6:3e:93:80:59:62:d3:17:da:
40:d1:2b:ae:ca:32:ce:b5:c2:1e:17:65:4d:46:eb:
b9:e7:7c:17:28:70:b4:98:51:35:77:c1:3a:ed:34:
c8:27:3b:99:e3:5e:fe:fb:0a:ca:af:0e:9f:c7:3d:
d1:05:5f:bd:c5:fb:d5:c1:39:eb:4b:af:c9:22:2d:
5a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:0A:5E:B3:D7:E6:6B:89:29:D8:9D:CF:85:2E:5F:7E:7B:11:F1:C7
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/fgpes9fma4kp2J3PhS5ffnsR8cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.107.0/24
45.131.0.0/23
45.141.148.0/24
45.147.44.0/24
77.83.200.0/22
194.116.228.0/24
194.116.236.0/23
194.146.26.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440::/32
Signature Algorithm: sha256WithRSAEncryption
6b:f4:cb:72:61:e9:18:d4:36:19:66:63:0c:88:bd:a9:db:03:
03:23:1b:02:bf:fb:aa:c7:d2:9a:33:a2:44:f6:89:61:6a:42:
77:a0:27:0e:36:06:7e:d0:78:b7:dc:c4:03:9b:9c:31:4f:7c:
7d:e0:ef:38:44:ad:18:24:3e:01:5c:e3:8d:16:22:6c:51:8d:
73:f3:93:4e:5d:9d:b8:a5:bb:0f:73:fd:92:29:5c:a8:09:91:
c7:93:03:26:33:70:2e:5c:18:49:e0:34:6b:93:b3:d3:35:cb:
5b:02:9d:23:5c:01:9c:52:24:04:59:5e:f6:32:1e:64:2b:1a:
50:81:55:4a:a9:58:df:93:08:e3:cc:72:bb:11:c8:ca:6d:6b:
d0:5b:dd:a0:15:2e:ff:b3:f3:36:3a:aa:c4:84:82:87:27:54:
a5:18:50:06:9a:3f:56:63:26:ba:6c:ea:40:f0:f6:c0:ca:11:
e7:f8:e1:dd:f7:3e:4a:77:65:31:d4:31:d2:45:6a:bc:f0:b9:
89:46:fc:42:15:53:b9:86:11:0f:26:3f:33:e4:d2:c3:93:2d:
35:43:fe:81:76:1a:e2:e3:74:5e:88:8c:f3:8f:b0:ef:20:00:
fc:e6:ea:98:61:54:a2:bd:e0:37:92:68:73:cc:d9:2e:b9:3a:
ff:43:7c:a7
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAY9j6mVDYVbM5fMgY3eaNTkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwNTEwMTkxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTBhNWViM2Q3ZTY2Yjg5MjlkODlkY2Y4NTJlNWY3ZTdiMTFmMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1J5KKQ6zuUtaP9gveJue+1r2jRn
oJyQvDem1ldKJYcMLZPUAcuSmXF6K21b0y4Hj19dwTR+dOa957aR5rMPULJKtuyO
1XYa9vSZP+UwUCbF50Zg58rKr4P5s6YTkdFBqAE+fQMYpCYuMFy7qcZmxjBmirVH
WNW2KvshN7LFUVt+uHFJzZBbDbHO3A4ZkhVB1Unha2pWgFfEMY75vCu6Armm8yue
7RuAmvM0Ak7L9zbAIg1vitrMKim2PpOAWWLTF9pA0SuuyjLOtcIeF2VNRuu553wX
KHC0mFE1d8E67TTIJzuZ417++wrKrw6fxz3RBV+9xfvVwTnrS6/JIi1awQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFH4KXrPX5muJKdidz4UuX357EfHHMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvZmdwZXM5Zm1hNGtwMkozUGhTNWZmbnNSOGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wQgQCAAEwPAMEAAW0awME
AS2DAAMEAC2NlAMEAC2TLAMEAk1TyAMEAMJ05AMEAcJ07AMEAMKSGgMEAMKSJAME
AMKSLzA3BAIAAjAxAwUDKgmHgAMFAyoPtwADBQMqD+kAAwUDKg/rAAMFAyoP7QAD
BQMqD/kAAwUAKhOkQDANBgkqhkiG9w0BAQsFAAOCAQEAa/TLcmHpGNQ2GWZjDIi9
qdsDAyMbAr/7qsfSmjOiRPaJYWpCd6AnDjYGftB4t9zEA5ucMU98feDvOEStGCQ+
AVzjjRYibFGNc/OTTl2duKW7D3P9kilcqAmRx5MDJjNwLlwYSeA0a5Oz0zXLWwKd
I1wBnFIkBFle9jIeZCsaUIFVSqlY35MI48xyuxHIym1r0FvdoBUu/7PzNjqqxISC
hydUpRhQBpo/VmMmumzqQPD2wMoR5/jh3fc+SndlMdQx0kVqvPC5iUb8QhVTuYYR
DyY/M+TSw5MtNUP+gXYa4uN0XoiM84+w7yAA/ObqmGFUor3gN5Joc8zZLrk6/0N8
pw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:56 2025 by rpki-client