Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/FpoZYKxOxFg3jMpa8lvYBgQBzKQ.roa
File: FpoZYKxOxFg3jMpa8lvYBgQBzKQ.roa (raw, json)
Hash identifier: HZEtRoqyT1502+XUzVa7KQ9I1dAHvP2kpkER47ed4+8=
Subject key identifier: 16:9A:19:60:AC:4E:C4:58:37:8C:CA:5A:F2:5B:D8:06:04:01:CC:A4
Certificate issuer: /CN=2532a5cf2ba18c753edc95ee20b666293df02d5b
Certificate serial: 018CC87011F4FB0AA79F239BABF69329D0D4
Authority key identifier: 25:32:A5:CF:2B:A1:8C:75:3E:DC:95:EE:20:B6:66:29:3D:F0:2D:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTKlzyuhjHU-3JXuILZmKT3wLVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/FpoZYKxOxFg3jMpa8lvYBgQBzKQ.roa
Signing time: Tue 02 Jan 2024 04:30:36 +0000
ROA not before: Tue 02 Jan 2024 04:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35030
IP address blocks: 91.221.83.0/24 maxlen: 24
91.221.82.0/24 maxlen: 24
77.32.231.0/24 maxlen: 24
77.32.227.0/24 maxlen: 24
195.211.13.0/24 maxlen: 24
195.211.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:11:f4:fb:0a:a7:9f:23:9b:ab:f6:93:29:d0:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2532a5cf2ba18c753edc95ee20b666293df02d5b
Validity
Not Before: Jan 2 04:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=169a1960ac4ec458378cca5af25bd8060401cca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:02:92:83:e8:c5:1d:01:68:40:8b:7c:16:51:
cc:4a:53:82:13:96:dc:c9:2b:94:74:e2:b2:74:42:
40:a6:36:61:55:d8:48:3f:61:b0:3e:c5:3e:e6:70:
f5:b0:33:8b:31:bf:f3:6e:7a:25:84:61:44:21:87:
25:b7:c8:88:ec:33:62:6a:44:d5:b4:32:10:7c:c1:
ef:de:89:59:56:8c:5e:14:2c:2a:a9:74:1d:a6:75:
d5:cc:52:1e:94:9c:ed:1e:a4:43:ab:a9:fe:81:d0:
0a:a1:2c:1e:8a:17:93:08:09:6d:90:f5:ed:b0:3c:
83:5a:c3:12:29:05:38:65:eb:9f:c6:ca:c0:2a:1c:
09:01:2a:20:fd:ca:83:fe:ff:18:9c:37:4b:47:b3:
45:81:44:92:07:86:8b:d3:6f:c8:27:de:4e:00:47:
6b:9a:87:de:6a:91:81:84:68:9a:a4:d8:9d:ab:3e:
84:73:2e:f8:a3:e0:1f:15:61:d8:22:fd:aa:5e:ba:
bc:83:4f:95:c2:c2:f7:dd:cf:78:af:fe:87:cb:83:
0f:9d:45:37:75:06:76:a3:af:ab:fc:45:5d:f5:2a:
e7:6c:1c:5c:37:c7:10:53:6c:5f:ca:80:53:53:ed:
f4:23:bc:a3:6f:ee:de:32:49:1a:78:2b:f6:6c:05:
06:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:9A:19:60:AC:4E:C4:58:37:8C:CA:5A:F2:5B:D8:06:04:01:CC:A4
X509v3 Authority Key Identifier:
keyid:25:32:A5:CF:2B:A1:8C:75:3E:DC:95:EE:20:B6:66:29:3D:F0:2D:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTKlzyuhjHU-3JXuILZmKT3wLVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/FpoZYKxOxFg3jMpa8lvYBgQBzKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/JTKlzyuhjHU-3JXuILZmKT3wLVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.32.227.0/24
