Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/FgHPz4UWWazGWPYg2sCQc-sj60I.roa
File: FgHPz4UWWazGWPYg2sCQc-sj60I.roa (raw, json)
Hash identifier: MYRhEoAcFZZayKsSqGWhdoYFQKc7NGNnyowbpxLMOW0=
Subject key identifier: 16:01:CF:CF:85:16:59:AC:C6:58:F6:20:DA:C0:90:73:EB:23:EB:42
Certificate issuer: /CN=8d64e43c75bdc511d524f0c85d009cba76956144
Certificate serial: 018CC6B8FCC58F168CEEEE02269D55123A0E
Authority key identifier: 8D:64:E4:3C:75:BD:C5:11:D5:24:F0:C8:5D:00:9C:BA:76:95:61:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jWTkPHW9xRHVJPDIXQCcunaVYUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/FgHPz4UWWazGWPYg2sCQc-sj60I.roa
Signing time: Mon 01 Jan 2024 20:31:01 +0000
ROA not before: Mon 01 Jan 2024 20:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38965
IP address blocks: 193.178.197.0/24 maxlen: 24
2a04:4345:10::/44 maxlen: 44
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:fc:c5:8f:16:8c:ee:ee:02:26:9d:55:12:3a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d64e43c75bdc511d524f0c85d009cba76956144
Validity
Not Before: Jan 1 20:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1601cfcf851659acc658f620dac09073eb23eb42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:72:7a:86:27:92:4c:4a:da:61:ed:75:1c:5f:
34:10:35:0d:c4:0b:5e:29:d8:1b:6c:8f:1d:80:f4:
94:53:e8:e0:fb:a7:8b:c4:33:73:df:9e:15:ba:64:
fc:db:68:48:9f:b7:7a:8d:f3:8a:d0:ce:eb:cd:93:
70:b8:62:9a:37:1a:b2:c0:4f:18:99:9e:76:69:e6:
ca:b4:0c:36:18:b1:33:16:af:a3:9e:92:05:9a:2c:
4e:7d:9d:e1:cf:f2:32:73:d9:99:74:7a:bf:65:02:
b2:1d:59:51:d4:bb:e8:5d:c8:32:72:bc:81:46:d3:
45:60:c6:0f:be:c6:ff:29:7e:04:1e:64:42:88:9b:
cd:b0:22:7b:6d:ea:e4:51:f6:93:56:17:b4:e0:33:
55:40:a9:59:91:57:17:07:35:7e:da:f3:c8:b6:51:
10:90:00:0b:6b:17:e0:9a:42:05:22:34:d2:eb:24:
0e:92:9c:97:78:b6:5a:07:f4:4d:e8:c6:8c:81:ab:
d2:0c:71:c7:eb:f1:f4:08:1b:39:d7:24:21:98:9a:
bb:95:3d:c0:1a:2e:d1:76:99:ed:ec:40:89:cc:03:
cf:41:10:99:d3:b4:bb:79:a5:1e:b5:4f:70:dd:2c:
53:9d:f3:7e:f9:d0:45:9e:5f:0f:44:28:bd:a5:23:
51:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:01:CF:CF:85:16:59:AC:C6:58:F6:20:DA:C0:90:73:EB:23:EB:42
X509v3 Authority Key Identifier:
keyid:8D:64:E4:3C:75:BD:C5:11:D5:24:F0:C8:5D:00:9C:BA:76:95:61:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jWTkPHW9xRHVJPDIXQCcunaVYUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/FgHPz4UWWazGWPYg2sCQc-sj60I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6f9b09-a59e-4f90-87c7-72448352b807/1/jWTkPHW9xRHVJPDIXQCcunaVYUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.197.0/24
IPv6:
