Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/48506a-33dc-4574-80f3-bde24a2a9ff5/1/rcLuNRCiRkE0b24v3i_88EYJir0.roa
File: rcLuNRCiRkE0b24v3i_88EYJir0.roa (raw, json)
Hash identifier: QVA+fc5jFyZxN6zL0+/8GG/V83N3sYUrpHnfy2qEsTQ=
Subject key identifier: AD:C2:EE:35:10:A2:46:41:34:6F:6E:2F:DE:2F:FC:F0:46:09:8A:BD
Certificate issuer: /CN=fe0a7919a3ed7b13b5dab39c86e04a7a97231473
Certificate serial: 018CCA2977544B39411E912115A7D7BA26CB
Authority key identifier: FE:0A:79:19:A3:ED:7B:13:B5:DA:B3:9C:86:E0:4A:7A:97:23:14:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_gp5GaPtexO12rOchuBKepcjFHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/48506a-33dc-4574-80f3-bde24a2a9ff5/1/rcLuNRCiRkE0b24v3i_88EYJir0.roa
Signing time: Tue 02 Jan 2024 12:32:44 +0000
ROA not before: Tue 02 Jan 2024 12:32:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47697
IP address blocks: 193.105.196.0/24 maxlen: 24
185.116.204.0/22 maxlen: 22
185.116.204.0/24 maxlen: 24
2001:678:100::/48 maxlen: 48
2a03:4ba0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:77:54:4b:39:41:1e:91:21:15:a7:d7:ba:26:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe0a7919a3ed7b13b5dab39c86e04a7a97231473
Validity
Not Before: Jan 2 12:32:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adc2ee3510a24641346f6e2fde2ffcf046098abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e3:23:d2:58:5a:62:90:52:ba:13:f9:72:f4:
94:02:b0:9e:78:2c:d9:8c:ad:bf:86:e6:7a:89:38:
04:11:2e:9d:20:7c:54:85:57:46:aa:c7:32:83:4d:
20:f9:9a:db:eb:e1:e3:c4:84:17:5d:ba:39:9f:8f:
ee:f7:24:44:0c:d1:d4:80:cd:e5:8b:1c:e7:a3:b4:
d1:50:0a:eb:09:38:5e:36:47:20:f0:e4:65:e9:2c:
30:54:9d:b2:26:a9:66:d2:ac:02:55:73:d4:31:cd:
82:5d:8e:e9:72:56:93:00:2f:ab:37:2c:78:f3:8a:
ad:20:37:6c:c3:81:5d:59:81:7c:2b:d0:13:f5:9e:
48:20:dc:2f:67:a6:a3:26:80:14:ec:6e:42:41:97:
85:34:38:87:88:0b:f5:5b:bd:92:2d:94:3a:b7:1c:
72:65:9b:70:d7:e2:e7:ed:f6:70:24:58:25:72:55:
fd:0e:67:d9:82:73:07:0f:4e:c4:3b:44:a8:5b:65:
f7:57:df:fd:42:e5:f5:34:3e:0d:5c:12:a4:1d:c4:
3e:62:f6:64:07:1f:b4:46:42:c1:42:d1:4b:a9:4a:
e5:db:1f:8c:59:e9:13:5f:a3:2f:6a:32:b2:54:07:
f0:a3:a2:3d:21:02:5f:5a:71:55:05:f4:79:0d:77:
08:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C2:EE:35:10:A2:46:41:34:6F:6E:2F:DE:2F:FC:F0:46:09:8A:BD
X509v3 Authority Key Identifier:
keyid:FE:0A:79:19:A3:ED:7B:13:B5:DA:B3:9C:86:E0:4A:7A:97:23:14:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_gp5GaPtexO12rOchuBKepcjFHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/48506a-33dc-4574-80f3-bde24a2a9ff5/1/rcLuNRCiRkE0b24v3i_88EYJir0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/48506a-33dc-4574-80f3-bde24a2a9ff5/1/_gp5GaPtexO12rOchuBKepcjFHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.204.0/22
