Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ab626-de1a-4dcf-a10e-8cc38718d219/1/FBosAqd6_iMex_NtkYpLCucDzfE.roa
File: FBosAqd6_iMex_NtkYpLCucDzfE.roa (raw, json)
Hash identifier: sigoX0ZCYgK9/0Vqwr+7j+n35pf0JoQhA2EVN8FRCvA=
Subject key identifier: 14:1A:2C:02:A7:7A:FE:23:1E:C7:F3:6D:91:8A:4B:0A:E7:03:CD:F1
Certificate issuer: /CN=67565dfdf66b212e17a1d98a7f5e2b0b3264cdae
Certificate serial: 018CC56E0CD79FA7928FBBF5666290143372
Authority key identifier: 67:56:5D:FD:F6:6B:21:2E:17:A1:D9:8A:7F:5E:2B:0B:32:64:CD:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z1Zd_fZrIS4XodmKf14rCzJkza4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/7ab626-de1a-4dcf-a10e-8cc38718d219/1/FBosAqd6_iMex_NtkYpLCucDzfE.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 185.93.174.0/24 maxlen: 24
188.116.51.0/24 maxlen: 24
188.116.50.0/24 maxlen: 24
2a0a:7180:80::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0c:d7:9f:a7:92:8f:bb:f5:66:62:90:14:33:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67565dfdf66b212e17a1d98a7f5e2b0b3264cdae
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=141a2c02a77afe231ec7f36d918a4b0ae703cdf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:09:27:38:15:17:c2:ed:b1:33:74:fc:7e:e3:
96:f4:ee:e7:fa:b3:4b:af:3f:87:f6:5e:10:d8:a6:
79:bc:ff:c9:dd:3f:99:d0:cf:bb:a3:90:c0:a0:50:
f8:32:df:23:ed:88:e3:2d:65:f8:76:b7:6d:5c:8c:
9c:7d:b7:f6:e0:93:7f:40:ce:4c:56:c2:cd:fd:b5:
f2:0f:e0:d0:4d:49:ba:83:21:7d:55:ad:99:c0:46:
15:79:30:23:6b:a7:31:0b:84:da:da:13:cd:0c:27:
f7:dc:83:f6:07:87:89:0f:97:9d:e9:7a:ed:05:99:
ed:b6:08:c5:97:b6:38:1e:63:98:11:3d:72:df:01:
7a:73:a7:21:d4:da:56:ac:08:7e:67:a6:26:10:f2:
f6:7a:5c:9d:3c:74:4f:85:fe:dd:cc:22:15:e8:50:
e5:3c:fb:24:3d:43:d3:01:62:84:77:42:1e:86:7d:
49:48:7e:4b:aa:58:85:ad:9f:1c:4c:bb:b6:fb:79:
55:05:b3:38:19:ac:b7:66:97:1c:e7:f2:19:2a:33:
52:53:fd:00:15:0e:61:04:aa:02:bf:3f:31:72:9a:
50:17:b5:45:3e:dd:dc:6d:1b:6c:ad:4d:62:bf:e3:
19:6b:42:3d:e7:64:5e:78:80:7e:71:5b:48:40:c5:
45:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:1A:2C:02:A7:7A:FE:23:1E:C7:F3:6D:91:8A:4B:0A:E7:03:CD:F1
X509v3 Authority Key Identifier:
keyid:67:56:5D:FD:F6:6B:21:2E:17:A1:D9:8A:7F:5E:2B:0B:32:64:CD:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z1Zd_fZrIS4XodmKf14rCzJkza4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ab626-de1a-4dcf-a10e-8cc38718d219/1/FBosAqd6_iMex_NtkYpLCucDzfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ab626-de1a-4dcf-a10e-8cc38718d219/1/Z1Zd_fZrIS4XodmKf14rCzJkza4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.174.0/24
