Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/FtNIaDzNfy85KBMwPYe2aC9WIUg.roa
File: FtNIaDzNfy85KBMwPYe2aC9WIUg.roa (raw, json)
Hash identifier: Hg0GIWH3uUyZz/M9EJ03RwGtbRc/krc3FmSP5HzjKu4=
Subject key identifier: 16:D3:48:68:3C:CD:7F:2F:39:28:13:30:3D:87:B6:68:2F:56:21:48
Certificate issuer: /CN=46a4b35c8e0256eaa2fbf751e6c01e5e909c0a1f
Certificate serial: 018CC8010C08DEC9E9509E7BD7D7A4F237BA
Authority key identifier: 46:A4:B3:5C:8E:02:56:EA:A2:FB:F7:51:E6:C0:1E:5E:90:9C:0A:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RqSzXI4CVuqi-_dR5sAeXpCcCh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/FtNIaDzNfy85KBMwPYe2aC9WIUg.roa
Signing time: Tue 02 Jan 2024 02:29:20 +0000
ROA not before: Tue 02 Jan 2024 02:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209311
IP address blocks: 193.111.211.0/24 maxlen: 24
2a0a:8ac0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:0c:08:de:c9:e9:50:9e:7b:d7:d7:a4:f2:37:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46a4b35c8e0256eaa2fbf751e6c01e5e909c0a1f
Validity
Not Before: Jan 2 02:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16d348683ccd7f2f392813303d87b6682f562148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2e:90:f1:37:be:d2:24:d0:ed:4f:ce:4c:f9:
ac:cf:29:51:56:b5:7b:70:d5:de:12:4f:1d:b9:09:
44:b7:ee:da:b7:59:8e:26:a9:6d:5e:a3:4d:bd:ba:
b5:a5:63:da:9f:d3:53:a5:7b:79:c1:73:3f:fb:54:
4b:ca:86:44:98:a7:da:2d:ca:37:34:cd:b8:9f:10:
4a:b6:14:6a:db:74:f7:f8:6d:23:7f:cb:eb:09:f9:
a4:88:fb:5c:3c:e8:e0:75:c5:d6:14:32:61:31:54:
3d:6a:85:3f:77:a3:09:e8:7b:10:5b:28:13:92:50:
ee:b5:e8:36:0c:f1:ce:be:41:23:4e:4c:35:cb:70:
de:35:65:dd:a7:8c:78:e8:6f:8b:6c:6b:bd:86:a7:
d5:9c:3b:06:e3:74:cf:61:b4:17:9d:fb:c0:6a:f9:
b2:9d:59:77:59:03:e6:bc:76:d1:bb:89:a6:ff:0d:
ee:eb:dd:df:49:8e:90:6e:81:86:31:8f:c7:24:ae:
87:9f:8a:98:02:6c:05:48:68:97:c6:1e:79:49:5d:
3c:3b:81:f7:b7:dc:f9:60:6c:d8:90:cf:70:c2:6f:
b4:ba:bb:e1:b3:c7:fd:17:00:98:d3:29:b2:8a:58:
fb:fa:a1:fb:1b:6d:85:16:1e:c8:bb:bb:fd:cc:a6:
15:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D3:48:68:3C:CD:7F:2F:39:28:13:30:3D:87:B6:68:2F:56:21:48
X509v3 Authority Key Identifier:
keyid:46:A4:B3:5C:8E:02:56:EA:A2:FB:F7:51:E6:C0:1E:5E:90:9C:0A:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RqSzXI4CVuqi-_dR5sAeXpCcCh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/FtNIaDzNfy85KBMwPYe2aC9WIUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1191d6-5423-42cf-8f6b-117886eb7d67/1/RqSzXI4CVuqi-_dR5sAeXpCcCh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.211.0/24
IPv6:
