Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FrjFx067uQlERZqaoAO9cPrXUZo.roa
File: FrjFx067uQlERZqaoAO9cPrXUZo.roa (raw, json)
Hash identifier: 3MZ0ZM9T7VtWfz088s1yZVe6isjr9EbnTytg5eZCjhI=
Subject key identifier: 16:B8:C5:C7:4E:BB:B9:09:44:45:9A:9A:A0:03:BD:70:FA:D7:51:9A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0194D0DF1072540739A3F00E3BF6B8099D14
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FrjFx067uQlERZqaoAO9cPrXUZo.roa
Signing time: Tue 04 Feb 2025 12:11:07 +0000
ROA not before: Tue 04 Feb 2025 12:11:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44948
IP address blocks: 77.81.50.0/23 maxlen: 23
109.61.104.0/21 maxlen: 24
194.50.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 17:37:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d0:df:10:72:54:07:39:a3:f0:0e:3b:f6:b8:09:9d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 4 12:11:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16b8c5c74ebbb90944459a9aa003bd70fad7519a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:41:7b:67:eb:0a:4f:01:7f:6e:96:f1:c2:a1:
61:42:4c:63:ae:c1:73:62:5d:b1:c2:dc:94:98:48:
af:51:33:bf:6c:a0:de:00:4a:55:83:f6:9e:37:d3:
4f:59:6e:7d:79:b6:1b:e3:08:e2:f1:38:bf:b9:02:
15:3b:f3:9a:ac:21:8b:7c:38:0e:d3:d5:b7:28:c6:
8c:59:20:bd:28:8e:22:42:87:f7:74:20:8d:82:46:
1a:cd:93:48:5d:53:4c:79:6e:d4:bd:5e:93:c3:9f:
5a:36:76:77:69:94:f8:62:12:2d:41:fc:a5:2d:32:
b2:0f:00:35:8c:7b:11:f3:49:0a:4a:32:8b:95:62:
31:b8:26:23:f9:e0:26:52:c1:3e:55:f5:06:15:fb:
af:36:41:5c:b7:dc:2b:ac:aa:ea:32:fe:d3:de:61:
26:0e:d8:d1:01:ad:c1:43:bc:a0:9c:82:1d:7b:ba:
12:e5:d2:e4:98:cf:0e:09:f2:c3:ce:d7:39:33:4d:
ff:0d:8e:d2:21:55:05:74:cb:da:c4:f8:9f:80:ca:
8d:8e:74:01:23:72:af:ad:7b:fd:84:62:70:19:11:
bb:8a:cb:0c:df:31:d4:86:e7:d1:e2:75:de:d5:d6:
3b:ef:1d:00:dd:5e:d5:ab:43:d5:48:72:d2:47:df:
42:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B8:C5:C7:4E:BB:B9:09:44:45:9A:9A:A0:03:BD:70:FA:D7:51:9A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FrjFx067uQlERZqaoAO9cPrXUZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.50.0/23
109.61.104.0/21
194.50.111.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:af:d3:f5:7c:b4:61:b8:b5:c6:96:57:5c:77:91:bc:46:b9:
c3:10:7b:3f:31:3b:ce:b5:0a:3e:96:9d:37:37:c1:08:80:32:
27:2f:92:ad:24:93:d8:5b:6a:bd:7c:f5:a9:7e:3b:0c:59:69:
8a:0b:5c:a3:3b:31:bc:30:28:0b:2a:1e:be:56:45:c7:d0:b8:
da:63:b2:fe:1a:d6:ab:aa:15:ef:9d:92:48:e1:0e:ae:c1:23:
3e:1e:f1:31:e7:55:41:ee:a0:6c:2e:20:d9:c1:18:04:e0:ca:
e8:9a:c1:35:db:cb:e5:fd:3b:7c:32:0c:3a:a5:df:bf:20:16:
f7:f1:82:2f:2b:b7:53:42:4c:74:8a:16:10:36:97:57:12:f4:
a1:09:85:43:81:80:dc:9f:c1:c3:75:5a:07:19:98:2c:a4:f6:
45:61:e0:fd:2e:ce:20:f2:1f:ff:55:fb:0a:ea:e1:3c:be:ad:
1e:32:8a:cf:21:f9:51:e4:34:5e:6b:2e:75:ea:2b:c3:88:29:
9d:bf:f2:fd:1d:c3:93:9f:c8:76:9a:36:75:09:a9:11:6a:2f:
89:d0:74:cf:33:59:38:c4:a0:4f:99:1c:80:86:63:48:52:9b:
bd:ef:ef:4a:f0:f3:2d:f2:76:c0:76:ce:16:ee:d9:d5:1a:e5:
4b:0f:94:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTQ3xByVAc5o/AOO/a4CZ0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMjA0MTIxMTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmI4YzVjNzRlYmJiOTA5NDQ0NTlhOWFhMDAzYmQ3MGZhZDc1MTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30F7Z+sKTwF/bpbxwqFhQkxjrsFz
Yl2xwtyUmEivUTO/bKDeAEpVg/aeN9NPWW59ebYb4wji8Ti/uQIVO/OarCGLfDgO
09W3KMaMWSC9KI4iQof3dCCNgkYazZNIXVNMeW7UvV6Tw59aNnZ3aZT4YhItQfyl
LTKyDwA1jHsR80kKSjKLlWIxuCYj+eAmUsE+VfUGFfuvNkFct9wrrKrqMv7T3mEm
DtjRAa3BQ7ygnIIde7oS5dLkmM8OCfLDztc5M03/DY7SIVUFdMvaxPifgMqNjnQB
I3KvrXv9hGJwGRG7issM3zHUhufR4nXe1dY77x0A3V7Vq0PVSHLSR99CMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBa4xcdOu7kJREWamqADvXD611GaMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRnJqRngwNjd1UWxFUlpxYW9BTzljUHJYVVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBTVEyAwQD
bT1oAwQAwjJvMA0GCSqGSIb3DQEBCwUAA4IBAQA7r9P1fLRhuLXGlldcd5G8RrnD
EHs/MTvOtQo+lp03N8EIgDInL5KtJJPYW2q9fPWpfjsMWWmKC1yjOzG8MCgLKh6+
VkXH0LjaY7L+GtarqhXvnZJI4Q6uwSM+HvEx51VB7qBsLiDZwRgE4MromsE128vl
/Tt8Mgw6pd+/IBb38YIvK7dTQkx0ihYQNpdXEvShCYVDgYDcn8HDdVoHGZgspPZF
YeD9Ls4g8h//VfsK6uE8vq0eMorPIflR5DReay516ivDiCmdv/L9HcOTn8h2mjZ1
CakRai+J0HTPM1k4xKBPmRyAhmNIUpu97+9K8PMt8nbAds4W7tnVGuVLD5Sm
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:43:27 2025 by rpki-client