Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/FpqF-zLLEAqKz9Vis36ATyVrQ9M.roa
File: FpqF-zLLEAqKz9Vis36ATyVrQ9M.roa (raw, json)
Hash identifier: 6dvXuVZ73rbe6SRC2ImlIl5Z2ZC3C8f+glUUUsC4uMs=
Subject key identifier: 16:9A:85:FB:32:CB:10:0A:8A:CF:D5:62:B3:7E:80:4F:25:6B:43:D3
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0190FE1BAC6503ACC7B47FA087A3800DF42D
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/FpqF-zLLEAqKz9Vis36ATyVrQ9M.roa
Signing time: Mon 29 Jul 2024 10:49:04 +0000
ROA not before: Mon 29 Jul 2024 10:49:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 62.90.135.0/24 maxlen: 24
147.234.8.0/21 maxlen: 24
147.234.74.0/24 maxlen: 24
147.234.75.0/24 maxlen: 24
147.234.81.0/24 maxlen: 24
147.234.88.0/24 maxlen: 24
147.234.89.0/24 maxlen: 24
212.143.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 15:50:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:1b:ac:65:03:ac:c7:b4:7f:a0:87:a3:80:0d:f4:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jul 29 10:49:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=169a85fb32cb100a8acfd562b37e804f256b43d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:aa:0a:e5:74:5f:8b:05:b0:cb:a1:f0:b4:88:
14:fc:95:89:71:1b:c1:81:db:c2:08:a6:6c:21:08:
45:c2:5e:75:a1:e6:13:5e:20:3e:3c:e7:dc:60:56:
4d:94:f1:cc:fe:9b:1f:15:99:02:a9:dd:96:bb:c3:
8b:12:67:9d:f1:f8:8a:17:98:c5:17:b3:48:01:a1:
c5:22:9d:c7:e4:4f:51:78:30:28:77:97:0d:a4:d9:
46:fa:ff:41:63:de:12:ff:db:cb:c9:be:45:84:22:
a4:28:60:16:4b:ed:61:09:ac:0f:84:6c:c0:61:cd:
f1:4b:9d:d6:3e:81:27:4e:91:d4:a2:c9:03:83:eb:
07:30:fd:30:bd:63:17:a3:1d:c4:58:1c:d2:22:09:
a3:99:dc:ce:53:b8:20:bf:eb:74:d7:a9:55:c3:a4:
e6:9c:a8:cc:4f:83:60:3d:42:f4:24:18:5f:34:99:
ee:e8:ef:de:9b:3f:b1:45:f0:02:32:51:0b:be:6c:
1d:c6:a2:d5:b4:be:10:fe:8b:db:41:a5:c3:8a:fa:
20:88:64:b4:78:a0:ce:ed:00:87:24:ba:3e:54:f2:
25:04:05:e9:ec:4a:03:00:fe:93:95:8c:8a:bd:fc:
ee:4a:22:e9:8f:48:d7:44:22:64:29:9b:be:77:f9:
a3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:9A:85:FB:32:CB:10:0A:8A:CF:D5:62:B3:7E:80:4F:25:6B:43:D3
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/FpqF-zLLEAqKz9Vis36ATyVrQ9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.90.135.0/24
147.234.8.0/21
147.234.74.0/23
147.234.81.0/24
147.234.88.0/23
212.143.211.0/24
Signature Algorithm: sha256WithRSAEncryption
96:36:cc:6a:36:47:e7:cb:f0:ee:df:34:6f:b2:9f:44:64:97:
9f:57:6b:ce:9f:d9:f3:2e:9d:68:6c:83:7a:2d:9f:c6:67:3c:
76:ee:6f:7d:7c:3a:22:db:6e:b1:65:27:dc:ab:1a:16:39:7e:
c8:44:d9:23:24:bb:fa:20:03:d9:9c:d7:3f:d0:4c:74:6d:85:
4d:2c:99:2f:48:cc:d9:44:d8:d7:eb:fa:d1:46:a0:f5:d1:31:
7a:dc:02:d0:6b:db:04:80:87:25:47:6a:3e:90:64:df:53:18:
a8:ca:70:b9:77:e2:40:2c:34:58:58:ba:a4:d0:64:d7:54:4a:
50:9e:f4:d5:d5:1c:5f:f3:3a:2e:4d:0c:85:ba:81:8e:61:c0:
89:e8:83:e4:5f:be:0d:7d:c4:95:88:84:37:e7:d7:fa:d4:14:
c8:b9:27:1f:ac:30:23:64:06:65:ee:51:b1:fe:ae:9d:82:7b:
13:06:b7:54:30:7f:2d:e1:99:e0:b2:07:0b:bf:dc:e8:1f:61:
0b:ab:bf:94:6a:85:3a:99:b5:27:fe:ed:a5:c6:71:bb:cb:5a:
f9:d5:e9:51:da:2a:da:cc:63:74:f9:23:c3:e6:71:f8:a8:68:
3c:d0:97:8a:1a:ab:5f:d9:cf:04:9d:ee:33:e9:28:7c:dd:45:
54:de:7a:58
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZD+G6xlA6zHtH+gh6OADfQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwNzI5MTA0OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjlhODVmYjMyY2IxMDBhOGFjZmQ1NjJiMzdlODA0ZjI1NmI0M2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKoK5XRfiwWwy6HwtIgU/JWJcRvB
gdvCCKZsIQhFwl51oeYTXiA+POfcYFZNlPHM/psfFZkCqd2Wu8OLEmed8fiKF5jF
F7NIAaHFIp3H5E9ReDAod5cNpNlG+v9BY94S/9vLyb5FhCKkKGAWS+1hCawPhGzA
Yc3xS53WPoEnTpHUoskDg+sHMP0wvWMXox3EWBzSIgmjmdzOU7ggv+t016lVw6Tm
nKjMT4NgPUL0JBhfNJnu6O/emz+xRfACMlELvmwdxqLVtL4Q/ovbQaXDivogiGS0
eKDO7QCHJLo+VPIlBAXp7EoDAP6TlYyKvfzuSiLpj0jXRCJkKZu+d/mjOQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBaahfsyyxAKis/VYrN+gE8la0PTMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvRnBxRi16TExFQXFLejlWaXMzNkFUeVZyUTlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPlqHAwQD
k+oIAwQBk+pKAwQAk+pRAwQBk+pYAwQA1I/TMA0GCSqGSIb3DQEBCwUAA4IBAQCW
NsxqNkfny/Du3zRvsp9EZJefV2vOn9nzLp1obIN6LZ/GZzx27m99fDoi226xZSfc
qxoWOX7IRNkjJLv6IAPZnNc/0Ex0bYVNLJkvSMzZRNjX6/rRRqD10TF63ALQa9sE
gIclR2o+kGTfUxioynC5d+JALDRYWLqk0GTXVEpQnvTV1Rxf8zouTQyFuoGOYcCJ
6IPkX74NfcSViIQ359f61BTIuScfrDAjZAZl7lGx/q6dgnsTBrdUMH8t4ZngsgcL
v9zoH2ELq7+UaoU6mbUn/u2lxnG7y1r51elR2irazGN0+SPD5nH4qGg80JeKGqtf
2c8Ene4z6Sh83UVU3npY
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:16:40 2025 by rpki-client