Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f60502-2704-4834-9d68-30466dec3905/1/G8YyVV2Bkyxwct_QJ41zJyluxKQ.roa
File: G8YyVV2Bkyxwct_QJ41zJyluxKQ.roa (raw, json)
Hash identifier: MS8swgz6v5Bt8Fs2YfhU/TInzk7PbjMZs92Ng4vbnu8=
Subject key identifier: 1B:C6:32:55:5D:81:93:2C:70:72:DF:D0:27:8D:73:27:29:6E:C4:A4
Certificate issuer: /CN=fcee32279c16dacdb5349f1b87c57d74c50ea539
Certificate serial: 018CC9BBD144C5C42E7B1A85F08576CADA35
Authority key identifier: FC:EE:32:27:9C:16:DA:CD:B5:34:9F:1B:87:C5:7D:74:C5:0E:A5:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_O4yJ5wW2s21NJ8bh8V9dMUOpTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f60502-2704-4834-9d68-30466dec3905/1/G8YyVV2Bkyxwct_QJ41zJyluxKQ.roa
Signing time: Tue 02 Jan 2024 10:32:58 +0000
ROA not before: Tue 02 Jan 2024 10:32:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207975
IP address blocks: 194.32.166.0/23 maxlen: 23
194.32.204.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:d1:44:c5:c4:2e:7b:1a:85:f0:85:76:ca:da:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcee32279c16dacdb5349f1b87c57d74c50ea539
Validity
Not Before: Jan 2 10:32:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bc632555d81932c7072dfd0278d7327296ec4a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bb:00:8e:67:60:cc:7d:b7:0c:6f:6b:53:12:
3e:2d:12:9b:c7:d7:30:e1:34:63:d3:f4:88:c7:a9:
1c:27:30:55:c2:61:b0:3f:bc:3c:b0:1a:f6:67:29:
33:83:db:15:54:db:b1:71:1e:85:82:9c:d2:66:39:
44:40:c8:ca:07:40:c5:42:5a:10:c5:ad:3b:89:80:
6f:91:fc:cc:99:1b:d3:83:13:6d:d0:ae:1c:82:4c:
b1:42:ea:37:d2:7d:b6:6b:3f:4d:76:a5:67:4d:18:
de:96:9c:f7:a4:c7:a3:ff:81:45:2d:f0:8b:02:f7:
e0:25:6d:81:da:aa:16:8e:3c:2c:a5:9f:c7:9a:65:
d8:12:c1:d3:68:48:b8:5c:70:4a:c3:d1:89:2c:d8:
8e:34:8f:9a:a2:c7:69:c7:c0:72:29:0a:87:8b:0a:
38:e6:16:35:ce:ef:ab:2c:55:69:71:ed:78:88:88:
e9:4b:e6:82:18:fd:be:7f:6c:6a:0f:00:53:51:3a:
c8:06:9c:f2:ce:7e:87:03:95:24:80:37:58:3d:9e:
60:50:18:81:7a:3c:fb:a6:e6:29:c8:cc:13:8b:eb:
47:b8:68:17:3e:c3:9c:23:9a:e1:b8:ad:89:8a:38:
54:83:e8:df:6a:78:1a:3f:a4:52:4e:3f:a7:3e:1d:
f1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C6:32:55:5D:81:93:2C:70:72:DF:D0:27:8D:73:27:29:6E:C4:A4
X509v3 Authority Key Identifier:
keyid:FC:EE:32:27:9C:16:DA:CD:B5:34:9F:1B:87:C5:7D:74:C5:0E:A5:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_O4yJ5wW2s21NJ8bh8V9dMUOpTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f60502-2704-4834-9d68-30466dec3905/1/G8YyVV2Bkyxwct_QJ41zJyluxKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f60502-2704-4834-9d68-30466dec3905/1/_O4yJ5wW2s21NJ8bh8V9dMUOpTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.166.0/23
