Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/fomnf2q6dTxaYPlzmK9GQmcVmoU.roa
File: fomnf2q6dTxaYPlzmK9GQmcVmoU.roa (raw, json)
Hash identifier: 3yV6if5D/rruC31AbRwT9dtHdNIrn3ve9oEdCyvP6BY=
Subject key identifier: 7E:89:A7:7F:6A:BA:75:3C:5A:60:F9:73:98:AF:46:42:67:15:9A:85
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 018ECF970D73177CF1A42B74FBF38C3B7A20
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/fomnf2q6dTxaYPlzmK9GQmcVmoU.roa
Signing time: Thu 11 Apr 2024 23:56:06 +0000
ROA not before: Thu 11 Apr 2024 23:56:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211309
IP address blocks: 46.227.152.0/21 maxlen: 21
81.88.64.0/21 maxlen: 21
82.148.168.0/21 maxlen: 21
82.148.176.0/20 maxlen: 20
109.169.112.0/21 maxlen: 21
185.176.244.0/23 maxlen: 23
185.176.244.0/24 maxlen: 24
185.176.245.0/24 maxlen: 24
185.190.36.0/24 maxlen: 24
2a0a:2780::/31 maxlen: 31
2a0a:2780::/32 maxlen: 32
2a0a:2781::/32 maxlen: 32
2a10:d640::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 May 2024 13:38:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cf:97:0d:73:17:7c:f1:a4:2b:74:fb:f3:8c:3b:7a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Apr 11 23:56:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e89a77f6aba753c5a60f97398af464267159a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:86:35:20:81:ad:4c:ca:7c:32:6e:a1:c2:4b:
e4:3c:62:ca:02:ca:c2:15:b9:21:8c:6c:be:0a:1c:
ea:91:53:67:f2:34:60:d3:46:40:25:0d:bd:03:26:
a4:03:56:d6:e7:9b:fb:00:2b:b8:66:53:4e:a0:73:
89:fb:04:6e:fd:68:52:72:b9:48:fa:89:82:53:2c:
75:28:23:74:40:47:89:56:49:07:52:e9:c9:43:d2:
4f:ed:70:41:2b:20:34:d7:3f:90:af:2e:a9:65:99:
37:10:a0:82:6b:c9:cc:9c:5e:a0:1c:80:8a:43:bc:
75:a7:0a:2c:d1:61:d4:da:72:c2:5a:1d:79:90:64:
8d:fc:03:94:2d:a7:79:fd:75:5c:4d:3d:61:e5:1f:
b4:dc:72:f4:0d:7c:15:d4:a4:0c:b6:7f:f7:cd:01:
08:e0:dc:94:cd:e9:0a:5b:4c:aa:4d:1c:29:a6:4d:
74:11:f4:10:cd:2e:ee:03:97:36:3a:f4:82:b3:85:
c0:20:00:53:3b:28:15:88:1f:2f:54:d7:01:d0:fc:
b1:97:5f:ec:71:80:e9:5e:4b:df:06:9b:e6:28:b7:
ba:bb:70:d1:96:42:5f:e0:0c:66:e3:1d:b1:05:b0:
47:04:92:f8:25:b2:26:32:73:5a:b3:03:c8:63:fb:
90:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:89:A7:7F:6A:BA:75:3C:5A:60:F9:73:98:AF:46:42:67:15:9A:85
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/fomnf2q6dTxaYPlzmK9GQmcVmoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
81.88.64.0/21