2a0a:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:59:b8:96:f7:cf:2b:37:3a:b6:a1:13:d4:d6:94:8c:f3:c1:
7f:34:7a:82:70:5e:4c:85:c1:e9:dc:99:a7:ca:34:b8:af:19:
79:d0:c4:81:a8:d5:f7:40:29:35:88:50:49:11:69:9a:51:97:
61:f7:b3:7c:6d:d0:17:2a:a5:c2:ee:29:4d:80:30:f0:db:18:
11:27:e9:6d:5f:55:ff:7a:fc:5f:bd:05:4f:db:70:16:a9:a9:
57:43:a9:1a:a0:c3:5f:4c:25:a2:61:c3:00:2a:82:9b:f5:1a:
14:7b:c4:39:1f:e6:99:6b:3e:d5:f2:8c:f8:2c:1e:8a:fa:58:
4c:08:65:b3:81:2f:6b:38:1b:5b:a4:15:25:8d:e2:96:46:6f:
f2:31:06:c2:dc:04:ed:cc:8d:03:68:04:8e:69:d6:ba:a3:e0:
4e:8c:30:08:82:d0:ef:dd:8f:1e:d3:4e:e0:f0:cc:32:90:9b:
75:8a:59:50:f5:17:db:36:56:bc:bd:1d:bc:f4:22:30:c7:77:
4d:d1:33:3a:86:52:b4:f1:94:a9:7c:bf:fb:72:6b:32:d4:1e:
0b:4e:56:dc:54:27:96:66:1a:bf:cc:c9:a3:30:b1:fe:46:8a:
05:2a:73:c5:cb:ab:e9:09:aa:9e:0f:85:85:ff:8b:b3:83:6a:
96:86:02:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAQwI3snpUJ5719ek8je6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YTRiMzVjOGUwMjU2ZWFhMmZiZjc1MWU2YzAxZTVlOTA5
YzBhMWYwHhcNMjQwMTAyMDIyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQzNDg2ODNjY2Q3ZjJmMzkyODEzMzAzZDg3YjY2ODJmNTYyMTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS6Q8Te+0iTQ7U/OTPmszylRVrV7
cNXeEk8duQlEt+7at1mOJqltXqNNvbq1pWPan9NTpXt5wXM/+1RLyoZEmKfaLco3
NM24nxBKthRq23T3+G0jf8vrCfmkiPtcPOjgdcXWFDJhMVQ9aoU/d6MJ6HsQWygT
klDuteg2DPHOvkEjTkw1y3DeNWXdp4x46G+LbGu9hqfVnDsG43TPYbQXnfvAavmy
nVl3WQPmvHbRu4mm/w3u693fSY6QboGGMY/HJK6Hn4qYAmwFSGiXxh55SV08O4H3
t9z5YGzYkM9wwm+0urvhs8f9FwCY0ymyilj7+qH7G22FFh7Iu7v9zKYV9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBbTSGg8zX8vOSgTMD2HtmgvViFIMB8GA1UdIwQY
MBaAFEaks1yOAlbqovv3UebAHl6QnAofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnFTelhJNENWdXFpLV9kUjVzQWVYcENjQ2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xMTkxZDYtNTQyMy00MmNmLThmNmIt
MTE3ODg2ZWI3ZDY3LzEvRnROSWFEek5meTg1S0JNd1BZZTJhQzlXSVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xMTkxZDYtNTQyMy00MmNmLThmNmItMTE3ODg2ZWI3ZDY3
LzEvUnFTelhJNENWdXFpLV9kUjVzQWVYcENjQ2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwW/TMA0E
AgACMAcDBQMqCorAMA0GCSqGSIb3DQEBCwUAA4IBAQBsWbiW988rNzq2oRPU1pSM
88F/NHqCcF5MhcHp3JmnyjS4rxl50MSBqNX3QCk1iFBJEWmaUZdh97N8bdAXKqXC
7ilNgDDw2xgRJ+ltX1X/evxfvQVP23AWqalXQ6kaoMNfTCWiYcMAKoKb9RoUe8Q5
H+aZaz7V8oz4LB6K+lhMCGWzgS9rOBtbpBUljeKWRm/yMQbC3ATtzI0DaASOada6
o+BOjDAIgtDv3Y8e007g8MwykJt1illQ9RfbNla8vR289CIwx3dN0TM6hlK08ZSp
fL/7cmsy1B4LTlbcVCeWZhq/zMmjMLH+RooFKnPFy6vpCaqeD4WF/4uzg2qWhgI0
-----END CERTIFICATE-----
Generated at Thu Apr 24 08:57:20 2025 by rpki-client