Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fb4934-a937-4324-9f17-eead3b8bccb9/1/1-_-mTlMGS671UfIxMha9nJJohwI.roa
File: 1-_-mTlMGS671UfIxMha9nJJohwI.roa (raw, json)
Hash identifier: euEFv6JOKAxwAayR9cezKE2yuPZkl+3D+yNXa/UOcK4=
Subject key identifier: FB:FF:A6:4E:53:06:4B:AE:F5:51:F2:31:32:16:BD:9C:92:68:87:02
Certificate issuer: /CN=697ea60aca0ddae5eddfbc260cb7da261624e91d
Certificate serial: 018CC2DB09E0380FB348D62B7665346C2D54
Authority key identifier: 69:7E:A6:0A:CA:0D:DA:E5:ED:DF:BC:26:0C:B7:DA:26:16:24:E9:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aX6mCsoN2uXt37wmDLfaJhYk6R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fb4934-a937-4324-9f17-eead3b8bccb9/1/1-_-mTlMGS671UfIxMha9nJJohwI.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47426
IP address blocks: 195.43.157.0/24 maxlen: 24
2001:67c:348::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:09:e0:38:0f:b3:48:d6:2b:76:65:34:6c:2d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=697ea60aca0ddae5eddfbc260cb7da261624e91d
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbffa64e53064baef551f2313216bd9c92688702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:66:35:da:7e:0e:b3:c9:ee:85:ba:21:4a:44:
97:29:d8:5e:c8:eb:a7:a5:f3:28:03:a0:c4:61:14:
33:1a:a0:f7:9c:71:93:52:06:2f:70:70:53:96:87:
7d:a5:1e:42:63:fb:18:a1:50:9c:e5:1a:f8:4c:5d:
e4:7b:99:39:a1:9d:ae:a7:70:3c:2b:15:30:19:aa:
34:bf:a1:54:80:ba:69:8b:0a:39:10:9d:e5:71:59:
5a:3c:40:99:f5:30:05:2f:a6:cc:39:7e:41:f8:64:
9e:ad:78:a0:7b:35:d0:34:ec:db:3b:31:39:3f:68:
52:84:f4:11:f3:ac:cf:d2:91:a1:37:55:84:af:e8:
d7:b3:a7:0e:51:29:c2:04:89:c2:bd:ee:58:92:62:
f5:8a:9c:00:b7:cc:1c:70:b6:1c:6e:df:60:ce:c5:
d9:55:54:1d:4b:76:30:b0:c9:0b:5b:84:25:0b:ae:
f5:62:a0:2a:21:5a:85:ce:58:cd:fd:06:47:84:ee:
c0:3d:cf:db:54:b3:f7:5e:d5:6e:04:24:3c:7b:3e:
48:30:ee:37:33:02:83:96:68:33:ab:cf:49:21:0b:
a1:06:7d:42:76:c2:18:ff:40:5a:e0:2a:78:97:f6:
b6:25:df:07:38:b1:30:37:75:78:96:05:55:1a:17:
b6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FF:A6:4E:53:06:4B:AE:F5:51:F2:31:32:16:BD:9C:92:68:87:02
X509v3 Authority Key Identifier:
keyid:69:7E:A6:0A:CA:0D:DA:E5:ED:DF:BC:26:0C:B7:DA:26:16:24:E9:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aX6mCsoN2uXt37wmDLfaJhYk6R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fb4934-a937-4324-9f17-eead3b8bccb9/1/1-_-mTlMGS671UfIxMha9nJJohwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fb4934-a937-4324-9f17-eead3b8bccb9/1/aX6mCsoN2uXt37wmDLfaJhYk6R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.157.0/24
IPv6:
2001:67c:348::/48
Signature Algorithm: sha256WithRSAEncryption
51:76:f3:91:0d:0a:97:1a:e1:06:81:d9:c5:35:d6:0a:75:77:
02:98:13:bb:ad:56:38:0c:df:aa:23:01:6f:0f:8a:9d:cf:01:
2f:81:75:99:ab:fe:0b:1b:c5:1f:b3:59:91:5c:a3:55:46:b4:
60:75:7f:72:e6:e7:3f:68:a4:4a:a5:e2:59:90:f9:f5:e7:1c:
07:e3:c6:ab:28:65:58:1b:3d:f0:b2:49:b5:1a:06:d9:7e:af:
d1:24:dd:04:6b:dc:0e:61:ee:9c:91:7b:84:3b:fe:1c:6e:c1:
82:d5:da:52:f2:9d:f4:e4:59:f3:eb:ec:7a:76:cc:93:a3:51:
2f:e9:32:7c:09:7e:c3:29:31:b7:19:2a:82:54:f8:2d:a3:26:
d4:31:0f:54:3b:41:21:8f:24:4f:94:22:50:14:1f:a5:57:4e:
08:41:51:5a:17:3a:f4:2b:0d:4d:9f:e3:35:56:d7:6f:0a:53:
99:9a:10:54:ec:c7:6d:0d:21:0a:19:b5:63:72:48:ab:cf:f2:
72:84:52:bb:7f:6b:c7:01:84:fd:15:57:18:26:19:f3:8b:b4:
aa:dc:2f:81:9e:ba:4d:05:51:41:65:d5:fa:f6:32:f2:cc:5c:
79:89:04:73:f6:dd:dc:aa:de:f4:6e:8a:0f:e0:37:14:d9:0b:
1a:0a:cf:c4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2wngOA+zSNYrdmU0bC1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5N2VhNjBhY2EwZGRhZTVlZGRmYmMyNjBjYjdkYTI2MTYy
NGU5MWQwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmZmYTY0ZTUzMDY0YmFlZjU1MWYyMzEzMjE2YmQ5YzkyNjg4NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWY12n4Os8nuhbohSkSXKdheyOun
pfMoA6DEYRQzGqD3nHGTUgYvcHBTlod9pR5CY/sYoVCc5Rr4TF3ke5k5oZ2up3A8
KxUwGao0v6FUgLppiwo5EJ3lcVlaPECZ9TAFL6bMOX5B+GSerXigezXQNOzbOzE5
P2hShPQR86zP0pGhN1WEr+jXs6cOUSnCBInCve5YkmL1ipwAt8wccLYcbt9gzsXZ
VVQdS3YwsMkLW4QlC671YqAqIVqFzljN/QZHhO7APc/bVLP3XtVuBCQ8ez5IMO43
MwKDlmgzq89JIQuhBn1CdsIY/0Ba4Cp4l/a2Jd8HOLEwN3V4lgVVGhe2/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPv/pk5TBkuu9VHyMTIWvZySaIcCMB8GA1UdIwQY
MBaAFGl+pgrKDdrl7d+8Jgy32iYWJOkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVg2bUNzb04ydVh0Mzd3bURMZmFKaFlrNlIwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mYjQ5MzQtYTkzNy00MzI0LTlmMTct
ZWVhZDNiOGJjY2I5LzEvMS1fLW1UbE1HUzY3MVVmSXhNaGE5bkpKb2h3SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmYvZmI0OTM0LWE5MzctNDMyNC05ZjE3LWVlYWQzYjhiY2Ni
OS8xL2FYNm1Dc29OMnVYdDM3d21ETGZhSmhZazZSMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMMrnTAP
BAIAAjAJAwcAIAEGfANIMA0GCSqGSIb3DQEBCwUAA4IBAQBRdvORDQqXGuEGgdnF
NdYKdXcCmBO7rVY4DN+qIwFvD4qdzwEvgXWZq/4LG8Ufs1mRXKNVRrRgdX9y5uc/
aKRKpeJZkPn15xwH48arKGVYGz3wskm1GgbZfq/RJN0Ea9wOYe6ckXuEO/4cbsGC
1dpS8p305Fnz6+x6dsyTo1Ev6TJ8CX7DKTG3GSqCVPgtoybUMQ9UO0EhjyRPlCJQ
FB+lV04IQVFaFzr0Kw1Nn+M1VtdvClOZmhBU7MdtDSEKGbVjckirz/JyhFK7f2vH
AYT9FVcYJhnzi7Sq3C+BnrpNBVFBZdX69jLyzFx5iQRz9t3cqt70booP4DcU2Qsa
Cs/E
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:58:06 2025 by rpki-client