Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/1-FnZaP0D_GsE8dtr9-cOJXN4i08.roa
File: 1-FnZaP0D_GsE8dtr9-cOJXN4i08.roa (raw, json)
Hash identifier: ZXF+gONjYri1sGnC/kh72MNb8h6oq7h/bJoQKmnUuDs=
Subject key identifier: F8:59:D9:68:FD:03:FC:6B:04:F1:DB:6B:F7:E7:0E:25:73:78:8B:4F
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018CC94CA5879D58F72FF641016658180462
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/1-FnZaP0D_GsE8dtr9-cOJXN4i08.roa
Signing time: Tue 02 Jan 2024 08:31:32 +0000
ROA not before: Tue 02 Jan 2024 08:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 188.191.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:a5:87:9d:58:f7:2f:f6:41:01:66:58:18:04:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 2 08:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f859d968fd03fc6b04f1db6bf7e70e2573788b4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:68:c2:39:17:fe:00:f8:65:75:cc:8c:7e:49:
15:b4:d3:11:08:ce:71:1e:f3:83:db:ca:64:9a:7a:
93:fd:70:69:38:ac:55:07:e9:89:28:63:c8:9d:3c:
13:a1:c2:fc:a2:ff:a6:b6:f1:6b:81:57:2e:64:8c:
e1:b6:b5:f4:27:96:09:48:0f:cc:35:3f:80:92:4a:
e9:8e:48:ab:79:f3:9b:b4:29:87:b1:ac:c7:c2:23:
8d:ba:e5:a2:89:dd:8a:f2:29:05:22:ad:ae:92:bb:
0d:84:48:de:9c:72:d9:0b:55:40:ee:c3:bb:47:d3:
f2:29:26:6d:7f:b6:f2:a5:cb:b6:f6:bc:ed:fc:b5:
a3:3f:52:8d:ef:cb:5d:e5:ca:2a:57:c7:bb:a4:8c:
ac:b0:d0:98:df:09:ed:27:be:8a:42:71:b9:38:24:
24:96:a3:63:e8:06:d5:91:51:d6:09:3c:c7:91:50:
f3:ac:d8:b3:87:88:05:49:2f:cd:a8:6f:75:3e:90:
28:0f:08:e0:ef:19:36:3b:66:f3:36:b3:25:b4:dc:
00:71:c8:43:b9:52:ff:b3:6d:47:03:fd:f5:a2:4d:
79:cc:38:1a:22:7b:3f:a1:6b:77:6b:c4:8b:17:a0:
5d:ef:f5:4b:d2:4f:55:22:55:c1:b8:3d:d4:db:c4:
66:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:59:D9:68:FD:03:FC:6B:04:F1:DB:6B:F7:E7:0E:25:73:78:8B:4F
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/1-FnZaP0D_GsE8dtr9-cOJXN4i08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.104.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:80:d0:16:b8:d3:b2:df:a7:34:44:d4:07:fd:b3:61:c4:36:
fd:a7:fe:69:90:f2:4c:ec:26:17:29:0d:8b:d1:f9:24:f3:a9:
24:79:9d:86:44:93:ef:b0:30:9b:d7:ff:e6:3e:09:24:0f:3e:
14:d9:5b:c2:23:ec:fe:ba:d9:7d:36:ce:da:50:35:35:43:80:
07:9f:c2:57:08:cb:d7:16:9a:1a:18:4c:73:b8:38:1a:0e:9e:
25:e3:69:0f:87:57:79:e6:b1:de:27:30:6e:f3:68:f1:5c:41:
3f:21:cc:9f:ab:27:3c:2b:46:5c:9c:13:15:21:93:aa:47:3a:
bb:40:d4:4c:da:d5:10:84:df:f7:b0:3d:9a:bc:d5:98:66:dd:
08:8b:05:3e:6c:eb:5e:3d:4a:fa:85:56:d1:50:55:c5:9f:19:
2f:18:c0:80:37:5a:47:13:1e:d8:43:a8:41:47:6a:69:be:43:
fe:56:15:2f:3b:8e:3f:fb:71:da:2e:3c:85:eb:08:2c:b9:47:
65:07:55:c3:55:b6:14:9d:97:d4:fe:2f:28:8e:a7:d2:a4:d2:
6b:db:55:bd:2f:5d:8d:bf:8b:53:16:c6:72:2e:c7:f7:fb:65:
4f:55:a6:7c:9b:bb:d2:74:87:55:85:c1:0c:42:65:b7:07:8c:
85:bc:c9:b2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJTKWHnVj3L/ZBAWZYGARiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQwMTAyMDgzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODU5ZDk2OGZkMDNmYzZiMDRmMWRiNmJmN2U3MGUyNTczNzg4YjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmjCORf+APhldcyMfkkVtNMRCM5x
HvOD28pkmnqT/XBpOKxVB+mJKGPInTwTocL8ov+mtvFrgVcuZIzhtrX0J5YJSA/M
NT+AkkrpjkirefObtCmHsazHwiONuuWiid2K8ikFIq2ukrsNhEjenHLZC1VA7sO7
R9PyKSZtf7bypcu29rzt/LWjP1KN78td5coqV8e7pIyssNCY3wntJ76KQnG5OCQk
lqNj6AbVkVHWCTzHkVDzrNizh4gFSS/NqG91PpAoDwjg7xk2O2bzNrMltNwAcchD
uVL/s21HA/31ok15zDgaIns/oWt3a8SLF6Bd7/VL0k9VIlXBuD3U28Rm9wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPhZ2Wj9A/xrBPHba/fnDiVzeItPMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvMS1GblphUDBEX0dzRThkdHI5LWNPSlhONGkwOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvNGFiZjNmLTE1OGYtNGY2Mi1hOWViLWRkZjU2N2VkZWQw
My8xL2pScklQdU9qLVdqV2F0TDk5R0Z1ZTdIazBkYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALy/aDAN
BgkqhkiG9w0BAQsFAAOCAQEAfIDQFrjTst+nNETUB/2zYcQ2/af+aZDyTOwmFykN
i9H5JPOpJHmdhkST77Awm9f/5j4JJA8+FNlbwiPs/rrZfTbO2lA1NUOAB5/CVwjL
1xaaGhhMc7g4Gg6eJeNpD4dXeeax3icwbvNo8VxBPyHMn6snPCtGXJwTFSGTqkc6
u0DUTNrVEITf97A9mrzVmGbdCIsFPmzrXj1K+oVW0VBVxZ8ZLxjAgDdaRxMe2EOo
QUdqab5D/lYVLzuOP/tx2i48hesILLlHZQdVw1W2FJ2X1P4vKI6n0qTSa9tVvS9d
jb+LUxbGci7H9/tlT1WmfJu70nSHVYXBDEJltweMhbzJsg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:53:30 2025 by rpki-client