Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FmpSd-wfMRxx4Kl-ZstloozDPNA.roa
File: FmpSd-wfMRxx4Kl-ZstloozDPNA.roa (raw, json)
Hash identifier: 2hskqhO3sdL0nrkzDkAXc5P0feuqN+9FqgzfNLCc3dY=
Subject key identifier: 16:6A:52:77:EC:1F:31:1C:71:E0:A9:7E:66:CB:65:A2:8C:C3:3C:D0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCE9C7173755050EC5AF4AFB30320F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FmpSd-wfMRxx4Kl-ZstloozDPNA.roa
Signing time: Tue 02 Jan 2024 06:29:30 +0000
ROA not before: Tue 02 Jan 2024 06:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48917
IP address blocks: 91.92.106.0/23 maxlen: 23
87.121.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:e9:c7:17:37:55:05:0e:c5:af:4a:fb:30:32:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=166a5277ec1f311c71e0a97e66cb65a28cc33cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e1:ee:29:c5:fb:76:fa:87:e4:47:41:0d:6b:
01:31:4a:4d:5c:33:79:a1:98:c1:a1:0d:55:0f:98:
78:bf:40:b2:f1:ca:0f:ba:11:6b:d5:4c:4c:27:50:
5b:61:25:eb:f1:1f:2b:c9:ac:a6:e6:74:64:bd:ab:
33:98:c9:2d:2b:89:ee:3a:73:c7:80:08:e4:15:bb:
b0:21:d0:06:90:b5:b2:77:06:93:1a:98:85:14:bf:
21:70:f6:f9:59:9a:bb:c3:4b:3e:5e:f1:56:1f:b9:
c4:fb:66:62:5c:ce:69:ee:bc:2f:50:bf:3d:df:bc:
fb:89:c9:a0:20:bc:57:a2:9e:89:20:51:8d:d6:7a:
b5:a3:14:72:45:66:cb:39:f8:a5:83:2a:09:16:00:
7f:26:3c:64:c5:50:98:62:8e:2c:82:a2:9a:9f:23:
3e:62:1b:01:18:39:81:ab:b1:e7:18:4a:1a:ca:33:
18:40:51:cf:9d:2e:36:b7:ae:d9:0b:f8:48:0a:82:
ae:70:87:7f:61:71:c7:10:39:83:64:dc:04:60:f8:
a9:07:3a:c0:3f:c2:2b:cb:ab:06:fc:cc:70:ea:d6:
58:c8:72:91:12:79:60:24:57:9f:5a:78:83:ae:4d:
cb:8d:64:f9:be:78:f3:22:c9:e1:b5:5a:8c:2a:d6:
e5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:6A:52:77:EC:1F:31:1C:71:E0:A9:7E:66:CB:65:A2:8C:C3:3C:D0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FmpSd-wfMRxx4Kl-ZstloozDPNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.119.0/24
91.92.106.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:5c:44:dd:75:d8:3b:20:6b:09:d5:2f:80:ff:b0:47:f2:5f:
b1:f8:ab:2e:70:5b:e4:6b:5d:b6:39:18:74:7b:98:13:50:7e:
43:94:50:d4:4d:97:04:61:3a:19:cc:f3:5d:8f:20:85:06:b3:
71:f5:66:1f:c9:14:b7:46:81:e2:98:80:44:b8:c3:93:85:e2:
06:86:d7:a6:f8:34:e6:aa:53:cc:87:52:a1:f8:94:f8:c0:14:
dc:63:9a:7d:46:f2:4d:b2:fd:b4:27:bd:81:92:64:a2:08:f0:
f9:26:ec:3c:b5:b3:67:40:da:bd:80:fb:7a:be:49:87:c2:b4:
09:f8:bb:7c:d4:45:2c:8f:25:ed:3b:8a:9f:8f:55:94:fb:50:
32:c5:dc:cd:b7:bc:ba:59:62:df:7e:6f:52:0b:d5:37:f7:7d:
e2:3b:3e:f9:f8:78:95:b4:c6:1d:e7:2b:5b:fd:31:24:f4:a5:
b5:4b:df:61:09:2c:6d:fc:c8:54:c2:19:b5:b5:10:73:a3:04:
3b:2a:f3:de:da:15:63:c2:56:d5:17:7e:4e:2b:78:2f:f2:ae:
b7:4a:a2:c0:a2:3f:85:6d:d1:90:7f:d7:b7:74:cf:5d:4b:84:
dd:b5:13:9f:29:44:44:f0:6b:27:00:91:90:ed:f2:56:cc:01:
65:e2:03:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3OnHFzdVBQ7Fr0r7MDIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjZhNTI3N2VjMWYzMTFjNzFlMGE5N2U2NmNiNjVhMjhjYzMzY2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOHuKcX7dvqH5EdBDWsBMUpNXDN5
oZjBoQ1VD5h4v0Cy8coPuhFr1UxMJ1BbYSXr8R8ryaym5nRkvaszmMktK4nuOnPH
gAjkFbuwIdAGkLWydwaTGpiFFL8hcPb5WZq7w0s+XvFWH7nE+2ZiXM5p7rwvUL89
37z7icmgILxXop6JIFGN1nq1oxRyRWbLOfilgyoJFgB/JjxkxVCYYo4sgqKanyM+
YhsBGDmBq7HnGEoayjMYQFHPnS42t67ZC/hICoKucId/YXHHEDmDZNwEYPipBzrA
P8Iry6sG/Mxw6tZYyHKREnlgJFefWniDrk3LjWT5vnjzIsnhtVqMKtblLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBZqUnfsHzEcceCpfmbLZaKMwzzQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRm1wU2Qtd2ZNUnh4NEtsLVpzdGxvb3pEUE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV3l3AwQB
W1xqMA0GCSqGSIb3DQEBCwUAA4IBAQA8XETdddg7IGsJ1S+A/7BH8l+x+KsucFvk
a122ORh0e5gTUH5DlFDUTZcEYToZzPNdjyCFBrNx9WYfyRS3RoHimIBEuMOTheIG
htem+DTmqlPMh1Kh+JT4wBTcY5p9RvJNsv20J72BkmSiCPD5Juw8tbNnQNq9gPt6
vkmHwrQJ+Lt81EUsjyXtO4qfj1WU+1AyxdzNt7y6WWLffm9SC9U3933iOz75+HiV
tMYd5ytb/TEk9KW1S99hCSxt/MhUwhm1tRBzowQ7KvPe2hVjwlbVF35OK3gv8q63
SqLAoj+FbdGQf9e3dM9dS4TdtROfKURE8GsnAJGQ7fJWzAFl4gMc
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:23:16 2025 by rpki-client