Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/RfP108taZWT57VPnQ-qZ2b0fEZQ.roa
File: RfP108taZWT57VPnQ-qZ2b0fEZQ.roa (raw, json)
Hash identifier: SmXL6sQI9/QjcKM3IaJrqtiKSO1Z559LWKYo+0HoJ9o=
Subject key identifier: 45:F3:F5:D3:CB:5A:65:64:F9:ED:53:E7:43:EA:99:D9:BD:1F:11:94
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 0194236A342013567F5AD403921AC4ACE43E
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/RfP108taZWT57VPnQ-qZ2b0fEZQ.roa
Signing time: Wed 01 Jan 2025 19:49:10 +0000
ROA not before: Wed 01 Jan 2025 19:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203217
IP address blocks: 93.180.216.0/23 maxlen: 23
93.180.216.0/24 maxlen: 24
93.180.217.0/24 maxlen: 24
93.180.218.0/23 maxlen: 23
93.180.218.0/24 maxlen: 24
93.180.219.0/24 maxlen: 24
93.180.220.0/23 maxlen: 23
93.180.220.0/24 maxlen: 24
93.180.221.0/24 maxlen: 24
93.180.222.0/24 maxlen: 24
93.180.223.0/24 maxlen: 24
138.124.156.0/23 maxlen: 23
138.124.156.0/24 maxlen: 24
138.124.157.0/24 maxlen: 24
138.124.158.0/23 maxlen: 23
138.124.158.0/24 maxlen: 24
138.124.159.0/24 maxlen: 24
144.86.228.0/22 maxlen: 22
144.86.228.0/23 maxlen: 23
144.86.228.0/24 maxlen: 24
144.86.229.0/24 maxlen: 24
144.86.230.0/23 maxlen: 23
144.86.230.0/24 maxlen: 24
144.86.231.0/24 maxlen: 24
185.20.196.0/23 maxlen: 23
185.20.196.0/24 maxlen: 24
185.20.197.0/24 maxlen: 24
185.20.198.0/23 maxlen: 23
185.20.198.0/24 maxlen: 24
185.20.199.0/24 maxlen: 24
185.138.120.0/23 maxlen: 23
185.138.120.0/24 maxlen: 24
185.138.121.0/24 maxlen: 24
185.138.122.0/23 maxlen: 23
185.138.122.0/24 maxlen: 24
185.138.123.0/24 maxlen: 24
185.254.12.0/23 maxlen: 23
185.254.13.0/24 maxlen: 24
185.254.14.0/23 maxlen: 23
185.254.14.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
195.133.220.0/23 maxlen: 23
195.133.220.0/24 maxlen: 24
195.133.221.0/24 maxlen: 24
195.133.222.0/23 maxlen: 23
195.133.222.0/24 maxlen: 24
195.133.223.0/24 maxlen: 24
199.74.188.0/23 maxlen: 23
199.74.188.0/24 maxlen: 24
199.74.189.0/24 maxlen: 24
199.74.190.0/23 maxlen: 23
199.74.190.0/24 maxlen: 24
199.74.191.0/24 maxlen: 24
2a0b:1880::/48 maxlen: 48
2a0b:1880:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Jan 2025 06:15:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:34:20:13:56:7f:5a:d4:03:92:1a:c4:ac:e4:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Jan 1 19:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45f3f5d3cb5a6564f9ed53e743ea99d9bd1f1194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f3:e3:88:26:69:05:07:f6:40:57:2d:e3:a0:
fd:34:03:15:59:c5:ec:e5:a1:aa:0a:ee:3c:a9:2e:
22:40:1e:31:f5:b3:02:1a:8e:0b:45:f6:8b:d1:cc:
92:42:bf:65:bd:07:ba:eb:6f:a8:c1:19:4b:c6:f5:
38:57:51:d4:da:34:b6:49:4a:1f:35:0e:3d:fc:e0:
5f:0f:9a:74:91:07:ec:b6:91:e0:fc:cc:98:3b:e0:
1e:90:b5:23:b8:eb:fe:5f:31:e0:dc:ee:21:3e:3d:
c0:30:d7:ff:15:ab:6a:dc:ba:79:28:94:fa:2f:81:
ca:af:db:13:0a:5a:d5:82:28:91:df:b7:75:1b:96:
9f:dd:f2:c7:ab:2f:40:0a:4b:a9:10:ca:27:a1:f0:
