Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/9XDbL3s3fgJNlCGXod8NnNLvTDo.roa
File: 9XDbL3s3fgJNlCGXod8NnNLvTDo.roa (raw, json)
Hash identifier: VyyPKIQwS9q5hjv8GHeOaJDWIAHwoSH/jKibLLbnJps=
Subject key identifier: F5:70:DB:2F:7B:37:7E:02:4D:94:21:97:A1:DF:0D:9C:D2:EF:4C:3A
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 018FA63724A221792CB7D94A54131EAF7B7E
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/9XDbL3s3fgJNlCGXod8NnNLvTDo.roa
Signing time: Thu 23 May 2024 16:09:42 +0000
ROA not before: Thu 23 May 2024 16:09:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48716
IP address blocks: 77.240.38.0/23 maxlen: 24
77.243.80.0/23 maxlen: 24
78.40.108.0/23 maxlen: 24
85.202.194.0/23 maxlen: 24
89.219.32.0/22 maxlen: 24
91.147.92.0/22 maxlen: 22
91.147.92.0/24 maxlen: 24
91.147.93.0/24 maxlen: 24
91.147.94.0/24 maxlen: 24
91.147.95.0/24 maxlen: 24
91.147.104.0/22 maxlen: 24
91.201.214.0/23 maxlen: 24
91.215.136.0/22 maxlen: 24
91.215.136.0/24 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.139.0/24 maxlen: 32
94.247.128.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
185.4.180.0/22 maxlen: 24
185.22.64.0/22 maxlen: 24
185.35.222.0/23 maxlen: 24
185.102.72.0/22 maxlen: 24
185.146.0.0/22 maxlen: 24
194.32.140.0/22 maxlen: 24
194.39.64.0/22 maxlen: 24
194.39.64.0/23 maxlen: 24
194.39.66.0/24 maxlen: 24
194.39.67.0/24 maxlen: 24
194.110.54.0/23 maxlen: 24
195.49.209.0/24 maxlen: 24
195.49.210.0/23 maxlen: 23
195.49.210.0/24 maxlen: 24
195.49.211.0/24 maxlen: 24
195.49.212.0/22 maxlen: 22
195.49.212.0/24 maxlen: 24
195.49.213.0/24 maxlen: 24
195.49.214.0/24 maxlen: 24
195.49.215.0/24 maxlen: 24
195.93.152.0/23 maxlen: 24
195.210.46.0/23 maxlen: 24
2a00:5da0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 May 2024 17:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a6:37:24:a2:21:79:2c:b7:d9:4a:54:13:1e:af:7b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: May 23 16:09:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f570db2f7b377e024d942197a1df0d9cd2ef4c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e3:9a:cc:4c:61:f4:7f:97:8c:74:f6:de:e2:
16:8e:d4:95:89:ef:6a:1f:7e:3a:6e:30:47:1b:90:
c2:e7:89:ed:bb:4a:89:53:93:f5:36:21:48:de:d4:
1b:f5:ce:bd:2f:1e:72:f1:39:b7:d2:39:13:f4:fc:
50:2b:8a:6c:0c:f4:5d:db:e9:39:8d:b2:ba:4e:dc:
16:09:7a:47:ef:a6:8f:dd:1c:09:b6:d2:38:52:6a:
7e:20:ab:5f:db:e7:e9:1f:d2:fb:f1:5e:ce:71:33:
fe:1b:b3:c3:16:73:5c:92:de:7e:63:47:7e:22:16:
48:a7:f6:fd:a2:bb:c8:44:8c:33:1d:84:50:52:6d:
a7:ee:35:3d:30:51:06:3c:d9:3f:ef:63:3b:13:d7:
8f:bd:0c:cc:df:77:14:07:a0:49:56:ac:1f:94:36:
e4:65:6e:63:ef:e4:c4:5e:04:14:62:a6:a9:e4:20:
43:ae:64:80:51:8f:84:50:8d:04:8d:38:21:c0:7e:
f1:2c:7c:cf:e3:a1:36:6f:32:7a:c2:dd:cf:4a:e4:
70:f1:7f:eb:e5:71:be:c3:b4:f4:33:f2:cc:cd:ba:
2b:c1:b1:5b:fc:0a:f2:0d:d7:84:db:6d:03:1a:55:
b1:a2:6f:a4:20:d9:e3:41:43:c8:4d:80:f1:da:d1:
35:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:70:DB:2F:7B:37:7E:02:4D:94:21:97:A1:DF:0D:9C:D2:EF:4C:3A
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/9XDbL3s3fgJNlCGXod8NnNLvTDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.38.0/23
77.243.80.0/23
78.40.108.0/23
85.202.194.0/23
89.219.32.0/22
91.147.92.0/22
91.147.104.0/22
91.201.214.0/23
91.215.136.0/22
94.247.128.0/21
109.233.108.0/22
185.4.180.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.32.140.0/22
194.39.64.0/22
194.110.54.0/23
195.49.209.0-195.49.215.255
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:14:ff:a0:52:d0:fa:ee:ac:68:79:8b:98:29:c3:17:6f:24:
2f:74:3e:ee:9d:97:5e:a9:a6:04:fe:82:ba:a6:45:5a:ad:d2:
31:ad:00:1b:05:ba:b6:7f:7c:4c:3a:61:d3:0d:86:b5:f4:58:
d9:3a:81:be:a0:92:8d:e7:d4:20:cf:ed:77:b2:17:ca:94:30:
13:df:fa:09:c4:75:f4:a0:35:1d:8c:86:20:24:d7:86:20:14:
2f:a5:6f:a6:1e:1e:53:bb:1b:df:da:50:80:dd:9d:50:ce:1d:
16:5d:a0:41:59:14:b4:e1:e1:df:13:58:d5:b1:eb:14:de:7a:
e1:73:48:f4:5e:bc:d6:9e:8a:f1:94:07:5b:8a:a3:d3:17:0b:
c0:87:2d:5f:13:ed:80:8a:72:09:b8:6e:72:dc:a5:96:08:d8:
88:de:0d:22:8b:d7:6e:69:39:0b:30:1e:75:e4:1c:af:79:aa:
97:04:b4:ac:6b:84:8b:e6:8a:57:ff:05:db:f7:15:8f:69:e8:
f0:a0:bd:e7:f0:b5:2e:8a:c8:a7:49:e7:9c:b9:b1:c5:e4:d2:
fb:74:cb:f0:1d:c1:ef:c2:8f:6e:e8:78:9a:af:71:ba:24:bc:
fa:2f:9d:80:a1:5a:7a:b3:cb:ba:cd:26:05:66:b0:9e:a9:09:
e2:98:11:83
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAY+mNySiIXkst9lKVBMer3t+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjQwNTIzMTYwOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTcwZGIyZjdiMzc3ZTAyNGQ5NDIxOTdhMWRmMGQ5Y2QyZWY0YzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OOazExh9H+XjHT23uIWjtSVie9q
H346bjBHG5DC54ntu0qJU5P1NiFI3tQb9c69Lx5y8Tm30jkT9PxQK4psDPRd2+k5
jbK6TtwWCXpH76aP3RwJttI4Ump+IKtf2+fpH9L78V7OcTP+G7PDFnNckt5+Y0d+
IhZIp/b9orvIRIwzHYRQUm2n7jU9MFEGPNk/72M7E9ePvQzM33cUB6BJVqwflDbk
ZW5j7+TEXgQUYqap5CBDrmSAUY+EUI0EjTghwH7xLHzP46E2bzJ6wt3PSuRw8X/r
5XG+w7T0M/LMzborwbFb/AryDdeE220DGlWxom+kINnjQUPITYDx2tE14QIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFPVw2y97N34CTZQhl6HfDZzS70w6MB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvOVhEYkwzczNmZ0pObENHWG9kOE5uTkx2VERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAFN
8CYDBAFN81ADBAFOKGwDBAFVysIDBAJZ2yADBAJbk1wDBAJbk2gDBAFbydYDBAJb
14gDBANe94ADBAJt6WwDBAK5BLQDBAK5FkADBAG5I94DBAK5ZkgDBAK5kgADBALC
IIwDBALCJ0ADBAHCbjYwDAMEAMMx0QMEA8Mx0AMEAcNdmAMEAcPSLjANBAIAAjAH
AwUAKgBdoDANBgkqhkiG9w0BAQsFAAOCAQEAPxT/oFLQ+u6saHmLmCnDF28kL3Q+
7p2XXqmmBP6CuqZFWq3SMa0AGwW6tn98TDph0w2GtfRY2TqBvqCSjefUIM/td7IX
ypQwE9/6CcR19KA1HYyGICTXhiAUL6Vvph4eU7sb39pQgN2dUM4dFl2gQVkUtOHh
3xNY1bHrFN564XNI9F681p6K8ZQHW4qj0xcLwIctXxPtgIpyCbhuctyllgjYiN4N
IovXbmk5CzAedeQcr3mqlwS0rGuEi+aKV/8F2/cVj2no8KC95/C1LorIp0nnnLmx
xeTS+3TL8B3B78KPbuh4mq9xuiS8+i+dgKFaerPLus0mBWawnqkJ4pgRgw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:30:52 2025 by rpki-client