Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/FTNOUUvo443uQX5GvBBPJ_vImtQ.roa
File: FTNOUUvo443uQX5GvBBPJ_vImtQ.roa (raw, json)
Hash identifier: wm8ztyhszZrHTwgu5Lj8X/QuEjhViyNPU+nlcDnyvPU=
Subject key identifier: 15:33:4E:51:4B:E8:E3:8D:EE:41:7E:46:BC:10:4F:27:FB:C8:9A:D4
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019424B3AAD88CD416DF509AFE1DAF67B2F9
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/FTNOUUvo443uQX5GvBBPJ_vImtQ.roa
Signing time: Thu 02 Jan 2025 01:49:01 +0000
ROA not before: Thu 02 Jan 2025 01:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29632
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.128.0/20 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.52.0/22 maxlen: 24
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
195.214.212.0/22 maxlen: 22
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 Jan 2025 22:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:aa:d8:8c:d4:16:df:50:9a:fe:1d:af:67:b2:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 2 01:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15334e514be8e38dee417e46bc104f27fbc89ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4b:c4:a7:53:6b:45:cc:ad:47:e9:a0:8b:86:
07:fc:2f:01:ee:12:ae:55:b6:18:47:bc:0c:54:10:
fd:ac:d7:97:c4:fa:97:7b:07:d6:92:e8:db:1b:a1:
f1:e1:38:9a:96:6a:08:6f:42:78:10:fd:0c:c8:09:
d9:48:1d:b7:c0:e8:6a:48:22:1f:af:27:b1:1d:4d:
47:92:30:cf:7e:b7:ef:a7:d2:81:21:2f:11:a9:5d:
e4:e4:02:b9:b9:23:c2:ee:20:d1:6b:f0:54:5f:67:
32:5b:d5:60:7d:bc:c6:ec:79:43:2d:cc:c2:e6:eb:
25:27:5a:fe:f3:5d:4e:ae:33:61:dd:7f:f9:f4:37:
f5:46:4e:d4:6d:62:cc:65:d0:30:2a:f9:7b:f4:e8:
f6:40:e8:57:42:ef:d9:c4:60:c0:c1:83:39:da:23:
9b:b6:23:64:7e:eb:f3:c1:d7:c6:27:72:b3:c1:bb:
71:c2:ad:76:54:50:75:4d:3d:de:6b:6f:f7:06:25:
54:aa:d2:a6:8d:33:69:b2:68:a9:ad:55:94:8a:13:
92:36:11:e9:3e:de:89:0f:e9:d0:c7:3c:0a:10:92:
da:1b:3e:d1:9b:1a:5b:94:6b:05:ae:63:cb:99:ad:
62:51:2a:4a:93:6f:be:04:3b:c8:32:ec:36:c7:f1:
b1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:33:4E:51:4B:E8:E3:8D:EE:41:7E:46:BC:10:4F:27:FB:C8:9A:D4
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/FTNOUUvo443uQX5GvBBPJ_vImtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.170.0-95.164.175.255
195.214.212.0/22
IPv6:
2a01:d0:303::/48
2a01:d0:305::/48
2a01:d0:308::/48
2a01:d0:317::/48
2a01:d0:31d::/48
2a01:d0:333::/48
2a01:d0:962::/48
2a01:d0:1657::/48