77.32.231.0/24
91.221.82.0/23
195.211.12.0/23
Signature Algorithm: sha256WithRSAEncryption
65:19:70:a7:96:ed:9d:31:f0:d0:90:51:b0:a4:60:e3:b7:8f:
20:98:60:29:4f:95:ed:52:20:f5:22:aa:20:ea:19:96:be:87:
9d:59:ad:91:39:5f:a5:72:d3:ad:5f:2b:19:a0:9c:8b:49:e2:
35:90:46:2f:a1:a0:88:27:19:af:0a:5e:69:93:b1:27:ce:0d:
9e:25:d2:1f:b2:7f:87:81:54:a6:05:43:66:a6:a6:7e:1c:61:
43:01:2d:04:db:31:79:7e:a9:83:7f:ab:4e:97:be:56:07:4f:
38:7e:c7:24:d2:06:f8:14:c7:0c:db:75:aa:d1:d3:4e:1c:22:
9a:c3:18:7e:43:a9:2f:74:54:80:aa:62:7e:6d:cc:c7:28:44:
24:1e:67:08:7c:cb:c9:62:6a:87:88:da:03:0e:29:22:68:d1:
db:5c:2d:72:32:8e:6c:08:78:c0:db:15:24:06:c9:3d:e4:a8:
72:87:e7:48:ca:31:64:a3:ed:70:e7:98:7f:12:8b:e4:08:6c:
4e:7a:73:fc:97:e0:aa:71:0e:e1:fe:ec:f6:8b:e6:2e:22:a8:
f8:77:c1:94:97:58:16:df:45:bf:32:99:71:71:29:d9:19:50:
cf:91:db:d4:8a:b5:1f:8e:99:e7:92:50:3d:cd:5b:fa:79:1b:
e3:b3:90:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIcBH0+wqnnyObq/aTKdDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MzJhNWNmMmJhMThjNzUzZWRjOTVlZTIwYjY2NjI5M2Rm
MDJkNWIwHhcNMjQwMTAyMDQzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjlhMTk2MGFjNGVjNDU4Mzc4Y2NhNWFmMjViZDgwNjA0MDFjY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QKSg+jFHQFoQIt8FlHMSlOCE5bc
ySuUdOKydEJApjZhVdhIP2GwPsU+5nD1sDOLMb/zbnolhGFEIYclt8iI7DNiakTV
tDIQfMHv3olZVoxeFCwqqXQdpnXVzFIelJztHqRDq6n+gdAKoSweiheTCAltkPXt
sDyDWsMSKQU4ZeufxsrAKhwJASog/cqD/v8YnDdLR7NFgUSSB4aL02/IJ95OAEdr
mofeapGBhGiapNidqz6Ecy74o+AfFWHYIv2qXrq8g0+VwsL33c94r/6Hy4MPnUU3
dQZ2o6+r/EVd9SrnbBxcN8cQU2xfyoBTU+30I7yjb+7eMkkaeCv2bAUG5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBaaGWCsTsRYN4zKWvJb2AYEAcykMB8GA1UdIwQY
MBaAFCUypc8roYx1PtyV7iC2Zik98C1bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRLbHp5dWhqSFUtM0pYdUlMWm1LVDN3TFZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZTAyZmEtZjgyMy00MWM4LTg2YjIt
MTUxY2Y2MWRlODNlLzEvRnBvWllLeE94Rmczak1wYThsdllCZ1FCektRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZTAyZmEtZjgyMy00MWM4LTg2YjItMTUxY2Y2MWRlODNl
LzEvSlRLbHp5dWhqSFUtM0pYdUlMWm1LVDN3TFZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATSDjAwQA
TSDnAwQBW91SAwQBw9MMMA0GCSqGSIb3DQEBCwUAA4IBAQBlGXCnlu2dMfDQkFGw
pGDjt48gmGApT5XtUiD1Iqog6hmWvoedWa2ROV+lctOtXysZoJyLSeI1kEYvoaCI
JxmvCl5pk7Enzg2eJdIfsn+HgVSmBUNmpqZ+HGFDAS0E2zF5fqmDf6tOl75WB084
fsck0gb4FMcM23Wq0dNOHCKawxh+Q6kvdFSAqmJ+bczHKEQkHmcIfMvJYmqHiNoD
DikiaNHbXC1yMo5sCHjA2xUkBsk95Khyh+dIyjFko+1w55h/EovkCGxOenP8l+Cq
cQ7h/uz2i+YuIqj4d8GUl1gW30W/MplxcSnZGVDPkdvUirUfjpnnklA9zVv6eRvj
s5Cc
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:18:10 2025 by rpki-client