193.105.196.0/24
IPv6:
2001:678:100::/48
2a03:4ba0:1::/48
Signature Algorithm: sha256WithRSAEncryption
ad:b5:97:52:f3:62:ac:83:f3:3f:70:16:86:4a:8f:c3:b1:15:
bc:04:9f:c2:46:c5:08:2c:43:84:a7:12:45:15:98:80:db:45:
2d:5b:37:af:9c:d8:46:57:f4:74:8b:4a:88:de:8c:43:27:6b:
7b:bf:09:fc:f9:70:80:1f:30:3e:b4:e7:40:a5:3d:d6:76:1e:
4a:f9:56:67:eb:8a:6b:fb:27:d2:38:96:5b:6b:4e:2f:f8:a9:
45:ce:79:bb:66:de:70:7c:e7:e4:37:f0:95:bd:8c:7d:ad:8a:
4a:97:ed:e6:09:bc:d8:8b:dc:81:92:f6:27:f9:90:a5:5a:9f:
7f:dc:d4:6c:61:b2:3c:fa:fc:42:16:2e:3c:18:cf:80:ae:2c:
4c:6f:bb:b1:a8:3f:34:66:a1:b6:a0:a7:f1:ab:e8:fc:d7:a7:
3c:b2:49:8f:72:2b:65:e4:3c:f4:6d:6a:60:74:ef:6a:ff:dc:
6b:45:29:b5:51:c4:b5:99:53:32:8b:4d:1d:98:53:a8:28:cd:
25:e5:52:39:7d:2b:c4:2d:c1:1a:95:58:7e:d8:c2:d9:b7:49:
24:f4:db:cb:45:78:fa:5a:3b:70:a5:1f:23:77:dc:13:68:84:
e3:70:45:d6:e3:0d:1c:3e:57:4e:12:e7:2e:a1:e7:8c:e2:2f:
dc:78:2e:92
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzKKXdUSzlBHpEhFafXuibLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMGE3OTE5YTNlZDdiMTNiNWRhYjM5Yzg2ZTA0YTdhOTcy
MzE0NzMwHhcNMjQwMTAyMTIzMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGMyZWUzNTEwYTI0NjQxMzQ2ZjZlMmZkZTJmZmNmMDQ2MDk4YWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOMj0lhaYpBSuhP5cvSUArCeeCzZ
jK2/huZ6iTgEES6dIHxUhVdGqscyg00g+Zrb6+HjxIQXXbo5n4/u9yREDNHUgM3l
ixzno7TRUArrCTheNkcg8ORl6SwwVJ2yJqlm0qwCVXPUMc2CXY7pclaTAC+rNyx4
84qtIDdsw4FdWYF8K9AT9Z5IINwvZ6ajJoAU7G5CQZeFNDiHiAv1W72SLZQ6txxy
ZZtw1+Ln7fZwJFglclX9DmfZgnMHD07EO0SoW2X3V9/9QuX1ND4NXBKkHcQ+YvZk
Bx+0RkLBQtFLqUrl2x+MWekTX6MvajKyVAfwo6I9IQJfWnFVBfR5DXcIeQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFK3C7jUQokZBNG9uL94v/PBGCYq9MB8GA1UdIwQY
MBaAFP4KeRmj7XsTtdqznIbgSnqXIxRzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2dwNUdhUHRleE8xMnJPY2h1QktlcGNqRkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80ODUwNmEtMzNkYy00NTc0LTgwZjMt
YmRlMjRhMmE5ZmY1LzEvcmNMdU5SQ2lSa0UwYjI0djNpXzg4RVlKaXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80ODUwNmEtMzNkYy00NTc0LTgwZjMtYmRlMjRhMmE5ZmY1
LzEvX2dwNUdhUHRleE8xMnJPY2h1QktlcGNqRkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQCuXTMAwQA
wWnEMBgEAgACMBIDBwAgAQZ4AQADBwAqA0ugAAEwDQYJKoZIhvcNAQELBQADggEB
AK21l1LzYqyD8z9wFoZKj8OxFbwEn8JGxQgsQ4SnEkUVmIDbRS1bN6+c2EZX9HSL
SojejEMna3u/Cfz5cIAfMD6050ClPdZ2Hkr5Vmfrimv7J9I4lltrTi/4qUXOebtm
3nB85+Q38JW9jH2tikqX7eYJvNiL3IGS9if5kKVan3/c1Gxhsjz6/EIWLjwYz4Cu
LExvu7GoPzRmobagp/Gr6PzXpzyySY9yK2XkPPRtamB072r/3GtFKbVRxLWZUzKL
TR2YU6gozSXlUjl9K8QtwRqVWH7Ywtm3SST028tFePpaO3ClHyN33BNohONwRdbj
DRw+V04S5y6h54ziL9x4LpI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:02 2025 by rpki-client