Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/FtKbR38G8zatlZU3bEqhJNlvMZY.roa
File: FtKbR38G8zatlZU3bEqhJNlvMZY.roa (raw, json)
Hash identifier: seqC6Q/fAoPvtv/t2Lje0QFCf3pzBIWjSudnn/oCCfo=
Subject key identifier: 16:D2:9B:47:7F:06:F3:36:AD:95:95:37:6C:4A:A1:24:D9:6F:31:96
Certificate issuer: /CN=3fe14329b6c1e695011a82406f7af48f4bb10ad4
Certificate serial: 018CC64B206C3295919D0BFB072724CAE742
Authority key identifier: 3F:E1:43:29:B6:C1:E6:95:01:1A:82:40:6F:7A:F4:8F:4B:B1:0A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/FtKbR38G8zatlZU3bEqhJNlvMZY.roa
Signing time: Mon 01 Jan 2024 18:31:01 +0000
ROA not before: Mon 01 Jan 2024 18:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202543
IP address blocks: 185.246.170.0/24 maxlen: 24
185.246.169.0/24 maxlen: 24
185.246.168.0/24 maxlen: 24
45.154.178.0/24 maxlen: 24
45.154.177.0/24 maxlen: 24
45.154.176.0/24 maxlen: 24
45.154.179.0/24 maxlen: 24
2a14:2984::/30 maxlen: 30
2a0f:3980::/30 maxlen: 30
2a14:2980::/30 maxlen: 30
2a0f:3984::/30 maxlen: 30
2a0f:c300::/30 maxlen: 30
2a0f:c304::/30 maxlen: 30
Validation: Failed, certificate revoked on Thu 22 Feb 2024 11:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:20:6c:32:95:91:9d:0b:fb:07:27:24:ca:e7:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fe14329b6c1e695011a82406f7af48f4bb10ad4
Validity
Not Before: Jan 1 18:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16d29b477f06f336ad9595376c4aa124d96f3196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:01:3c:68:0f:26:aa:d8:f9:04:75:be:f0:02:
04:42:d6:ae:af:70:46:a9:00:a1:e1:28:7c:7c:75:
59:a9:a9:84:4e:97:3f:10:85:89:a2:66:fd:42:fb:
df:ee:a5:f3:e1:d5:d7:ca:c6:39:9b:83:f8:66:a6:
a2:cd:14:0d:9e:65:6c:08:d9:cf:a7:14:68:5d:6a:
78:f9:fa:68:1a:17:81:d2:0b:65:c4:37:f3:97:df:
dd:7b:71:db:1a:83:9c:b1:58:81:3b:ec:ab:4d:03:
1c:7b:31:f5:d8:24:56:80:26:43:bc:18:0b:5b:82:
e6:bb:5d:44:1e:c9:64:1e:67:3d:21:ec:c1:db:ab:
9d:9b:00:d5:84:a0:d0:56:1e:2b:3f:9f:b6:17:97:
16:9d:1f:12:a2:9d:4e:bd:43:18:6b:7f:cb:f3:ed:
da:29:38:ed:95:5b:a5:3c:0c:4e:2b:e1:6c:3a:c3:
06:62:02:ce:8c:f0:b5:fa:ac:ed:b7:0c:e0:e5:43:
70:fc:90:4a:37:ba:6b:1a:c4:26:00:f3:2a:05:09:
6a:fc:58:e6:1c:14:63:48:02:b5:5f:fb:93:2e:69:
46:19:2a:8f:2b:3f:82:06:62:54:43:3e:91:d0:e8:
fe:37:52:4d:c9:87:16:86:23:7a:be:7a:fa:f4:63:
ed:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D2:9B:47:7F:06:F3:36:AD:95:95:37:6C:4A:A1:24:D9:6F:31:96
X509v3 Authority Key Identifier:
keyid:3F:E1:43:29:B6:C1:E6:95:01:1A:82:40:6F:7A:F4:8F:4B:B1:0A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/FtKbR38G8zatlZU3bEqhJNlvMZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.176.0/22
185.246.168.0-185.246.170.255