82.148.168.0-82.148.191.255
109.169.112.0/21
185.176.244.0/23
185.190.36.0/24
IPv6:
2a0a:2780::/31
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
6c:77:43:6c:0e:18:18:b6:e4:3d:cb:86:8a:86:38:dc:d7:ae:
53:c4:77:9c:59:04:32:2f:0c:96:93:d2:14:6c:60:44:97:c1:
94:1f:dc:12:76:9e:00:52:ad:1c:c0:96:2f:15:b1:84:60:e5:
53:bb:84:cd:6a:d1:47:52:93:ef:24:e5:cf:e7:37:69:9a:99:
80:16:dc:0a:e6:f0:b0:99:b2:1b:b8:68:af:41:b3:01:8a:0f:
01:7f:0c:37:c0:f6:92:cb:fa:d2:14:b8:ca:5a:25:10:62:e2:
b6:63:85:45:e4:7e:52:6e:c1:9f:62:2e:a2:b5:90:5c:5b:d7:
59:99:55:36:8b:fb:15:88:e3:5a:75:b7:cd:13:01:76:55:f3:
78:f9:6b:74:2a:89:4e:62:6e:f9:5c:c5:69:bf:eb:b9:fc:43:
ce:b5:6a:9e:cb:0e:79:83:5f:7f:3a:01:4d:7b:5f:43:1b:48:
60:6a:10:d9:8e:5a:6c:9a:6e:0b:29:fc:47:bf:91:33:33:a0:
a6:5d:b7:48:5c:0a:b0:e5:06:7f:c8:f7:bb:1b:8e:ce:e1:26:
31:d2:e7:d2:75:f0:c8:44:65:b0:82:81:a8:fc:e7:bb:f7:2e:
b5:b2:92:7d:fd:ad:eb:31:e9:47:0a:e4:5f:c2:66:a7:6e:f6:
89:73:98:b7
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY7Plw1zF3zxpCt0+/OMO3ogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjQwNDExMjM1NjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTg5YTc3ZjZhYmE3NTNjNWE2MGY5NzM5OGFmNDY0MjY3MTU5YTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04Y1IIGtTMp8Mm6hwkvkPGLKAsrC
FbkhjGy+ChzqkVNn8jRg00ZAJQ29AyakA1bW55v7ACu4ZlNOoHOJ+wRu/WhScrlI
+omCUyx1KCN0QEeJVkkHUunJQ9JP7XBBKyA01z+Qry6pZZk3EKCCa8nMnF6gHICK
Q7x1pwos0WHU2nLCWh15kGSN/AOULad5/XVcTT1h5R+03HL0DXwV1KQMtn/3zQEI
4NyUzekKW0yqTRwppk10EfQQzS7uA5c2OvSCs4XAIABTOygViB8vVNcB0Pyxl1/s
cYDpXkvfBpvmKLe6u3DRlkJf4Axm4x2xBbBHBJL4JbImMnNaswPIY/uQEQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFH6Jp39qunU8WmD5c5ivRkJnFZqFMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvZm9tbmYycTZkVHhhWVBsem1LOUdRbWNWbW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAyBAIAATAsAwQDLuOYAwQD
UVhAMAwDBANSlKgDBAZSlIADBANtqXADBAG5sPQDBAC5viQwFAQCAAIwDgMFASoK
J4ADBQMqENZAMA0GCSqGSIb3DQEBCwUAA4IBAQBsd0NsDhgYtuQ9y4aKhjjc165T
xHecWQQyLwyWk9IUbGBEl8GUH9wSdp4AUq0cwJYvFbGEYOVTu4TNatFHUpPvJOXP
5zdpmpmAFtwK5vCwmbIbuGivQbMBig8Bfww3wPaSy/rSFLjKWiUQYuK2Y4VF5H5S
bsGfYi6itZBcW9dZmVU2i/sViONadbfNEwF2VfN4+Wt0KolOYm75XMVpv+u5/EPO
tWqeyw55g19/OgFNe19DG0hgahDZjlpsmm4LKfxHv5EzM6CmXbdIXAqw5QZ/yPe7
G47O4SYx0ufSdfDIRGWwgoGo/Oe79y61spJ9/a3rMelHCuRfwmanbvaJc5i3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:09 2024 by rpki-client on console-fra.rpki-client.org