Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/4fCQs45eSbHPq-vF-L5L1G2QTpk.roa
File: 4fCQs45eSbHPq-vF-L5L1G2QTpk.roa (raw, json)
Hash identifier: fDSQzvrv5i8EAdi5WmXe39XNcj1NZmgw2vD+I2bSTxw=
Subject key identifier: E1:F0:90:B3:8E:5E:49:B1:CF:AB:EB:C5:F8:BE:4B:D4:6D:90:4E:99
Certificate issuer: /CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Certificate serial: 019423D7EAAB1CE5B5C2C384CB7E6B8BC926
Authority key identifier: 84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/4fCQs45eSbHPq-vF-L5L1G2QTpk.roa
Signing time: Wed 01 Jan 2025 21:49:00 +0000
ROA not before: Wed 01 Jan 2025 21:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20640
IP address blocks: 217.173.128.0/19 maxlen: 23
2001:4b88::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Mar 2025 13:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:ea:ab:1c:e5:b5:c2:c3:84:cb:7e:6b:8b:c9:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Validity
Not Before: Jan 1 21:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1f090b38e5e49b1cfabebc5f8be4bd46d904e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9e:5f:a3:b8:b6:b3:2e:15:bb:c3:f8:aa:c9:
6b:21:72:c6:90:fb:30:21:90:23:02:b3:61:91:71:
91:f6:e1:d3:da:bd:22:4e:85:26:2f:ba:d8:9d:73:
26:51:8f:77:75:e1:36:62:2b:1f:ed:29:4a:90:3f:
18:16:bd:41:fb:9d:7a:9b:06:1f:40:3c:59:4a:ae:
2c:07:63:9a:cb:60:01:dc:a0:b2:27:dc:24:39:23:
87:19:93:2d:ae:0c:5e:0f:e1:4a:ed:03:8d:68:aa:
79:a1:73:f7:ea:1f:8f:77:e1:e1:92:57:03:63:ab:
11:ae:d9:9a:4f:7b:3b:d2:d1:97:a8:bf:6a:9d:3f:
be:91:9c:05:64:ee:fd:4b:12:98:ad:5e:24:0a:05:
bf:83:6b:2a:91:ad:21:eb:d2:58:2e:c3:a2:e9:92:
a8:7b:19:2d:1c:6d:02:df:f4:4e:60:a8:a9:5f:66:
38:31:e1:af:41:02:3f:61:2c:a4:65:7b:6c:47:c2:
6a:29:46:22:b4:cc:f3:4f:9a:f9:57:b3:0f:a5:2f:
5c:76:07:1e:29:9a:d7:4f:fa:bb:74:3d:db:00:9d:
ef:3f:bc:4b:47:08:13:11:bb:a7:8e:d1:ee:ed:26:
56:36:87:fb:fd:ef:b5:04:89:a3:f1:37:1b:58:bc:
5d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F0:90:B3:8E:5E:49:B1:CF:AB:EB:C5:F8:BE:4B:D4:6D:90:4E:99
X509v3 Authority Key Identifier:
keyid:84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/4fCQs45eSbHPq-vF-L5L1G2QTpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.173.128.0/19
IPv6:
2001:4b88::/32
Signature Algorithm: sha256WithRSAEncryption
74:b8:71:79:3c:8b:ff:77:ed:52:5c:10:71:1e:9e:fa:bb:9e:
41:fa:b6:a0:4a:49:d5:c3:bf:97:c8:3c:32:86:d2:ad:f8:45:
ff:b7:ac:60:a0:1a:fd:93:f9:7d:09:a0:13:bd:6f:1e:fc:75:
52:cc:81:4f:6c:a7:12:24:8a:e1:73:db:67:42:27:3f:3a:08:
91:e8:e6:18:47:1a:3a:26:01:8a:86:bf:1a:c3:96:97:6e:49:
88:46:1a:9c:19:9c:e6:03:31:0b:25:f3:b8:2b:1e:83:6b:46:
04:bb:a9:9d:f8:b3:96:ed:4f:ec:f8:5c:d8:78:8a:a9:f6:ac:
cf:47:f1:a7:40:da:68:6c:55:27:73:fe:69:70:83:63:da:d9:
20:60:04:54:56:80:ee:a5:5d:87:b9:13:85:2c:67:cd:5b:a3:
52:f6:4d:12:82:a4:ec:32:d7:b1:c7:6d:5f:83:11:c6:47:b0:
93:bd:19:12:d2:8e:bb:01:0f:15:96:40:d1:b5:19:9b:14:12:
b8:1a:36:5f:eb:47:4c:10:d7:98:6b:7e:41:e4:de:fe:cb:fb:
4e:e4:14:64:c3:a7:8e:5a:06:89:ab:5c:dc:a0:7a:5e:c3:e3:
be:2f:0e:f0:49:59:0f:f2:1e:22:da:15:0f:a1:b9:d1:5e:df:
8b:d7:6c:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1+qrHOW1wsOEy35ri8kmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDcwYWYwZDg5ZDc4NWJhMThiYTYxN2RjMDllM2Y3MmM1
OTk2ZjMwHhcNMjUwMTAxMjE0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWYwOTBiMzhlNWU0OWIxY2ZhYmViYzVmOGJlNGJkNDZkOTA0ZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ5fo7i2sy4Vu8P4qslrIXLGkPsw
IZAjArNhkXGR9uHT2r0iToUmL7rYnXMmUY93deE2Yisf7SlKkD8YFr1B+516mwYf
QDxZSq4sB2Oay2AB3KCyJ9wkOSOHGZMtrgxeD+FK7QONaKp5oXP36h+Pd+HhklcD
Y6sRrtmaT3s70tGXqL9qnT++kZwFZO79SxKYrV4kCgW/g2sqka0h69JYLsOi6ZKo
exktHG0C3/ROYKipX2Y4MeGvQQI/YSykZXtsR8JqKUYitMzzT5r5V7MPpS9cdgce
KZrXT/q7dD3bAJ3vP7xLRwgTEbunjtHu7SZWNof7/e+1BImj8TcbWLxdDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOHwkLOOXkmxz6vrxfi+S9RtkE6ZMB8GA1UdIwQY
MBaAFIRHCvDYnXhboYumF9wJ4/csWZbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDIt
ZTc2ZTNlMjkzZTAyLzEvNGZDUXM0NWVTYkhQcS12Ri1MNUwxRzJRVHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDItZTc2ZTNlMjkzZTAy
LzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF2a2AMA0E
AgACMAcDBQAgAUuIMA0GCSqGSIb3DQEBCwUAA4IBAQB0uHF5PIv/d+1SXBBxHp76
u55B+ragSknVw7+XyDwyhtKt+EX/t6xgoBr9k/l9CaATvW8e/HVSzIFPbKcSJIrh
c9tnQic/OgiR6OYYRxo6JgGKhr8aw5aXbkmIRhqcGZzmAzELJfO4Kx6Da0YEu6md
+LOW7U/s+FzYeIqp9qzPR/GnQNpobFUnc/5pcINj2tkgYARUVoDupV2HuROFLGfN
W6NS9k0SgqTsMtexx21fgxHGR7CTvRkS0o67AQ8VlkDRtRmbFBK4GjZf60dMENeY
a35B5N7+y/tO5BRkw6eOWgaJq1zcoHpew+O+Lw7wSVkP8h4i2hUPobnRXt+L12wM
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:25 2025 by rpki-client