Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/623e11-e70c-4f5b-852c-4943b4b42ebb/1/SFT8YYgQ-bLuk5L0WVJUA4x8D1Q.roa
File: SFT8YYgQ-bLuk5L0WVJUA4x8D1Q.roa (raw, json)
Hash identifier: f4LVuI+fM1/cZ6BYWMfiPr5FLBvsvJ7WV+qRgsP+0Yo=
Subject key identifier: 48:54:FC:61:88:10:F9:B2:EE:93:92:F4:59:52:54:03:8C:7C:0F:54
Certificate issuer: /CN=adfff1bd771287ced4c4dd6d8a851d2ad770661d
Certificate serial: 01942823ED8E424D903937B7C52C7CC680AA
Authority key identifier: AD:FF:F1:BD:77:12:87:CE:D4:C4:DD:6D:8A:85:1D:2A:D7:70:66:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rf_xvXcSh87UxN1tioUdKtdwZh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/623e11-e70c-4f5b-852c-4943b4b42ebb/1/SFT8YYgQ-bLuk5L0WVJUA4x8D1Q.roa
Signing time: Thu 02 Jan 2025 17:50:30 +0000
ROA not before: Thu 02 Jan 2025 17:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 194.13.16.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 17 Jan 2025 10:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:ed:8e:42:4d:90:39:37:b7:c5:2c:7c:c6:80:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adfff1bd771287ced4c4dd6d8a851d2ad770661d
Validity
Not Before: Jan 2 17:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4854fc618810f9b2ee9392f4595254038c7c0f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:3e:99:1c:85:5e:aa:ac:99:41:76:61:c0:89:
d5:e3:46:ed:2c:df:29:d7:cc:48:07:70:37:50:35:
fb:54:71:e0:ee:9d:05:5e:60:6b:a2:2b:d8:7f:bd:
cb:bc:54:44:b5:1c:0b:91:c7:c7:ae:32:a3:19:31:
54:db:ec:ea:7d:94:2d:24:9f:82:5e:2c:8d:03:59:
37:c0:0e:73:17:6a:81:0b:ac:86:fc:bf:1c:45:60:
e4:95:25:10:91:03:29:76:99:cc:04:dc:09:c8:3f:
40:0a:69:dc:e6:19:ce:8b:6f:1a:73:55:82:d1:b7:
32:47:bf:b9:52:b8:34:84:d7:69:bf:e2:0f:1a:e9:
6a:ba:21:47:ad:c3:9a:43:41:8e:9f:cd:90:9e:f8:
9a:58:64:96:2f:c6:67:31:58:e6:c9:4f:62:60:5b:
4a:ba:82:19:77:65:8c:cc:45:76:a1:f5:c3:02:b9:
1a:07:ea:fe:9c:47:d3:22:69:0d:08:fd:ee:74:fb:
59:c0:78:cc:c3:6e:16:2a:b7:10:d1:95:c1:90:75:
98:14:51:45:58:56:44:8e:8c:ff:79:7d:85:fd:7e:
0f:69:46:19:25:4b:de:b1:45:96:1a:e8:fa:52:b1:
14:48:9e:f4:1f:17:ec:e7:04:ea:6b:89:14:fb:cc:
90:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:54:FC:61:88:10:F9:B2:EE:93:92:F4:59:52:54:03:8C:7C:0F:54
X509v3 Authority Key Identifier:
keyid:AD:FF:F1:BD:77:12:87:CE:D4:C4:DD:6D:8A:85:1D:2A:D7:70:66:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rf_xvXcSh87UxN1tioUdKtdwZh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/623e11-e70c-4f5b-852c-4943b4b42ebb/1/SFT8YYgQ-bLuk5L0WVJUA4x8D1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/623e11-e70c-4f5b-852c-4943b4b42ebb/1/rf_xvXcSh87UxN1tioUdKtdwZh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.13.16.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:23:b8:8d:8e:d9:69:ae:f8:a5:ee:b4:e8:fa:f9:58:6a:2d:
