Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/fGuMM7nrA9mmY6kSWMkETOSrGPM.roa
File: fGuMM7nrA9mmY6kSWMkETOSrGPM.roa (raw, json)
Hash identifier: hSw+jpIT3A7ASxl+SA/lEqG4kczV/xbY0nxeokWaCjE=
Subject key identifier: 7C:6B:8C:33:B9:EB:03:D9:A6:63:A9:12:58:C9:04:4C:E4:AB:18:F3
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0193F7368386BD562B9609F20BCCE25DA8EC
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/fGuMM7nrA9mmY6kSWMkETOSrGPM.roa
Signing time: Tue 24 Dec 2024 05:49:25 +0000
ROA not before: Tue 24 Dec 2024 05:49:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35371
IP address blocks: 85.122.100.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f7:36:83:86:bd:56:2b:96:09:f2:0b:cc:e2:5d:a8:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Dec 24 05:49:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c6b8c33b9eb03d9a663a91258c9044ce4ab18f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bf:2f:2b:96:2f:6a:05:2c:92:aa:e0:a1:05:
1f:ad:62:d8:e3:85:12:a4:f5:67:c0:3a:04:09:fc:
e5:e1:56:95:19:5f:f8:97:53:3d:d7:03:bb:9d:ae:
31:ee:9c:70:b7:95:e4:a2:ee:49:7b:85:a9:d4:18:
69:2f:ac:1a:0e:fc:cb:b3:43:ea:52:b2:ac:44:fd:
c8:29:54:bb:f3:32:db:ae:80:53:51:91:ec:75:00:
5b:90:9e:62:40:7b:da:24:1d:fe:49:93:cb:82:65:
31:4e:d6:ad:d0:f0:9e:31:a1:91:e7:22:26:ff:df:
2a:d0:d4:aa:53:6f:a8:7c:e8:30:6f:ca:02:e2:08:
59:1e:ef:6e:b1:7f:8c:7a:b5:cc:ab:e2:af:94:6f:
8a:1b:64:a3:cb:d2:59:c7:cf:9e:c1:f3:22:7e:40:
43:2e:39:3c:ab:db:10:39:96:14:26:ed:f0:b9:a2:
d2:1c:dc:0b:d1:ba:af:07:b5:49:4d:2d:4e:f8:2c:
68:70:c0:1b:0f:0e:cb:7e:32:c5:79:c4:e0:9e:5a:
81:96:a0:a4:a5:f1:7c:ee:45:0c:f4:b1:5c:0e:66:
d8:0b:d2:cc:ff:93:34:20:74:79:48:d3:5e:15:99:
ff:cf:6e:76:40:5e:77:d3:ad:42:aa:d5:94:e7:fb:
2a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:6B:8C:33:B9:EB:03:D9:A6:63:A9:12:58:C9:04:4C:E4:AB:18:F3
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/fGuMM7nrA9mmY6kSWMkETOSrGPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.122.100.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:79:de:6c:55:6e:fc:77:85:fe:7f:a8:fa:60:40:69:18:f3:
81:d2:de:98:4a:dc:0c:6d:78:16:1c:e2:6a:41:16:9a:7f:68:
56:8b:c8:39:a3:e2:03:d8:77:be:ec:12:d5:51:e7:b5:e5:e3:
87:24:7d:95:92:77:af:c9:18:42:e0:05:69:be:ba:9b:fd:17:
63:79:df:4c:c3:1b:9a:7a:1a:72:c0:3d:5a:73:66:10:4b:a4:
3c:ae:9e:8c:b4:ad:61:64:c5:02:a2:ae:b7:8a:47:7f:93:ff:
0a:3f:96:d2:40:97:16:56:84:ff:79:f8:32:1d:47:19:df:cd:
5b:36:4a:3c:9b:7b:61:57:a0:a2:63:41:da:c7:97:23:4a:5a:
71:00:63:0a:b2:cc:2e:9b:37:24:32:31:32:f0:c6:b6:e0:19:
f5:0b:e0:f1:7a:ca:68:1e:2b:0c:3c:20:cf:01:7f:df:0b:cb:
90:b3:2c:cb:c8:2a:9a:6a:7f:d1:d7:0b:47:cc:32:97:3b:3f:
02:c1:c6:a3:d4:94:6d:ce:ed:ab:eb:a3:fc:32:9c:72:77:ff:
57:80:16:21:87:0d:f1:7c:3e:3e:c9:bf:c4:bb:e9:14:35:de:
29:ba:ff:95:a2:bf:cb:b8:67:58:5d:7d:59:78:d9:6c:d7:35:
a3:c1:77:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP3NoOGvVYrlgnyC8ziXajsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQxMjI0MDU0OTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzZiOGMzM2I5ZWIwM2Q5YTY2M2E5MTI1OGM5MDQ0Y2U0YWIxOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzL8vK5YvagUskqrgoQUfrWLY44US
pPVnwDoECfzl4VaVGV/4l1M91wO7na4x7pxwt5Xkou5Je4Wp1BhpL6waDvzLs0Pq
UrKsRP3IKVS78zLbroBTUZHsdQBbkJ5iQHvaJB3+SZPLgmUxTtat0PCeMaGR5yIm
/98q0NSqU2+ofOgwb8oC4ghZHu9usX+MerXMq+KvlG+KG2Sjy9JZx8+ewfMifkBD
Ljk8q9sQOZYUJu3wuaLSHNwL0bqvB7VJTS1O+CxocMAbDw7LfjLFecTgnlqBlqCk
pfF87kUM9LFcDmbYC9LM/5M0IHR5SNNeFZn/z252QF53061CqtWU5/sqCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHxrjDO56wPZpmOpEljJBEzkqxjzMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvZkd1TU03bnJBOW1tWTZrU1dNa0VUT1NyR1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVXpkMA0G
CSqGSIb3DQEBCwUAA4IBAQCced5sVW78d4X+f6j6YEBpGPOB0t6YStwMbXgWHOJq
QRaaf2hWi8g5o+ID2He+7BLVUee15eOHJH2VknevyRhC4AVpvrqb/Rdjed9Mwxua
ehpywD1ac2YQS6Q8rp6MtK1hZMUCoq63ikd/k/8KP5bSQJcWVoT/efgyHUcZ381b
Nko8m3thV6CiY0Hax5cjSlpxAGMKsswumzckMjEy8Ma24Bn1C+DxespoHisMPCDP
AX/fC8uQsyzLyCqaan/R1wtHzDKXOz8Cwcaj1JRtzu2r66P8Mpxyd/9XgBYhhw3x
fD4+yb/Eu+kUNd4puv+Vor/LuGdYXX1ZeNls1zWjwXdR
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:33:44 2025 by rpki-client