2a04:4345:10::/44
Signature Algorithm: sha256WithRSAEncryption
dc:bd:a9:98:58:83:56:5b:5b:3e:81:8e:3c:95:21:be:ce:58:
8a:10:43:74:6d:26:81:04:ee:ae:14:9a:b7:44:a3:1b:0f:2c:
67:b2:c3:c4:07:92:28:96:63:95:4e:27:79:f4:0a:a8:5b:86:
ac:20:ec:37:23:6b:36:b5:44:24:9a:a8:49:1c:a4:b6:b3:08:
a7:66:52:35:27:5b:4e:2b:1d:7c:50:c8:16:61:87:a6:7b:69:
d2:e2:51:70:ca:b4:c1:a7:b1:20:99:48:71:c5:50:13:a8:b4:
84:aa:1b:0c:f8:ad:4b:96:b5:2b:01:3d:14:4c:54:57:36:3b:
65:70:b8:c4:7c:de:c2:37:a6:1d:06:d7:56:f8:79:7f:f2:ab:
4b:14:ec:67:45:95:5d:5c:20:d7:a2:6a:ee:08:ed:90:6d:b4:
e3:77:0d:62:73:ee:e7:3e:28:fb:10:95:ff:52:3c:75:66:86:
7d:00:55:7a:de:66:56:e5:fc:2f:31:95:e6:7e:f4:b4:96:b8:
5b:3f:ae:29:c4:7e:6c:1d:df:ab:bc:b1:2c:1c:49:8c:61:91:
1f:4a:53:50:06:2b:a1:a0:30:aa:53:6c:85:d8:ed:9b:bc:f3:
ee:0a:68:25:15:eb:04:82:52:46:7c:83:f6:77:6a:b6:1a:59:
2e:6a:3e:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGuPzFjxaM7u4CJp1VEjoOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNjRlNDNjNzViZGM1MTFkNTI0ZjBjODVkMDA5Y2JhNzY5
NTYxNDQwHhcNMjQwMTAxMjAzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjAxY2ZjZjg1MTY1OWFjYzY1OGY2MjBkYWMwOTA3M2ViMjNlYjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3J6hieSTEraYe11HF80EDUNxAte
KdgbbI8dgPSUU+jg+6eLxDNz354VumT822hIn7d6jfOK0M7rzZNwuGKaNxqywE8Y
mZ52aebKtAw2GLEzFq+jnpIFmixOfZ3hz/Iyc9mZdHq/ZQKyHVlR1LvoXcgycryB
RtNFYMYPvsb/KX4EHmRCiJvNsCJ7berkUfaTVhe04DNVQKlZkVcXBzV+2vPItlEQ
kAALaxfgmkIFIjTS6yQOkpyXeLZaB/RN6MaMgavSDHHH6/H0CBs51yQhmJq7lT3A
Gi7Rdpnt7ECJzAPPQRCZ07S7eaUetU9w3SxTnfN++dBFnl8PRCi9pSNRUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBYBz8+FFlmsxlj2INrAkHPrI+tCMB8GA1UdIwQY
MBaAFI1k5Dx1vcUR1STwyF0AnLp2lWFEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaldUa1BIVzl4UkhWSlBESVhRQ2N1bmFWWVVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82ZjliMDktYTU5ZS00ZjkwLTg3Yzct
NzI0NDgzNTJiODA3LzEvRmdIUHo0VVdXYXpHV1BZZzJzQ1FjLXNqNjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82ZjliMDktYTU5ZS00ZjkwLTg3YzctNzI0NDgzNTJiODA3
LzEvaldUa1BIVzl4UkhWSlBESVhRQ2N1bmFWWVVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwbLFMA8E
AgACMAkDBwQqBENFABAwDQYJKoZIhvcNAQELBQADggEBANy9qZhYg1ZbWz6BjjyV
Ib7OWIoQQ3RtJoEE7q4UmrdEoxsPLGeyw8QHkiiWY5VOJ3n0Cqhbhqwg7Dcjaza1
RCSaqEkcpLazCKdmUjUnW04rHXxQyBZhh6Z7adLiUXDKtMGnsSCZSHHFUBOotISq
Gwz4rUuWtSsBPRRMVFc2O2VwuMR83sI3ph0G11b4eX/yq0sU7GdFlV1cINeiau4I
7ZBttON3DWJz7uc+KPsQlf9SPHVmhn0AVXreZlbl/C8xleZ+9LSWuFs/rinEfmwd
36u8sSwcSYxhkR9KU1AGK6GgMKpTbIXY7Zu88+4KaCUV6wSCUkZ8g/Z3arYaWS5q
Ppg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:50 2025 by rpki-client