ee:30:b1:3a:29:91:ff:b8:6f:da:ba:58:20:70:e4:2f:1f:6d:
75:9c:a2:92:93:50:67:39:27:bb:92:81:35:14:99:2f:38:5b:
74:f4:ec:65:93:ef:45:0a:45:91:ea:0f:83:e5:0b:98:ec:82:
8f:a2:b7:a3:cc:90:0d:1e:18:c2:48:c7:74:8c:a4:48:3b:3f:
54:c2:9f:db:39:12:3b:ab:74:97:9c:c9:fe:7b:f2:d8:50:94:
c8:2e:a4:ad:3a:5c:a2:96:d8:63:40:85:59:71:66:f2:99:c3:
cd:ac:01:d4:9c:dd:0f:2f:31:5a:88:24:f7:a9:0d:27:22:f7:
24:b2:86:6d:70:96:d9:3a:09:7d:74:55:06:b9:dc:35:a1:39:
55:11:bc:ae:99:09:7c:54:c2:81:74:99:92:3e:87:03:00:e6:
b7:e8:e8:4f:24:37:2f:a2:18:0b:45:2e:35:18:7e:07:55:c1:
39:f8:41:eb:26:a5:bf:a1:f5:e9:05:ac:a9:4a:21:21:1c:c4:
58:74:67:c5:33:f6:f5:ca:89:3d:0d:bd:63:5c:51:62:97:ae:
bf:43:0c:31:19:6b:70:28:55:df:29:4f:7e:6d:56:0f:b8:cd:
64:bd:75:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI+2OQk2QOTe3xSx8xoCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZmZmMWJkNzcxMjg3Y2VkNGM0ZGQ2ZDhhODUxZDJhZDc3
MDY2MWQwHhcNMjUwMTAyMTc1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODU0ZmM2MTg4MTBmOWIyZWU5MzkyZjQ1OTUyNTQwMzhjN2MwZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8D6ZHIVeqqyZQXZhwInV40btLN8p
18xIB3A3UDX7VHHg7p0FXmBroivYf73LvFREtRwLkcfHrjKjGTFU2+zqfZQtJJ+C
XiyNA1k3wA5zF2qBC6yG/L8cRWDklSUQkQMpdpnMBNwJyD9ACmnc5hnOi28ac1WC
0bcyR7+5Urg0hNdpv+IPGulquiFHrcOaQ0GOn82QnviaWGSWL8ZnMVjmyU9iYFtK
uoIZd2WMzEV2ofXDArkaB+r+nEfTImkNCP3udPtZwHjMw24WKrcQ0ZXBkHWYFFFF
WFZEjoz/eX2F/X4PaUYZJUvesUWWGuj6UrEUSJ70Hxfs5wTqa4kU+8yQaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhU/GGIEPmy7pOS9FlSVAOMfA9UMB8GA1UdIwQY
MBaAFK3/8b13EofO1MTdbYqFHSrXcGYdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZfeHZYY1NoODdVeE4xdGlvVWRLdGR3WmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy82MjNlMTEtZTcwYy00ZjViLTg1MmMt
NDk0M2I0YjQyZWJiLzEvU0ZUOFlZZ1EtYkx1azVMMFdWSlVBNHg4RDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy82MjNlMTEtZTcwYy00ZjViLTg1MmMtNDk0M2I0YjQyZWJi
LzEvcmZfeHZYY1NoODdVeE4xdGlvVWRLdGR3WmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwg0QMA0G
CSqGSIb3DQEBCwUAA4IBAQB/I7iNjtlprvil7rTo+vlYai3uMLE6KZH/uG/aulgg
cOQvH211nKKSk1BnOSe7koE1FJkvOFt09Oxlk+9FCkWR6g+D5QuY7IKPorejzJAN
HhjCSMd0jKRIOz9Uwp/bORI7q3SXnMn+e/LYUJTILqStOlyilthjQIVZcWbymcPN
rAHUnN0PLzFaiCT3qQ0nIvcksoZtcJbZOgl9dFUGudw1oTlVEbyumQl8VMKBdJmS
PocDAOa36OhPJDcvohgLRS41GH4HVcE5+EHrJqW/ofXpBaypSiEhHMRYdGfFM/b1
yok9Db1jXFFil66/QwwxGWtwKFXfKU9+bVYPuM1kvXVN
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:58 2025 by rpki-client