Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/FhhX2jHUF4hRax63B9n7Kr7SiWo.roa
File: FhhX2jHUF4hRax63B9n7Kr7SiWo.roa (raw, json)
Hash identifier: XMJDKaFU88gLUSXhjcfjfdGIUU1n06MvtxZz53CGaKc=
Subject key identifier: 16:18:57:DA:31:D4:17:88:51:6B:1E:B7:07:D9:FB:2A:BE:D2:89:6A
Certificate issuer: /CN=329b513e65706fcaa543a11a0e42d28b109df3b6
Certificate serial: 018CC9BC35EAE9A70C7D5AA52B58752EDA1C
Authority key identifier: 32:9B:51:3E:65:70:6F:CA:A5:43:A1:1A:0E:42:D2:8B:10:9D:F3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/FhhX2jHUF4hRax63B9n7Kr7SiWo.roa
Signing time: Tue 02 Jan 2024 10:33:24 +0000
ROA not before: Tue 02 Jan 2024 10:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34253
IP address blocks: 193.242.110.0/24 maxlen: 24
195.242.71.0/24 maxlen: 24
195.242.70.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 16 May 2024 14:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:35:ea:e9:a7:0c:7d:5a:a5:2b:58:75:2e:da:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=329b513e65706fcaa543a11a0e42d28b109df3b6
Validity
Not Before: Jan 2 10:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=161857da31d41788516b1eb707d9fb2abed2896a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0f:c4:e7:8e:dd:fe:cc:6e:ef:69:61:74:18:
d7:23:a8:67:5c:dd:0d:14:3b:c3:b9:b1:4f:e6:0d:
cc:74:15:27:90:c0:58:8a:73:8e:de:45:5e:74:ff:
c0:9b:f9:fe:14:d0:55:c1:7e:15:b7:b8:26:b8:dd:
18:bb:66:9b:10:4f:bc:c1:32:04:f1:ba:8e:38:eb:
c3:c5:be:56:67:51:21:96:9a:1b:ea:f8:90:0e:a0:
4a:81:98:00:48:45:2f:54:ad:d8:4e:c9:e8:e5:3a:
19:0f:28:f1:78:7b:8a:ce:ab:1d:8f:65:24:c9:ad:
69:cf:b4:e3:4a:40:30:a2:2e:53:5c:63:09:ce:89:
0d:43:8d:b8:2f:e0:a1:e8:be:42:b5:82:cc:07:1b:
58:2a:bc:ab:72:c7:47:5e:15:84:58:59:03:cb:c4:
cf:07:cc:2b:e4:6f:07:40:fa:a3:aa:b2:d3:0c:c6:
1e:46:0d:f6:8a:3c:d2:71:30:72:bc:29:f7:4d:81:
7a:e0:69:8a:ca:40:cb:ee:fc:7e:d6:29:dd:0b:71:
1f:f6:28:23:55:cc:ce:26:f7:a7:99:16:03:40:96:
ba:f6:d0:61:86:3b:24:a4:3f:de:bb:7a:c5:3b:c7:
d5:c0:7c:b4:6e:5d:be:c1:4c:ae:36:aa:b5:a5:19:
de:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:18:57:DA:31:D4:17:88:51:6B:1E:B7:07:D9:FB:2A:BE:D2:89:6A
X509v3 Authority Key Identifier:
keyid:32:9B:51:3E:65:70:6F:CA:A5:43:A1:1A:0E:42:D2:8B:10:9D:F3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/FhhX2jHUF4hRax63B9n7Kr7SiWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.110.0/24
195.242.70.0/23
