Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/foPKoz-0alLrSGrtVdOOGxIYeQ8.roa
File: foPKoz-0alLrSGrtVdOOGxIYeQ8.roa (raw, json)
Hash identifier: DrdFdJaZeC1/JpvbeVj1zo+nKmBePUCNR5XfgPwTajw=
Subject key identifier: 7E:83:CA:A3:3F:B4:6A:52:EB:48:6A:ED:55:D3:8E:1B:12:18:79:0F
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0193070DBE567D372304C1608C3EACEBD79D
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/foPKoz-0alLrSGrtVdOOGxIYeQ8.roa
Signing time: Thu 07 Nov 2024 14:36:01 +0000
ROA not before: Thu 07 Nov 2024 14:36:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 89.21.86.0/24 maxlen: 24
89.251.18.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
146.19.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:07:0d:be:56:7d:37:23:04:c1:60:8c:3e:ac:eb:d7:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Nov 7 14:36:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e83caa33fb46a52eb486aed55d38e1b1218790f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5b:ee:68:c4:97:d6:4f:16:66:25:03:64:2b:
5f:33:7c:e1:10:51:7e:ae:c3:bb:6a:8a:73:16:c6:
ba:62:60:9c:2e:ce:11:a9:57:ab:38:e6:66:4f:cf:
67:8d:88:7a:46:d0:45:c3:62:75:68:67:06:f6:36:
82:68:9e:90:36:57:2a:34:77:78:63:ba:4b:fb:66:
8e:28:5c:d8:5c:6d:b0:35:64:e0:28:4c:35:ef:8f:
c5:23:ba:a2:e3:de:f3:c3:be:4b:30:c5:e9:bf:cf:
ea:4a:16:1e:7e:70:80:bf:a5:47:f2:e9:62:0a:18:
44:7e:30:f1:06:b2:32:be:c4:b4:c6:3a:b8:c1:85:
39:f9:96:0a:bd:6b:91:52:88:1d:45:6a:d1:14:82:
3f:d7:8c:5f:36:b8:46:f0:10:16:e5:eb:e1:63:68:
ef:5f:b7:ed:48:9e:99:7d:bd:2a:82:c6:da:ad:a8:
61:86:53:6f:95:aa:1d:cd:75:c5:63:e8:f8:e3:bd:
f0:0f:32:33:1c:da:b3:c1:2b:b9:08:ab:e5:ee:c5:
08:03:83:aa:82:75:98:b7:0b:20:04:f9:87:b8:da:
7a:a7:ad:5a:4f:ff:b1:fb:27:10:69:06:bd:39:f7:
d0:d9:8d:93:a7:31:71:8b:d3:f8:56:a9:03:9f:33:
d4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:83:CA:A3:3F:B4:6A:52:EB:48:6A:ED:55:D3:8E:1B:12:18:79:0F
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/foPKoz-0alLrSGrtVdOOGxIYeQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.86.0/24
89.251.18.0/24
89.251.31.0/24
109.122.43.0/24
146.19.56.0/24
Signature Algorithm: sha256WithRSAEncryption
19:84:91:f6:10:e8:4f:de:c0:2e:75:e1:29:52:bd:cd:77:93:
21:24:d1:c4:08:00:a2:5a:16:d1:95:a5:a5:8f:17:00:2e:ab:
35:42:e5:64:17:6c:bb:77:38:ad:ce:b4:9b:cf:20:a5:bc:08:
a8:ce:17:16:06:b6:9f:2e:70:7d:bf:74:93:c5:49:23:3d:ab:
7e:43:1f:12:01:ca:66:03:ca:d2:16:3a:f8:b1:1d:d8:5c:9a:
cf:56:9e:0a:ea:2b:5a:28:3d:61:f9:01:42:17:6d:c4:b6:0b:
57:e0:eb:cf:5a:0c:62:58:d9:e8:e5:15:df:8a:b3:4d:c4:b9:
7e:d4:83:44:b0:12:64:6f:97:3e:49:68:58:d5:23:23:ca:3b:
01:8b:83:85:44:76:a6:e3:46:77:61:c7:09:ce:13:e8:52:5b:
ee:c4:d5:ec:fb:b7:64:8e:69:3f:ce:56:3a:c3:e5:4c:b3:60:
ed:a3:3a:d5:1c:9f:de:36:53:f3:a9:cd:5f:31:4f:0b:ee:5e:
89:5e:c6:c0:b0:30:b1:4e:13:da:89:31:a3:99:9f:b3:e6:f8:
3e:22:0a:0b:f2:ac:13:07:79:b8:cc:f2:86:9f:15:86:f7:2c:
64:74:f5:03:78:94:2c:35:4c:68:22:97:92:31:3a:78:de:8c:
b1:35:30:15
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZMHDb5WfTcjBMFgjD6s69edMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMTA3MTQzNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTgzY2FhMzNmYjQ2YTUyZWI0ODZhZWQ1NWQzOGUxYjEyMTg3OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFvuaMSX1k8WZiUDZCtfM3zhEFF+
rsO7aopzFsa6YmCcLs4RqVerOOZmT89njYh6RtBFw2J1aGcG9jaCaJ6QNlcqNHd4
Y7pL+2aOKFzYXG2wNWTgKEw174/FI7qi497zw75LMMXpv8/qShYefnCAv6VH8uli
ChhEfjDxBrIyvsS0xjq4wYU5+ZYKvWuRUogdRWrRFII/14xfNrhG8BAW5evhY2jv
X7ftSJ6Zfb0qgsbarahhhlNvlaodzXXFY+j4473wDzIzHNqzwSu5CKvl7sUIA4Oq
gnWYtwsgBPmHuNp6p61aT/+x+ycQaQa9OffQ2Y2TpzFxi9P4VqkDnzPURQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH6DyqM/tGpS60hq7VXTjhsSGHkPMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvZm9QS296LTBhbExyU0dydFZkT09HeElZZVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWRVWAwQA
WfsSAwQAWfsfAwQAbXorAwQAkhM4MA0GCSqGSIb3DQEBCwUAA4IBAQAZhJH2EOhP
3sAudeEpUr3Nd5MhJNHECACiWhbRlaWljxcALqs1QuVkF2y7dzitzrSbzyClvAio
zhcWBrafLnB9v3STxUkjPat+Qx8SAcpmA8rSFjr4sR3YXJrPVp4K6itaKD1h+QFC
F23EtgtX4OvPWgxiWNno5RXfirNNxLl+1INEsBJkb5c+SWhY1SMjyjsBi4OFRHam
40Z3YccJzhPoUlvuxNXs+7dkjmk/zlY6w+VMs2DtozrVHJ/eNlPzqc1fMU8L7l6J
XsbAsDCxThPaiTGjmZ+z5vg+IgoL8qwTB3m4zPKGnxWG9yxkdPUDeJQsNUxoIpeS
MTp43oyxNTAV
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:09:34 2025 by rpki-client