Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/_FBeKq7irH6LUcYHim89m6Xske0.roa
File: _FBeKq7irH6LUcYHim89m6Xske0.roa (raw, json)
Hash identifier: eGXWEwRnLBPftYgaymIV0kMK2UUsgl7e2jAvSV2h+v8=
Subject key identifier: FC:50:5E:2A:AE:E2:AC:7E:8B:51:C6:07:8A:6F:3D:9B:A5:EC:91:ED
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 019422200115DA9FA51FD8E18E378533CFC9
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/_FBeKq7irH6LUcYHim89m6Xske0.roa
Signing time: Wed 01 Jan 2025 13:48:30 +0000
ROA not before: Wed 01 Jan 2025 13:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 46.38.152.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.24.151.0/24 maxlen: 24
212.16.78.0/24 maxlen: 24
212.16.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 17:18:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:01:15:da:9f:a5:1f:d8:e1:8e:37:85:33:cf:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 1 13:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc505e2aaee2ac7e8b51c6078a6f3d9ba5ec91ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4b:a0:58:74:6a:d9:4d:c1:b2:06:fa:c0:1e:
11:c9:b0:7a:f0:6a:26:fa:23:91:2e:73:2f:7f:47:
b0:16:2f:9f:a7:4c:bf:95:bf:b7:44:91:72:a8:79:
a8:e8:d6:ca:83:51:f5:5c:5f:bf:03:98:23:14:20:
48:fb:c9:9a:2d:73:f6:2d:15:d6:13:56:88:18:1b:
3d:6e:72:d1:bb:b8:d8:85:f9:d3:65:81:f3:de:49:
f6:35:7c:e6:88:5f:37:27:88:bb:91:71:e2:17:c1:
10:84:b5:44:6b:0c:9e:5d:c7:80:e2:8b:34:31:7d:
60:15:fa:48:98:f6:94:ab:ab:d9:a3:85:40:fc:31:
f3:41:2c:9b:87:b4:4b:4d:a7:da:41:d3:6b:81:12:
fd:d7:7d:1c:bc:57:c2:c9:3c:28:dd:d5:c8:4c:35:
02:4a:4d:4a:10:a0:8d:97:48:f2:d1:a3:d0:de:83:
a0:a4:70:07:c2:90:ac:74:2f:28:a8:91:c3:62:fa:
f9:ae:1c:43:9d:a6:76:a8:90:bc:06:0e:ee:64:a1:
cc:27:59:bf:7c:de:88:56:84:ca:b6:03:9c:3b:da:
9a:6f:bc:d2:38:e1:34:85:7a:7a:e8:27:3b:4e:e9:
e5:d6:83:44:6c:b5:0c:5e:13:a7:2d:cb:63:79:0d:
16:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:50:5E:2A:AE:E2:AC:7E:8B:51:C6:07:8A:6F:3D:9B:A5:EC:91:ED
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/_FBeKq7irH6LUcYHim89m6Xske0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.152.0/24
185.24.150.0/23
212.16.78.0/24
212.16.94.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:78:d7:d3:0b:1a:89:89:e4:42:74:4f:6d:ac:7f:03:82:65:
a8:64:dc:5a:20:a5:d2:3a:5d:3e:ab:57:6d:57:08:4d:da:61:
91:b6:20:60:ac:f7:1a:b5:51:b7:66:3d:ef:75:9d:de:c4:e6:
c8:9a:9e:be:e2:3d:3e:d9:45:81:5c:b3:cb:9f:e2:be:7a:e8:
0a:23:5e:37:1a:e8:19:9f:db:be:83:a8:9e:82:bb:95:e1:85:
a5:da:e5:7a:4d:2c:de:4b:bf:57:ce:3c:16:e2:ea:a8:b1:ce:
60:4b:3f:7a:50:b8:81:94:46:f8:c9:5d:e1:b2:0f:50:58:b7:
84:1d:7f:b8:0a:f0:a7:3f:b5:70:f2:c1:b4:58:b4:74:95:09:
8f:a1:63:73:27:43:41:6d:6e:72:65:cd:be:84:38:a1:05:42:
1c:58:4d:bf:f3:a2:35:32:53:06:cc:94:d8:65:6f:a9:62:6e:
d5:9f:a1:9f:0e:37:f4:d9:51:15:ad:39:2e:eb:52:cd:98:b6:
38:2a:f6:9f:a1:aa:63:ae:3d:4d:a1:6d:ee:28:97:0f:68:59:
a3:d2:24:e9:86:7b:52:ac:b9:54:bf:69:78:7c:55:1d:4e:64:
9a:6c:eb:12:91:d1:24:8a:09:8a:49:29:48:2a:00:16:3f:a8:
fb:77:d0:8f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiIAEV2p+lH9jhjjeFM8/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMTAxMTM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzUwNWUyYWFlZTJhYzdlOGI1MWM2MDc4YTZmM2Q5YmE1ZWM5MWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEugWHRq2U3Bsgb6wB4RybB68Gom
+iORLnMvf0ewFi+fp0y/lb+3RJFyqHmo6NbKg1H1XF+/A5gjFCBI+8maLXP2LRXW
E1aIGBs9bnLRu7jYhfnTZYHz3kn2NXzmiF83J4i7kXHiF8EQhLVEawyeXceA4os0
MX1gFfpImPaUq6vZo4VA/DHzQSybh7RLTafaQdNrgRL9130cvFfCyTwo3dXITDUC
Sk1KEKCNl0jy0aPQ3oOgpHAHwpCsdC8oqJHDYvr5rhxDnaZ2qJC8Bg7uZKHMJ1m/
fN6IVoTKtgOcO9qab7zSOOE0hXp66Cc7Tunl1oNEbLUMXhOnLctjeQ0WCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPxQXiqu4qx+i1HGB4pvPZul7JHtMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvX0ZCZUtxN2lySDZMVWNZSGltODltNlhza2UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALiaYAwQB
uRiWAwQA1BBOAwQA1BBeMA0GCSqGSIb3DQEBCwUAA4IBAQA/eNfTCxqJieRCdE9t
rH8DgmWoZNxaIKXSOl0+q1dtVwhN2mGRtiBgrPcatVG3Zj3vdZ3exObImp6+4j0+
2UWBXLPLn+K+eugKI143GugZn9u+g6iegruV4YWl2uV6TSzeS79XzjwW4uqosc5g
Sz96ULiBlEb4yV3hsg9QWLeEHX+4CvCnP7Vw8sG0WLR0lQmPoWNzJ0NBbW5yZc2+
hDihBUIcWE2/86I1MlMGzJTYZW+pYm7Vn6GfDjf02VEVrTku61LNmLY4Kvafoapj
rj1NoW3uKJcPaFmj0iTphntSrLlUv2l4fFUdTmSabOsSkdEkigmKSSlIKgAWP6j7
d9CP
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:33:52 2025 by rpki-client