188.116.50.0/23
IPv6:
2a0a:7180:80::/48
Signature Algorithm: sha256WithRSAEncryption
13:06:16:e4:4a:e2:9f:ff:43:5f:68:41:22:c8:5d:32:d1:57:
94:5d:f0:0a:4a:5c:31:d3:5c:dc:37:4a:bf:b5:e1:42:52:2b:
e6:28:85:6a:e6:cc:86:f6:e5:73:ca:5d:3a:f2:71:eb:f9:f4:
c9:29:06:02:0c:b4:43:ab:d2:d3:0e:64:9e:ab:4d:7c:19:9a:
16:b8:f1:07:db:6b:ec:18:ee:54:1f:e5:f8:e3:9e:1b:58:00:
44:18:ed:b4:8a:f4:21:fc:74:87:84:42:7d:e7:2b:65:bd:20:
49:24:08:fd:f5:15:32:2e:40:e5:72:48:4e:af:8c:3a:f6:1f:
86:c9:e6:f0:5f:0d:22:60:4d:a1:67:f4:16:dd:f8:54:52:33:
cb:34:74:d8:15:ea:a8:3d:67:4d:c7:58:d1:d8:9d:70:fc:1b:
f6:8d:c0:db:f3:cf:fd:0f:4f:34:6b:5f:25:fd:ad:a9:26:e4:
47:80:04:da:29:10:af:b7:49:ce:44:ef:79:a5:9c:4f:8b:47:
5e:51:15:a9:f9:7c:c1:51:f2:78:ec:0c:0f:da:85:ba:87:6e:
3c:ab:b8:f3:f5:6c:86:99:6b:f0:fa:73:7a:19:6b:b0:cc:8f:
ff:83:95:2e:d8:95:36:f4:f5:1f:64:42:fd:b1:c9:c6:a0:15:
3b:be:9a:cb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFbgzXn6eSj7v1ZmKQFDNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NTY1ZGZkZjY2YjIxMmUxN2ExZDk4YTdmNWUyYjBiMzI2
NGNkYWUwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDFhMmMwMmE3N2FmZTIzMWVjN2YzNmQ5MThhNGIwYWU3MDNjZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQknOBUXwu2xM3T8fuOW9O7n+rNL
rz+H9l4Q2KZ5vP/J3T+Z0M+7o5DAoFD4Mt8j7YjjLWX4drdtXIycfbf24JN/QM5M
VsLN/bXyD+DQTUm6gyF9Va2ZwEYVeTAja6cxC4Ta2hPNDCf33IP2B4eJD5ed6Xrt
BZnttgjFl7Y4HmOYET1y3wF6c6ch1NpWrAh+Z6YmEPL2elydPHRPhf7dzCIV6FDl
PPskPUPTAWKEd0Iehn1JSH5LqliFrZ8cTLu2+3lVBbM4Gay3Zpcc5/IZKjNSU/0A
FQ5hBKoCvz8xcppQF7VFPt3cbRtsrU1iv+MZa0I952ReeIB+cVtIQMVFDwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBQaLAKnev4jHsfzbZGKSwrnA83xMB8GA1UdIwQY
MBaAFGdWXf32ayEuF6HZin9eKwsyZM2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjFaZF9mWnJJUzRYb2RtS2YxNHJDekpremE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83YWI2MjYtZGUxYS00ZGNmLWExMGUt
OGNjMzg3MThkMjE5LzEvRkJvc0FxZDZfaU1leF9OdGtZcExDdWNEemZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83YWI2MjYtZGUxYS00ZGNmLWExMGUtOGNjMzg3MThkMjE5
LzEvWjFaZF9mWnJJUzRYb2RtS2YxNHJDekpremE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuV2uAwQB
vHQyMA8EAgACMAkDBwAqCnGAAIAwDQYJKoZIhvcNAQELBQADggEBABMGFuRK4p//
Q19oQSLIXTLRV5Rd8ApKXDHTXNw3Sr+14UJSK+YohWrmzIb25XPKXTrycev59Mkp
BgIMtEOr0tMOZJ6rTXwZmha48Qfba+wY7lQf5fjjnhtYAEQY7bSK9CH8dIeEQn3n
K2W9IEkkCP31FTIuQOVySE6vjDr2H4bJ5vBfDSJgTaFn9Bbd+FRSM8s0dNgV6qg9
Z03HWNHYnXD8G/aNwNvzz/0PTzRrXyX9rakm5EeABNopEK+3Sc5E73mlnE+LR15R
Fan5fMFR8njsDA/ahbqHbjyruPP1bIaZa/D6c3oZa7DMj/+DlS7YlTb09R9kQv2x
ycagFTu+mss=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:27 2025 by rpki-client