Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/FAIVS1nSWhGXVilGMLXXoQl2VKk.roa
File: FAIVS1nSWhGXVilGMLXXoQl2VKk.roa (raw, json)
Hash identifier: QnrHzmcLE3XTuRgRsHFCQRqwtfOQaMTayLeGOR4HAhY=
Subject key identifier: 14:02:15:4B:59:D2:5A:11:97:56:29:46:30:B5:D7:A1:09:76:54:A9
Certificate issuer: /CN=92296e30487ba9463e4b6adc81ab7da647c39fe7
Certificate serial: 01903A46C40E23E09A199C7CC1BB6A29213E
Authority key identifier: 92:29:6E:30:48:7B:A9:46:3E:4B:6A:DC:81:AB:7D:A6:47:C3:9F:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiluMEh7qUY-S2rcgat9pkfDn-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/FAIVS1nSWhGXVilGMLXXoQl2VKk.roa
Signing time: Fri 21 Jun 2024 10:10:34 +0000
ROA not before: Fri 21 Jun 2024 10:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41268
IP address blocks: 37.235.128.0/17 maxlen: 17
93.186.96.0/20 maxlen: 20
185.140.160.0/22 maxlen: 22
193.203.60.0/22 maxlen: 22
2a03:2c00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Nov 2024 14:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3a:46:c4:0e:23:e0:9a:19:9c:7c:c1:bb:6a:29:21:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92296e30487ba9463e4b6adc81ab7da647c39fe7
Validity
Not Before: Jun 21 10:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1402154b59d25a119756294630b5d7a1097654a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ed:b8:0b:32:41:e9:60:5c:d3:04:48:4c:f6:
6f:15:c8:c3:1d:a0:f5:b8:51:87:98:6b:be:9f:f8:
c7:63:1c:8c:f6:dc:cc:5e:89:a2:fe:f3:a0:f1:8a:
25:68:85:1e:7f:5e:d4:ee:fa:02:eb:a9:d8:9e:f5:
bc:bf:aa:33:0f:f2:77:6d:2e:91:c9:08:e5:a5:ff:
de:11:ac:11:c1:d7:66:ff:8e:fa:58:ea:5b:ec:80:
85:68:47:16:3e:10:55:a3:b7:77:3a:84:74:77:43:
53:6d:47:ab:cd:db:21:bb:2a:e5:9d:0b:06:3b:3f:
ef:60:cd:45:33:29:2e:a1:37:f8:07:42:07:36:e8:
95:34:aa:86:62:ff:f2:ef:cc:a9:d8:54:fd:e0:5f:
75:e2:63:a0:50:ba:1b:4f:b0:ce:0e:21:ae:7b:e2:
ed:88:e1:85:3b:37:b4:e8:40:50:3a:1d:2d:61:18:
20:ab:f7:f1:f6:5d:80:cf:6e:b1:a1:3c:03:5e:7b:
bc:28:f5:45:6a:c6:1b:6c:e8:15:a2:89:a9:83:cf:
d1:ac:55:f5:49:b2:4d:9a:76:d6:ce:04:b0:4b:53:
0a:3b:49:be:aa:6a:9b:bf:85:63:26:36:ca:3e:c1:
25:04:64:c6:fe:1e:cb:0f:73:98:0d:dd:4c:61:84:
21:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:02:15:4B:59:D2:5A:11:97:56:29:46:30:B5:D7:A1:09:76:54:A9
X509v3 Authority Key Identifier:
keyid:92:29:6E:30:48:7B:A9:46:3E:4B:6A:DC:81:AB:7D:A6:47:C3:9F:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiluMEh7qUY-S2rcgat9pkfDn-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/FAIVS1nSWhGXVilGMLXXoQl2VKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3bb178-b336-489c-9e8d-0d1164daa1e4/1/kiluMEh7qUY-S2rcgat9pkfDn-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.128.0/17