194.32.204.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:21:8a:d7:55:87:13:f4:c5:f3:10:62:37:2b:de:c9:d7:4b:
89:c7:9a:24:4d:2d:c7:89:c2:24:80:3e:57:69:d4:d7:ea:aa:
5a:e8:8e:35:a8:1f:cf:38:a6:09:a2:1f:87:10:47:5b:eb:9b:
92:e6:7e:19:8b:9a:8d:95:d2:c8:64:93:0b:58:7c:85:1f:b4:
3f:5c:22:ea:fb:8c:dc:e8:3b:96:85:6e:fe:ab:d5:a1:2b:52:
a8:35:f7:7d:1e:d4:08:4f:05:d5:4f:87:ea:06:34:5f:42:3a:
ea:15:f8:97:be:d2:0b:de:c6:fb:af:2f:7a:4e:be:04:0b:75:
0d:4e:ec:f8:28:51:e9:0f:67:df:e7:74:82:ac:53:f4:63:50:
a7:d2:32:4b:7b:24:f5:a5:3c:e2:33:0a:a6:9e:02:00:36:bd:
63:c4:54:96:50:43:72:91:c0:cf:63:39:df:db:c0:bd:c8:1c:
57:53:98:e0:45:83:4a:c2:8a:d2:af:c3:dd:5e:f7:3c:67:0f:
52:ce:87:a9:9b:6a:26:ff:79:73:df:43:94:bf:33:6b:73:c4:
4c:18:d3:ee:34:28:f2:1a:e3:8e:72:c2:c0:32:61:d3:47:0a:
4d:8f:5f:8e:a4:f0:1a:36:77:ee:18:82:f6:26:15:34:49:3a:
c6:f7:2f:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJu9FExcQuexqF8IV2yto1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZWUzMjI3OWMxNmRhY2RiNTM0OWYxYjg3YzU3ZDc0YzUw
ZWE1MzkwHhcNMjQwMTAyMTAzMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmM2MzI1NTVkODE5MzJjNzA3MmRmZDAyNzhkNzMyNzI5NmVjNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLsAjmdgzH23DG9rUxI+LRKbx9cw
4TRj0/SIx6kcJzBVwmGwP7w8sBr2Zykzg9sVVNuxcR6FgpzSZjlEQMjKB0DFQloQ
xa07iYBvkfzMmRvTgxNt0K4cgkyxQuo30n22az9NdqVnTRjelpz3pMej/4FFLfCL
AvfgJW2B2qoWjjwspZ/HmmXYEsHTaEi4XHBKw9GJLNiONI+aosdpx8ByKQqHiwo4
5hY1zu+rLFVpce14iIjpS+aCGP2+f2xqDwBTUTrIBpzyzn6HA5UkgDdYPZ5gUBiB
ejz7puYpyMwTi+tHuGgXPsOcI5rhuK2JijhUg+jfangaP6RSTj+nPh3xvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBvGMlVdgZMscHLf0CeNcycpbsSkMB8GA1UdIwQY
MBaAFPzuMiecFtrNtTSfG4fFfXTFDqU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX080eUo1d1cyczIxTko4Ymg4VjlkTVVPcFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mNjA1MDItMjcwNC00ODM0LTlkNjgt
MzA0NjZkZWMzOTA1LzEvRzhZeVZWMkJreXh3Y3RfUUo0MXpKeWx1eEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mNjA1MDItMjcwNC00ODM0LTlkNjgtMzA0NjZkZWMzOTA1
LzEvX080eUo1d1cyczIxTko4Ymg4VjlkTVVPcFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwiCmAwQB
wiDMMA0GCSqGSIb3DQEBCwUAA4IBAQA8IYrXVYcT9MXzEGI3K97J10uJx5okTS3H
icIkgD5XadTX6qpa6I41qB/POKYJoh+HEEdb65uS5n4Zi5qNldLIZJMLWHyFH7Q/
XCLq+4zc6DuWhW7+q9WhK1KoNfd9HtQITwXVT4fqBjRfQjrqFfiXvtIL3sb7ry96
Tr4EC3UNTuz4KFHpD2ff53SCrFP0Y1Cn0jJLeyT1pTziMwqmngIANr1jxFSWUENy
kcDPYznf28C9yBxXU5jgRYNKworSr8PdXvc8Zw9Szoepm2om/3lz30OUvzNrc8RM
GNPuNCjyGuOOcsLAMmHTRwpNj1+OpPAaNnfuGIL2JhU0STrG9y+V
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:32:17 2025 by rpki-client