IPv6:
2a0f:3980::/29
2a0f:c300::/29
2a14:2980::/29
Signature Algorithm: sha256WithRSAEncryption
87:56:a6:a2:d5:e6:b9:d4:e8:32:b6:5c:65:46:9a:c9:be:97:
ae:80:14:25:d3:dd:db:4f:54:11:99:c9:f5:9f:5b:a7:4e:a7:
d7:84:6e:de:15:8e:db:b2:c0:ca:5a:1c:1c:40:f5:8d:13:ab:
81:a7:cb:fe:24:81:e5:2f:aa:79:a4:7e:66:6f:d7:04:4e:03:
c3:32:10:33:db:9e:bb:39:f3:4e:e4:43:7b:8d:30:2b:3b:15:
71:26:4d:0c:0a:46:3e:eb:d5:05:67:10:10:8f:01:9a:10:0d:
e5:35:7a:51:cc:d3:d1:a5:17:44:88:7e:7b:46:d7:a8:49:32:
12:e8:cd:dd:3d:15:94:f0:db:45:06:1d:c8:ca:92:84:59:f7:
a3:ea:4f:39:04:94:1b:12:5b:0c:3e:1d:44:19:23:33:17:80:
ec:03:01:92:d5:c8:42:a1:71:88:4d:5b:99:66:e4:1a:8e:97:
60:19:ce:9c:0c:9a:fe:ca:b4:f5:f9:b0:93:23:ef:15:e6:86:
03:f0:d7:c5:24:44:57:d3:40:6f:ee:52:3d:fa:45:b3:1a:22:
38:22:54:99:d5:57:eb:66:00:4a:4a:e4:27:90:01:22:1a:e1:
b1:dd:3a:e6:92:79:0c:38:27:af:b7:4f:ea:2b:e8:09:09:7d:
2f:7b:4c:8f
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzGSyBsMpWRnQv7ByckyudCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZTE0MzI5YjZjMWU2OTUwMTFhODI0MDZmN2FmNDhmNGJi
MTBhZDQwHhcNMjQwMTAxMTgzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQyOWI0NzdmMDZmMzM2YWQ5NTk1Mzc2YzRhYTEyNGQ5NmYzMTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwE8aA8mqtj5BHW+8AIEQtaur3BG
qQCh4Sh8fHVZqamETpc/EIWJomb9Qvvf7qXz4dXXysY5m4P4ZqaizRQNnmVsCNnP
pxRoXWp4+fpoGheB0gtlxDfzl9/de3HbGoOcsViBO+yrTQMcezH12CRWgCZDvBgL
W4Lmu11EHslkHmc9IezB26udmwDVhKDQVh4rP5+2F5cWnR8Sop1OvUMYa3/L8+3a
KTjtlVulPAxOK+FsOsMGYgLOjPC1+qzttwzg5UNw/JBKN7prGsQmAPMqBQlq/Fjm
HBRjSAK1X/uTLmlGGSqPKz+CBmJUQz6R0Oj+N1JNyYcWhiN6vnr69GPtqQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFBbSm0d/BvM2rZWVN2xKoSTZbzGWMB8GA1UdIwQY
MBaAFD/hQym2weaVARqCQG969I9LsQrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC1GREtiYkI1cFVCR29KQWIzcjBqMHV4Q3RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMGM2YzQtYWIyOC00NDA1LWI2OTQt
YzNkNTdlMjM4N2NhLzEvRnRLYlIzOEc4emF0bFpVM2JFcWhKTmx2TVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMGM2YzQtYWIyOC00NDA1LWI2OTQtYzNkNTdlMjM4N2Nh
LzEvUC1GREtiYkI1cFVCR29KQWIzcjBqMHV4Q3RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAaBAIAATAUAwQCLZqwMAwD
BAO59qgDBAC59qowGwQCAAIwFQMFAyoPOYADBQMqD8MAAwUDKhQpgDANBgkqhkiG
9w0BAQsFAAOCAQEAh1amotXmudToMrZcZUaayb6XroAUJdPd209UEZnJ9Z9bp06n
14Ru3hWO27LAylocHED1jROrgafL/iSB5S+qeaR+Zm/XBE4DwzIQM9ueuznzTuRD
e40wKzsVcSZNDApGPuvVBWcQEI8BmhAN5TV6UczT0aUXRIh+e0bXqEkyEujN3T0V
lPDbRQYdyMqShFn3o+pPOQSUGxJbDD4dRBkjMxeA7AMBktXIQqFxiE1bmWbkGo6X
YBnOnAya/sq09fmwkyPvFeaGA/DXxSREV9NAb+5SPfpFsxoiOCJUmdVX62YASkrk
J5ABIhrhsd065pJ5DDgnr7dP6ivoCQl9L3tMjw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:38 2025 by rpki-client