Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/FjL9taOKp0QUDy8DHlyiyYxJJo8.roa
File: FjL9taOKp0QUDy8DHlyiyYxJJo8.roa (raw, json)
Hash identifier: KT2GTEVq5Me+0963HCuZSipbLBE2/rOTeydTWcPWLNk=
Subject key identifier: 16:32:FD:B5:A3:8A:A7:44:14:0F:2F:03:1E:5C:A2:C9:8C:49:26:8F
Certificate issuer: /CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Certificate serial: 018CC6B889FD829045BFB6405CC1BEF55C6F
Authority key identifier: 37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/FjL9taOKp0QUDy8DHlyiyYxJJo8.roa
Signing time: Mon 01 Jan 2024 20:30:31 +0000
ROA not before: Mon 01 Jan 2024 20:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198171
IP address blocks: 185.102.76.0/22 maxlen: 22
2a00:ca80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:89:fd:82:90:45:bf:b6:40:5c:c1:be:f5:5c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Validity
Not Before: Jan 1 20:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1632fdb5a38aa744140f2f031e5ca2c98c49268f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:39:15:82:4c:25:2d:c2:9b:ee:88:90:0b:d2:
b8:de:a0:01:70:74:18:a0:d7:68:40:77:33:3e:ba:
29:52:e4:f9:52:7f:f6:1c:58:0f:5b:c3:c5:9f:fa:
89:22:7b:00:19:f0:81:a6:b9:c1:80:1b:06:59:ef:
d3:37:de:9e:1d:8a:f5:9a:87:29:57:80:dd:26:0a:
c7:84:fc:4a:1b:ad:31:f8:b4:19:25:66:2b:37:91:
07:b0:57:72:2f:5c:7d:63:de:42:d9:fa:80:9c:0a:
ba:03:2d:33:45:0c:30:00:15:59:53:bf:5c:6e:4a:
af:e2:2b:4f:9a:6c:d1:8a:b1:26:3b:5d:51:b8:cf:
40:89:0b:2f:a2:1a:6d:0e:20:27:0a:c6:a1:20:69:
3c:a7:db:78:a8:da:8a:6f:5e:5a:7c:e2:e9:90:36:
17:c7:6b:77:17:39:4d:f6:8d:b0:6f:2a:81:67:b2:
c8:e6:f0:18:18:e9:98:30:7f:d5:21:48:a5:5c:ae:
e8:58:a4:b7:a6:5e:e5:62:af:c2:fe:14:58:c7:c6:
6d:b6:7c:ee:a9:57:1a:4a:64:fd:85:03:68:4e:fa:
88:97:eb:90:b5:ed:d4:a6:94:cc:87:7f:ec:f2:24:
fd:96:7e:63:4f:5f:6f:01:43:57:6e:80:e1:ea:d9:
38:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:32:FD:B5:A3:8A:A7:44:14:0F:2F:03:1E:5C:A2:C9:8C:49:26:8F
X509v3 Authority Key Identifier:
keyid:37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/FjL9taOKp0QUDy8DHlyiyYxJJo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.76.0/22
IPv6:
2a00:ca80::/32
Signature Algorithm: sha256WithRSAEncryption
86:7f:8e:da:98:f4:c8:d7:ab:4b:8d:a2:d5:9f:1f:73:3b:89:
ce:8d:57:3c:54:65:d6:e3:57:45:50:40:e0:45:77:47:f1:8c:
d9:12:e6:cb:73:ff:0e:c6:0c:b7:2d:8c:54:8b:64:30:92:33:
02:07:7a:99:31:29:fb:a4:9d:12:c7:0f:9a:d9:51:c7:a2:8e:
5d:cd:a7:3c:56:c7:c2:e9:80:ea:6d:55:4b:07:6a:2d:0b:a5:
4c:c4:11:16:9c:df:9b:16:d8:ff:e8:fa:0d:9f:64:77:53:28:
b5:18:da:53:ac:80:12:12:87:1a:75:62:59:a7:e9:52:fc:d7:
76:74:9d:98:a6:2b:de:e8:3c:8a:5a:79:24:1c:32:c3:24:30:
71:46:8c:53:68:96:5e:ad:88:38:e0:1e:a3:e1:26:ea:b9:16:
fb:7d:38:da:53:dd:be:c6:35:1d:bb:c9:fb:d8:e4:92:ec:35:
e1:6b:86:82:85:81:8f:e7:01:a7:06:83:20:e7:24:8b:ce:c7:
d2:80:e1:2e:94:41:22:88:2b:9a:d4:12:24:db:de:77:3a:cc:
83:69:73:98:a3:39:3d:e7:bb:2e:4f:75:45:be:0e:26:4b:fd:
93:a5:ef:04:5f:65:67:48:b3:c0:63:fb:87:73:b7:a3:6b:21:
e8:2d:44:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuIn9gpBFv7ZAXMG+9VxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZmIwMDRlMzk3ZGRmMDRlN2QwNWYzNjQzYTAzNmYyMTgz
NmZmMTAwHhcNMjQwMTAxMjAzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjMyZmRiNWEzOGFhNzQ0MTQwZjJmMDMxZTVjYTJjOThjNDkyNjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszkVgkwlLcKb7oiQC9K43qABcHQY
oNdoQHczPropUuT5Un/2HFgPW8PFn/qJInsAGfCBprnBgBsGWe/TN96eHYr1mocp
V4DdJgrHhPxKG60x+LQZJWYrN5EHsFdyL1x9Y95C2fqAnAq6Ay0zRQwwABVZU79c
bkqv4itPmmzRirEmO11RuM9AiQsvohptDiAnCsahIGk8p9t4qNqKb15afOLpkDYX
x2t3FzlN9o2wbyqBZ7LI5vAYGOmYMH/VIUilXK7oWKS3pl7lYq/C/hRYx8Zttnzu
qVcaSmT9hQNoTvqIl+uQte3UppTMh3/s8iT9ln5jT19vAUNXboDh6tk4VQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBYy/bWjiqdEFA8vAx5cosmMSSaPMB8GA1UdIwQY
MBaAFDf7AE45fd8E59BfNkOgNvIYNv8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEt
YjUzYjY0Y2YwZDk1LzEvRmpMOXRhT0twMFFVRHk4REhseWl5WXhKSm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEtYjUzYjY0Y2YwZDk1
LzEvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWZMMA0E
AgACMAcDBQAqAMqAMA0GCSqGSIb3DQEBCwUAA4IBAQCGf47amPTI16tLjaLVnx9z
O4nOjVc8VGXW41dFUEDgRXdH8YzZEubLc/8Oxgy3LYxUi2QwkjMCB3qZMSn7pJ0S
xw+a2VHHoo5dzac8VsfC6YDqbVVLB2otC6VMxBEWnN+bFtj/6PoNn2R3Uyi1GNpT
rIASEocadWJZp+lS/Nd2dJ2Ypive6DyKWnkkHDLDJDBxRoxTaJZerYg44B6j4Sbq
uRb7fTjaU92+xjUdu8n72OSS7DXha4aChYGP5wGnBoMg5ySLzsfSgOEulEEiiCua
1BIk2953OsyDaXOYozk957suT3VFvg4mS/2Tpe8EX2VnSLPAY/uHc7ejayHoLURz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:54 2025 by rpki-client