Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/fc4zeDp3HA720j3PzKPvwjSbbmQ.roa
File: fc4zeDp3HA720j3PzKPvwjSbbmQ.roa (raw, json)
Hash identifier: 1hWwA+/esSUAeHXCT9/rCablApb0RrOI8GLgMw7SFC0=
Subject key identifier: 7D:CE:33:78:3A:77:1C:0E:F6:D2:3D:CF:CC:A3:EF:C2:34:9B:6E:64
Certificate issuer: /CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Certificate serial: 018CC56DED587CB937D6417B09A1AF0F4CA7
Authority key identifier: 86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/fc4zeDp3HA720j3PzKPvwjSbbmQ.roa
Signing time: Mon 01 Jan 2024 14:29:24 +0000
ROA not before: Mon 01 Jan 2024 14:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48722
IP address blocks: 185.140.132.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:ed:58:7c:b9:37:d6:41:7b:09:a1:af:0f:4c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Validity
Not Before: Jan 1 14:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dce33783a771c0ef6d23dcfcca3efc2349b6e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:da:45:61:5c:5e:94:22:f7:a0:7d:84:1f:64:
85:90:a1:b7:de:9a:d5:43:7e:17:ad:7e:d2:a2:bc:
e5:df:94:3c:a7:36:db:85:79:99:86:a9:63:51:c1:
77:17:00:46:a0:73:49:19:05:5e:d4:69:13:ac:30:
74:f0:65:61:dc:f9:bc:9d:70:2e:69:6a:a5:9d:99:
ac:b1:1e:77:18:0d:2c:f4:6f:41:3c:8a:52:96:85:
c4:f1:af:1b:24:84:49:23:09:b1:1e:2e:2d:39:54:
44:97:f6:27:18:84:70:9d:bc:c1:f3:86:28:a9:d4:
70:c7:19:a1:b9:df:21:86:37:2c:89:d9:e8:72:7d:
d0:18:bd:e4:f9:03:f7:23:c7:16:0e:1f:11:5f:b5:
64:53:37:bc:86:bf:d0:38:66:40:33:65:20:ce:a8:
c2:25:f1:73:8f:25:33:30:cc:0e:8e:9e:c6:47:b8:
99:b7:05:93:b0:af:4e:13:8f:a7:bd:04:86:ab:df:
ca:96:fb:7f:23:6c:b2:f7:eb:8a:a9:da:8e:28:dc:
f2:c9:59:b0:c7:94:72:31:98:15:3a:f9:74:01:fd:
84:9d:35:6e:e4:85:a4:9e:4b:76:41:27:05:70:5f:
e8:6e:79:99:39:ef:25:98:0f:bf:bd:c7:b9:0d:19:
18:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:CE:33:78:3A:77:1C:0E:F6:D2:3D:CF:CC:A3:EF:C2:34:9B:6E:64
X509v3 Authority Key Identifier:
keyid:86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/fc4zeDp3HA720j3PzKPvwjSbbmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.132.0/23
Signature Algorithm: sha256WithRSAEncryption
65:f1:71:92:57:6e:81:96:c0:a8:1f:b4:7f:e4:69:66:4d:85:
26:d6:fb:76:9a:28:96:4e:55:e3:2a:43:c0:74:56:bd:67:53:
ae:78:e7:22:86:b6:cf:83:96:06:ee:d6:f2:0e:1a:6e:cc:bc:
c8:d5:b9:e6:24:f2:34:b6:fc:0d:f9:22:db:c3:67:f4:f5:d3:
71:7e:b3:fb:85:8b:b8:e0:e5:0a:d9:a6:0e:30:75:bb:83:d6:
15:79:a5:a7:e6:2b:fd:5c:19:58:d5:4f:fc:84:66:c9:ce:0c:
d8:7a:b6:02:e2:75:9f:80:2b:b2:ef:85:0d:a3:94:8a:f4:0f:
27:be:e1:34:30:a9:5a:f7:7f:07:0d:c8:c3:aa:5f:8f:30:96:
29:eb:03:f6:4a:a9:83:b1:3d:09:79:dd:c2:e6:06:2f:cf:5d:
a2:4e:49:7e:99:d8:1a:88:38:42:97:1f:0a:ff:07:57:6d:0d:
42:c0:c3:bb:e4:18:45:61:12:a5:ef:37:b2:a4:19:fb:f8:09:
55:b5:1d:58:35:42:6b:ed:07:57:fc:b3:09:bb:f3:72:91:3b:
af:7a:ba:45:35:9b:e2:25:ff:e5:f3:ca:3c:19:d5:b3:7e:aa:
32:be:e6:f9:97:e3:dd:cd:cf:8e:8a:04:1a:be:1f:9a:3a:bb:
9d:20:05:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbe1YfLk31kF7CaGvD0ynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YjIyMzAzZGU0YjBhODcwZmNmZTdiNjU1NmMwMjRmNzVj
NzZhMzQwHhcNMjQwMTAxMTQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGNlMzM3ODNhNzcxYzBlZjZkMjNkY2ZjY2EzZWZjMjM0OWI2ZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNpFYVxelCL3oH2EH2SFkKG33prV
Q34XrX7Sorzl35Q8pzbbhXmZhqljUcF3FwBGoHNJGQVe1GkTrDB08GVh3Pm8nXAu
aWqlnZmssR53GA0s9G9BPIpSloXE8a8bJIRJIwmxHi4tOVREl/YnGIRwnbzB84Yo
qdRwxxmhud8hhjcsidnocn3QGL3k+QP3I8cWDh8RX7VkUze8hr/QOGZAM2UgzqjC
JfFzjyUzMMwOjp7GR7iZtwWTsK9OE4+nvQSGq9/Klvt/I2yy9+uKqdqOKNzyyVmw
x5RyMZgVOvl0Af2EnTVu5IWknkt2QScFcF/obnmZOe8lmA+/vce5DRkYoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH3OM3g6dxwO9tI9z8yj78I0m25kMB8GA1UdIwQY
MBaAFIayIwPeSwqHD8/ntlVsAk91x2o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3Mjkt
NzJhYjU5ODdmNjA5LzEvZmM0emVEcDNIQTcyMGozUHpLUHZ3alNiYm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3MjktNzJhYjU5ODdmNjA5
LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYyEMA0G
CSqGSIb3DQEBCwUAA4IBAQBl8XGSV26BlsCoH7R/5GlmTYUm1vt2miiWTlXjKkPA
dFa9Z1OueOcihrbPg5YG7tbyDhpuzLzI1bnmJPI0tvwN+SLbw2f09dNxfrP7hYu4
4OUK2aYOMHW7g9YVeaWn5iv9XBlY1U/8hGbJzgzYerYC4nWfgCuy74UNo5SK9A8n
vuE0MKla938HDcjDql+PMJYp6wP2SqmDsT0Jed3C5gYvz12iTkl+mdgaiDhClx8K
/wdXbQ1CwMO75BhFYRKl7zeypBn7+AlVtR1YNUJr7QdX/LMJu/NykTuverpFNZvi
Jf/l88o8GdWzfqoyvub5l+Pdzc+OigQavh+aOrudIAW+
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:40:40 2025 by rpki-client