8f:f8:ea:cb:38:b7:65:8d:33:c3:5c:0b:ed:37:1a:
84:3e:4d:94:c4:6b:85:3e:da:ee:3a:1a:ea:c6:c6:
ac:b9:78:49:93:ef:d9:60:66:a7:89:cd:22:91:01:
d0:32:05:58:31:cb:24:06:6d:0c:ff:41:df:5d:bd:
77:2c:e8:e0:f5:0f:81:c1:55:81:61:44:2f:ea:22:
2e:ff:36:6f:b2:ac:96:05:fe:40:64:db:2e:9a:b9:
3f:53:10:12:a0:90:bc:47:d7:55:69:62:1e:92:3a:
60:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F3:F5:D3:CB:5A:65:64:F9:ED:53:E7:43:EA:99:D9:BD:1F:11:94
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/RfP108taZWT57VPnQ-qZ2b0fEZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
138.124.156.0/22
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
185.254.12.0/22
195.133.220.0/22
199.74.188.0/22
IPv6:
2a0b:1880::/47
Signature Algorithm: sha256WithRSAEncryption
1f:2b:90:0c:c4:18:a8:d9:db:22:4e:eb:00:1f:0e:b1:c4:34:
0e:82:b1:34:55:1b:ac:e6:6b:fb:d5:b2:a4:76:2e:cc:c5:2e:
ec:0f:f5:dc:da:00:08:fe:a7:28:fe:b7:2a:3a:ab:83:99:1d:
73:f6:84:96:b3:0c:ee:8e:41:69:e2:07:70:c6:e7:f1:ac:33:
29:cc:a1:12:85:92:5b:51:76:d5:a0:93:ec:02:b6:17:c9:95:
07:e4:e9:e7:28:f3:09:c1:40:94:90:75:a0:fc:f6:20:3b:c4:
a3:44:31:39:74:a5:18:22:02:2a:ca:3f:1e:d9:95:78:35:d7:
fc:eb:99:01:fc:5f:f0:45:cc:25:dc:f8:ea:36:7b:cd:6c:2a:
c3:f9:15:d1:d5:27:95:ba:9f:38:25:c2:3e:27:9e:3e:b3:33:
93:0d:31:f4:2e:0c:fe:35:e9:1e:9c:69:df:8d:18:99:a0:9e:
28:f1:8a:65:3c:a6:82:74:97:ee:c2:e6:8f:d1:4a:77:9d:25:
6a:83:0d:2a:3d:0a:86:3b:34:22:34:ca:92:5d:5e:5d:24:ea:
d5:94:61:d5:12:01:f3:77:a6:2f:bf:fd:8a:3e:84:d4:a5:3f:
e9:2d:bc:e5:b4:70:8c:ee:a8:fe:6d:9d:47:d0:99:fb:09:c8:
4e:5e:51:0f
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZQjajQgE1Z/WtQDkhrErOQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjUwMTAxMTk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWYzZjVkM2NiNWE2NTY0ZjllZDUzZTc0M2VhOTlkOWJkMWYxMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/PjiCZpBQf2QFct46D9NAMVWcXs
5aGqCu48qS4iQB4x9bMCGo4LRfaL0cySQr9lvQe662+owRlLxvU4V1HU2jS2SUof
NQ49/OBfD5p0kQfstpHg/MyYO+AekLUjuOv+XzHg3O4hPj3AMNf/Fatq3Lp5KJT6
L4HKr9sTClrVgiiR37d1G5af3fLHqy9ACkupEMonofCP+OrLOLdljTPDXAvtNxqE
Pk2UxGuFPtruOhrqxsasuXhJk+/ZYGanic0ikQHQMgVYMcskBm0M/0HfXb13LOjg
9Q+BwVWBYUQv6iIu/zZvsqyWBf5AZNsumrk/UxASoJC8R9dVaWIekjpgjwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFEXz9dPLWmVk+e1T50Pqmdm9HxGUMB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvUmZQMTA4dGFaV1Q1N1ZQblEtcVoyYjBmRVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQDXbTYAwQC
inycAwQCkFbkAwQCuRTEAwQCuYp4AwQCuf4MAwQCw4XcAwQCx0q8MA8EAgACMAkD
BwEqCxiAAAAwDQYJKoZIhvcNAQELBQADggEBAB8rkAzEGKjZ2yJO6wAfDrHENA6C
sTRVG6zma/vVsqR2LszFLuwP9dzaAAj+pyj+tyo6q4OZHXP2hJazDO6OQWniB3DG
5/GsMynMoRKFkltRdtWgk+wCthfJlQfk6eco8wnBQJSQdaD89iA7xKNEMTl0pRgi
AirKPx7ZlXg11/zrmQH8X/BFzCXc+Oo2e81sKsP5FdHVJ5W6nzglwj4nnj6zM5MN
MfQuDP416R6cad+NGJmgnijximU8poJ0l+7C5o/RSnedJWqDDSo9CoY7NCI0ypJd
Xl0k6tWUYdUSAfN3pi+//Yo+hNSlP+ktvOW0cIzuqP5tnUfQmfsJyE5eUQ8=
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:56:24 2025 by rpki-client