93.186.96.0/20
185.140.160.0/22
193.203.60.0/22
IPv6:
2a03:2c00::/32
Signature Algorithm: sha256WithRSAEncryption
0e:f0:30:10:5d:92:fd:ad:16:90:d4:e7:24:47:7a:70:58:82:
59:c8:0b:c2:04:bc:a9:0a:ca:a6:d6:73:46:91:d6:1c:db:78:
f7:2f:63:12:4b:83:09:91:36:5c:da:ce:a3:5e:cf:52:a3:31:
53:a0:88:47:1b:17:70:1d:ee:83:41:7f:9d:95:32:55:c1:ef:
cf:74:90:c7:e4:07:38:7e:1d:df:00:c1:c6:f9:21:5e:86:88:
e5:db:88:f8:0a:0d:9e:69:40:55:2d:ed:6c:65:19:a4:09:ee:
d9:1e:af:2a:54:c6:23:be:d4:c9:c3:38:8c:b7:1f:61:81:3d:
38:99:f8:45:ce:6a:3e:05:20:34:30:24:b9:0d:31:fe:91:e1:
85:a0:d1:d1:dd:ae:f8:bc:6b:5d:b2:8f:be:7e:d3:47:9a:40:
9b:a8:a2:68:49:9b:43:37:48:c1:c4:d4:8f:54:0a:f2:09:d0:
21:55:31:16:0d:d3:e3:e7:da:06:25:f3:59:0f:fc:72:8f:76:
4e:50:bf:05:29:98:f8:12:cc:ac:37:4b:20:2d:d8:d7:ed:d8:
98:64:73:cd:2f:4c:36:86:b5:18:f5:95:a8:85:83:f7:29:04:
ab:c6:8f:f1:25:2a:3d:0b:70:2c:db:f7:9c:64:53:be:45:d7:
a8:84:ec:f8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZA6RsQOI+CaGZx8wbtqKSE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjk2ZTMwNDg3YmE5NDYzZTRiNmFkYzgxYWI3ZGE2NDdj
MzlmZTcwHhcNMjQwNjIxMTAxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDAyMTU0YjU5ZDI1YTExOTc1NjI5NDYzMGI1ZDdhMTA5NzY1NGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve24CzJB6WBc0wRITPZvFcjDHaD1
uFGHmGu+n/jHYxyM9tzMXomi/vOg8YolaIUef17U7voC66nYnvW8v6ozD/J3bS6R
yQjlpf/eEawRwddm/476WOpb7ICFaEcWPhBVo7d3OoR0d0NTbUerzdshuyrlnQsG
Oz/vYM1FMykuoTf4B0IHNuiVNKqGYv/y78yp2FT94F914mOgULobT7DODiGue+Lt
iOGFOze06EBQOh0tYRggq/fx9l2Az26xoTwDXnu8KPVFasYbbOgVoompg8/RrFX1
SbJNmnbWzgSwS1MKO0m+qmqbv4VjJjbKPsElBGTG/h7LD3OYDd1MYYQhJQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBQCFUtZ0loRl1YpRjC116EJdlSpMB8GA1UdIwQY
MBaAFJIpbjBIe6lGPktq3IGrfaZHw5/nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lsdU1FaDdxVVktUzJyY2dhdDlwa2ZEbi1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zYmIxNzgtYjMzNi00ODljLTllOGQt
MGQxMTY0ZGFhMWU0LzEvRkFJVlMxblNXaEdYVmlsR01MWFhvUWwyVktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zYmIxNzgtYjMzNi00ODljLTllOGQtMGQxMTY0ZGFhMWU0
LzEva2lsdU1FaDdxVVktUzJyY2dhdDlwa2ZEbi1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHJeuAAwQE
XbpgAwQCuYygAwQCwcs8MA0EAgACMAcDBQAqAywAMA0GCSqGSIb3DQEBCwUAA4IB
AQAO8DAQXZL9rRaQ1OckR3pwWIJZyAvCBLypCsqm1nNGkdYc23j3L2MSS4MJkTZc
2s6jXs9SozFToIhHGxdwHe6DQX+dlTJVwe/PdJDH5Ac4fh3fAMHG+SFehojl24j4
Cg2eaUBVLe1sZRmkCe7ZHq8qVMYjvtTJwziMtx9hgT04mfhFzmo+BSA0MCS5DTH+
keGFoNHR3a74vGtdso++ftNHmkCbqKJoSZtDN0jBxNSPVAryCdAhVTEWDdPj59oG
JfNZD/xyj3ZOUL8FKZj4EsysN0sgLdjX7diYZHPNL0w2hrUY9ZWohYP3KQSrxo/x
JSo9C3As2/ecZFO+RdeohOz4
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:55:40 2025 by rpki-client