Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/FCKHgxhPcG_AG_umnFQYO_o-eCQ.roa
File: FCKHgxhPcG_AG_umnFQYO_o-eCQ.roa (raw, json)
Hash identifier: 39f8kS06k8oeWN0u3D1+Bv+4O38PU2a/U9NN4m2txko=
Subject key identifier: 14:22:87:83:18:4F:70:6F:C0:1B:FB:A6:9C:54:18:3B:FA:3E:78:24
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 019570C650D210828889731CCF8270B8BD03
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/FCKHgxhPcG_AG_umnFQYO_o-eCQ.roa
Signing time: Fri 07 Mar 2025 13:23:19 +0000
ROA not before: Fri 07 Mar 2025 13:23:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51202
IP address blocks: 31.25.11.0/24 maxlen: 24
89.36.35.0/24 maxlen: 24
185.121.132.0/24 maxlen: 24
212.232.18.0/24 maxlen: 24
2a14:6781::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Mar 2025 14:34:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:70:c6:50:d2:10:82:88:89:73:1c:cf:82:70:b8:bd:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Mar 7 13:23:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14228783184f706fc01bfba69c54183bfa3e7824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f9:dd:3e:db:c9:35:19:42:f5:c7:99:88:3a:
97:e4:34:ee:8b:e1:5d:f1:80:79:25:c8:7e:ff:53:
15:d1:e4:5b:14:cb:3b:9a:93:5f:53:d6:bf:d6:a0:
bf:9d:d3:ce:08:29:ad:4c:73:fe:40:00:e2:d2:1f:
1a:80:08:eb:a2:e5:f2:1b:68:ed:e3:57:52:f7:34:
9c:cf:2e:7b:c6:2e:68:05:69:c6:d2:91:40:41:40:
22:c6:45:a9:b8:2a:c8:a9:ad:af:6d:ec:31:1a:83:
83:8d:30:92:47:fe:59:cf:e0:d9:4e:a4:3b:8d:21:
68:17:53:52:db:81:ca:3b:f4:3e:77:0b:42:f6:a9:
84:f8:d6:34:b7:55:55:87:2a:50:0d:a6:ef:b2:d4:
a5:62:53:f5:84:97:d2:07:ec:3d:94:c8:0b:a7:c6:
d6:62:0a:b0:40:09:2c:bd:b2:b6:ec:b9:12:e4:29:
dd:71:c3:bd:f7:47:a5:08:4b:98:17:c4:3a:17:73:
f5:77:75:ec:a6:cd:22:35:ab:0c:bf:da:fe:95:e5:
a2:c6:eb:d2:b9:f8:dc:85:45:de:ea:c8:3b:98:a1:
48:2a:91:69:87:0e:54:97:5b:f3:10:bd:fd:f1:71:
11:25:81:a8:27:49:f6:0b:af:4a:46:cb:cd:5b:70:
27:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:22:87:83:18:4F:70:6F:C0:1B:FB:A6:9C:54:18:3B:FA:3E:78:24
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/FCKHgxhPcG_AG_umnFQYO_o-eCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
89.36.35.0/24
185.121.132.0/24
212.232.18.0/24
IPv6:
2a14:6781::/32
Signature Algorithm: sha256WithRSAEncryption
43:7c:3f:ca:d1:25:d5:3c:9f:2f:65:18:0f:b9:c6:2b:45:10:
9c:9e:43:a7:eb:e2:34:d5:49:81:b9:0a:1f:57:1a:e2:ed:d1:
bb:02:e2:a3:8a:33:f2:32:a3:cd:11:68:aa:5d:cb:bb:87:4a:
a7:ef:b0:4b:8f:29:6b:e0:09:24:62:14:03:d0:74:61:66:3e:
57:32:39:df:87:7c:5e:56:2b:8c:36:f4:d6:d6:c3:95:51:36:
1e:cb:ff:a6:63:98:bf:f1:86:f0:bf:d9:ac:72:8a:cb:cb:93:
bc:47:74:d6:e2:50:24:8c:ea:d6:8b:40:53:8c:31:f3:36:08:
fe:7e:68:34:ed:80:38:95:9d:6b:dd:6a:89:0a:5e:24:56:e4:
97:04:8f:7a:33:3d:b7:8b:67:39:85:9e:a7:3a:d3:a9:32:98:
4d:d2:9e:e0:8e:9f:d6:ef:e6:ee:59:f8:0f:8f:64:44:b2:a6:
6e:20:f2:a8:cc:46:ab:e3:6f:b4:96:a0:17:15:09:66:81:0b:
d5:bc:cf:33:83:e5:3e:25:2d:ac:f7:13:2f:dd:dd:6a:e4:e5:
c0:90:c1:7e:ad:59:1e:28:d6:21:77:b7:ce:8e:ff:3b:9c:b5:
2d:1a:2f:2c:68:3f:5f:1f:e2:02:b5:47:50:2b:76:5b:71:2b:
a3:c4:ea:4f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZVwxlDSEIKIiXMcz4JwuL0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwMzA3MTMyMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDIyODc4MzE4NGY3MDZmYzAxYmZiYTY5YzU0MTgzYmZhM2U3ODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvndPtvJNRlC9ceZiDqX5DTui+Fd
8YB5Jch+/1MV0eRbFMs7mpNfU9a/1qC/ndPOCCmtTHP+QADi0h8agAjrouXyG2jt
41dS9zSczy57xi5oBWnG0pFAQUAixkWpuCrIqa2vbewxGoODjTCSR/5Zz+DZTqQ7
jSFoF1NS24HKO/Q+dwtC9qmE+NY0t1VVhypQDabvstSlYlP1hJfSB+w9lMgLp8bW
YgqwQAksvbK27LkS5CndccO990elCEuYF8Q6F3P1d3Xsps0iNasMv9r+leWixuvS
ufjchUXe6sg7mKFIKpFphw5Ul1vzEL398XERJYGoJ0n2C69KRsvNW3AnjQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBQih4MYT3BvwBv7ppxUGDv6PngkMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvRkNLSGd4aFBjR19BR191bW5GUVlPX28tZUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAHxkLAwQA
WSQjAwQAuXmEAwQA1OgSMA0EAgACMAcDBQAqFGeBMA0GCSqGSIb3DQEBCwUAA4IB
AQBDfD/K0SXVPJ8vZRgPucYrRRCcnkOn6+I01UmBuQofVxri7dG7AuKjijPyMqPN
EWiqXcu7h0qn77BLjylr4AkkYhQD0HRhZj5XMjnfh3xeViuMNvTW1sOVUTYey/+m
Y5i/8Ybwv9mscorLy5O8R3TW4lAkjOrWi0BTjDHzNgj+fmg07YA4lZ1r3WqJCl4k
VuSXBI96Mz23i2c5hZ6nOtOpMphN0p7gjp/W7+buWfgPj2REsqZuIPKozEar42+0
lqAXFQlmgQvVvM8zg+U+JS2s9xMv3d1q5OXAkMF+rVkeKNYhd7fOjv87nLUtGi8s
aD9fH+ICtUdQK3ZbcSujxOpP
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:49:52 2025 by rpki-client