Signature Algorithm: sha256WithRSAEncryption
99:35:3f:6c:c7:f4:85:eb:34:8d:12:c4:8b:8c:3d:c8:3e:ee:
e6:19:c1:b8:65:39:1e:c4:a7:dd:08:69:68:04:9c:d2:c5:a3:
6b:21:ae:d6:ac:35:86:f3:be:34:7e:dd:7f:09:37:21:ec:55:
99:f8:42:80:01:35:e0:20:a5:08:d3:52:23:90:1f:c4:14:59:
26:27:8f:e3:05:63:10:17:76:f6:48:3e:d9:a0:54:10:f3:3d:
97:64:e4:09:05:31:70:8c:55:a5:4b:0c:37:50:ca:bf:3b:34:
87:6a:ea:82:00:f3:24:86:ed:83:8c:7f:62:5d:81:10:e9:ea:
d1:eb:c2:73:b0:aa:54:d5:d3:b8:5a:53:f6:0f:32:d7:71:8e:
63:ed:79:fc:49:81:ec:43:13:41:33:34:94:b6:4a:f5:41:eb:
0a:3e:a0:3d:87:0f:e2:2b:30:bf:7f:81:ae:29:6c:1f:a5:54:
6d:4e:eb:5a:f2:dd:a5:da:30:52:df:22:66:da:e7:71:a5:d1:
b7:d5:35:e9:b3:92:4c:25:74:63:2b:1a:f1:d7:61:f1:a1:3d:
16:9d:35:bc:be:23:39:45:e0:ca:65:d3:8e:43:7a:da:7c:52:
20:7f:95:4d:13:e8:1f:19:48:61:b1:de:1a:62:c2:a7:82:bb:
82:12:dc:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvDXq6acMfVqlK1h1LtocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyOWI1MTNlNjU3MDZmY2FhNTQzYTExYTBlNDJkMjhiMTA5
ZGYzYjYwHhcNMjQwMTAyMTAzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjE4NTdkYTMxZDQxNzg4NTE2YjFlYjcwN2Q5ZmIyYWJlZDI4OTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg/E547d/sxu72lhdBjXI6hnXN0N
FDvDubFP5g3MdBUnkMBYinOO3kVedP/Am/n+FNBVwX4Vt7gmuN0Yu2abEE+8wTIE
8bqOOOvDxb5WZ1Ehlpob6viQDqBKgZgASEUvVK3YTsno5ToZDyjxeHuKzqsdj2Uk
ya1pz7TjSkAwoi5TXGMJzokNQ424L+Ch6L5CtYLMBxtYKryrcsdHXhWEWFkDy8TP
B8wr5G8HQPqjqrLTDMYeRg32ijzScTByvCn3TYF64GmKykDL7vx+1indC3Ef9igj
VczOJvenmRYDQJa69tBhhjskpD/eu3rFO8fVwHy0bl2+wUyuNqq1pRneMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBYYV9ox1BeIUWsetwfZ+yq+0olqMB8GA1UdIwQY
MBaAFDKbUT5lcG/KpUOhGg5C0osQnfO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wYWRjZDgtOGE0Yi00OTIzLWJmMzYt
ODE0YTYxMWVjYTYwLzEvRmhoWDJqSFVGNGhSYXg2M0I5bjdLcjdTaVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wYWRjZDgtOGE0Yi00OTIzLWJmMzYtODE0YTYxMWVjYTYw
LzEvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwfJuAwQB
w/JGMA0GCSqGSIb3DQEBCwUAA4IBAQCZNT9sx/SF6zSNEsSLjD3IPu7mGcG4ZTke
xKfdCGloBJzSxaNrIa7WrDWG8740ft1/CTch7FWZ+EKAATXgIKUI01IjkB/EFFkm
J4/jBWMQF3b2SD7ZoFQQ8z2XZOQJBTFwjFWlSww3UMq/OzSHauqCAPMkhu2DjH9i
XYEQ6erR68JzsKpU1dO4WlP2DzLXcY5j7Xn8SYHsQxNBMzSUtkr1QesKPqA9hw/i
KzC/f4GuKWwfpVRtTuta8t2l2jBS3yJm2udxpdG31TXps5JMJXRjKxrx12HxoT0W
nTW8viM5ReDKZdOOQ3rafFIgf5VNE+gfGUhhsd4aYsKngruCEtz2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:52 2025 by rpki-client