2a01:d0:7fff::-2a01:d0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
70:af:9d:a4:93:7b:8b:98:4c:e9:30:48:00:c0:c1:0a:31:e3:
1e:3f:e9:65:14:f3:cc:2b:45:d7:bb:8e:87:e6:69:31:7c:37:
c2:57:2b:b3:bf:1e:4c:8d:b1:cd:52:3f:64:22:c0:50:fd:4d:
02:29:7f:aa:4e:19:8a:46:1d:04:af:97:7d:29:e7:a5:c0:ba:
6a:02:de:36:c0:40:f4:d1:70:b3:f2:5f:c9:88:bb:0f:dd:e8:
50:b7:ad:9e:87:26:b0:f6:7c:5c:45:de:fa:e3:b7:e9:d6:6f:
a9:57:dd:5a:02:f5:37:fc:93:16:60:9a:f1:c4:fa:5c:03:ef:
d4:e8:49:11:ab:df:5e:71:2c:df:91:bd:81:b6:7d:90:33:77:
d4:37:3f:b1:b2:c3:0a:e9:81:90:b1:2a:3d:9e:9b:02:9e:d0:
4e:28:72:7b:a3:7c:3c:96:f5:b3:3f:35:44:a6:78:97:12:09:
5e:5e:20:87:be:40:fc:97:fe:79:79:c1:94:f5:0d:0b:21:87:
9f:e6:b8:73:9f:e0:ad:a4:59:85:87:8d:07:d0:d4:da:b8:12:
20:56:3b:bf:a9:1a:9a:09:b1:4d:06:95:79:69:6e:93:e2:d1:
b4:a8:c7:4c:68:55:e4:ff:94:41:3a:ca:62:e9:0a:11:e7:6b:
0b:e3:2f:bf
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZQks6rYjNQW31Ca/h2vZ7L5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTAyMDE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTMzNGU1MTRiZThlMzhkZWU0MTdlNDZiYzEwNGYyN2ZiYzg5YWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUvEp1NrRcytR+mgi4YH/C8B7hKu
VbYYR7wMVBD9rNeXxPqXewfWkujbG6Hx4TialmoIb0J4EP0MyAnZSB23wOhqSCIf
ryexHU1HkjDPfrfvp9KBIS8RqV3k5AK5uSPC7iDRa/BUX2cyW9VgfbzG7HlDLczC
5uslJ1r+811OrjNh3X/59Df1Rk7UbWLMZdAwKvl79Oj2QOhXQu/ZxGDAwYM52iOb
tiNkfuvzwdfGJ3Kzwbtxwq12VFB1TT3ea2/3BiVUqtKmjTNpsmiprVWUihOSNhHp
Pt6JD+nQxzwKEJLaGz7RmxpblGsFrmPLma1iUSpKk2++BDvIMuw2x/Gx4QIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFBUzTlFL6OON7kF+RrwQTyf7yJrUMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvRlROT1VVdm80NDN1UVg1R3ZCQlBKX3ZJbXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jBuBAIAATBoAwQFPs2A
AwQBXoMAAwQAXoMEAwQBXoMGAwQAX6QUAwQCX6QoMAwDBABfpDEDBABfpDIwDAME
Al+kNAMEAl+kODAMAwQDX6RIAwQAX6RMAwQCX6RQMAwDBAFfpKoDBARfpKADBALD
1tQwYAQCAAIwWgMHACoBANADAwMHACoBANADBQMHACoBANADCAMHACoBANADFwMH
ACoBANADHQMHACoBANADMwMHACoBANAJYgMHACoBANAWVzAQAwcAKgEA0H//AwUA
KgEA0DANBgkqhkiG9w0BAQsFAAOCAQEAcK+dpJN7i5hM6TBIAMDBCjHjHj/pZRTz
zCtF17uOh+ZpMXw3wlcrs78eTI2xzVI/ZCLAUP1NAil/qk4ZikYdBK+XfSnnpcC6
agLeNsBA9NFws/JfyYi7D93oULetnocmsPZ8XEXe+uO36dZvqVfdWgL1N/yTFmCa
8cT6XAPv1OhJEavfXnEs35G9gbZ9kDN31Dc/sbLDCumBkLEqPZ6bAp7QTihye6N8
PJb1sz81RKZ4lxIJXl4gh75A/Jf+eXnBlPUNCyGHn+a4c5/graRZhYeNB9DU2rgS
IFY7v6kamgmxTQaVeWluk+LRtKjHTGhV5P+UQTrKYukKEedrC+Mvvw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:08:24 2025 by rpki-client