Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/avJfvp2rQRpeFEfz677A4ZO4eF0.roa
File: avJfvp2rQRpeFEfz677A4ZO4eF0.roa (raw, json)
Hash identifier: iYm3Lootgci4M/6HTLx1qLVq2nGtX89efid3MOmKBi0=
Subject key identifier: 6A:F2:5F:BE:9D:AB:41:1A:5E:14:47:F3:EB:BE:C0:E1:93:B8:78:5D
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 018CC56EB02B54B057EC9BECDC8545F6BFD5
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/avJfvp2rQRpeFEfz677A4ZO4eF0.roa
Signing time: Mon 01 Jan 2024 14:30:14 +0000
ROA not before: Mon 01 Jan 2024 14:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43120
IP address blocks: 95.215.216.0/22 maxlen: 23
176.39.32.0/23 maxlen: 24
86.111.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b0:2b:54:b0:57:ec:9b:ec:dc:85:45:f6:bf:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Jan 1 14:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6af25fbe9dab411a5e1447f3ebbec0e193b8785d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:17:50:b9:61:f0:66:10:94:38:77:d1:f4:76:
1e:7e:c4:41:36:1b:33:e1:89:64:aa:ba:49:01:4e:
f3:8c:f4:e5:2a:5b:9f:29:f3:7e:77:ed:f6:92:13:
14:90:23:e0:a3:b4:ea:0b:bc:a4:fb:28:57:0a:a2:
48:28:d4:13:44:97:dc:6f:6d:56:ec:19:45:10:f8:
d2:5c:9a:96:dc:e8:0d:e5:bb:8c:62:c4:d9:9c:fe:
29:59:b4:7c:94:2f:f5:e9:0b:e8:43:b4:c8:5c:6b:
3c:13:04:e9:7b:da:2e:f4:56:ef:46:45:c2:53:2d:
e6:58:86:b4:a9:5d:83:2f:24:b7:eb:77:ed:d1:11:
dc:69:e8:97:48:68:8b:6f:a7:86:ae:23:7f:97:e6:
fc:c6:2c:9c:ac:23:50:89:97:cf:91:bd:0c:a2:07:
97:4e:4c:85:96:ed:b2:0c:9f:29:2e:4f:a1:bb:07:
21:85:5a:92:af:98:51:98:47:1b:59:ab:96:20:09:
ba:66:6e:fd:fe:cf:99:42:21:b7:31:bb:ba:7b:b5:
12:ff:f5:6d:17:4e:b6:58:e6:35:ab:42:4e:69:98:
f2:b9:75:01:2c:f5:50:0e:6b:76:e7:5d:e5:65:82:
a5:57:38:4d:a7:fd:d3:74:5f:8f:c1:07:bc:93:db:
31:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F2:5F:BE:9D:AB:41:1A:5E:14:47:F3:EB:BE:C0:E1:93:B8:78:5D
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/avJfvp2rQRpeFEfz677A4ZO4eF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.87.0/24
95.215.216.0/22
176.39.32.0/23
Signature Algorithm: sha256WithRSAEncryption
76:09:52:95:71:b3:fa:f7:f7:a8:57:ba:b2:0c:83:26:de:85:
a2:71:7d:be:66:01:bf:39:2d:ac:09:bc:7e:97:85:73:66:bb:
48:5d:82:5d:69:ed:8f:20:ff:17:64:d7:81:a3:eb:ac:5e:d0:
b6:4d:13:43:e6:dc:d4:3b:76:ae:4e:e2:b6:a1:ab:9d:ac:b8:
2e:9c:f0:50:9c:60:e5:c8:e4:f1:83:5f:c2:68:af:66:f1:ff:
4a:df:b0:bb:e2:24:08:27:bf:5c:32:84:45:2b:69:e4:1d:8a:
26:e7:01:de:69:b5:cd:ed:28:f1:fd:d4:34:0a:c6:66:4e:d1:
2a:7e:fe:d5:a6:3d:08:19:42:3a:01:9d:14:08:d2:6c:63:e5:
0e:42:8b:26:fb:b1:0f:20:01:d1:bf:ee:e3:f8:1e:43:8c:84:
17:6a:bc:a3:eb:98:b0:01:b1:e2:5f:26:5f:fd:2f:d8:98:59:
fc:fe:a9:b6:b4:fc:31:17:da:95:22:b2:45:2f:09:22:92:28:
30:70:37:fd:4c:30:a4:b0:2d:e1:77:83:10:d3:9f:11:7f:a2:
47:c9:43:ec:c5:5c:62:93:eb:dc:36:98:fe:40:a8:93:da:ce:
76:d8:8d:db:29:cf:b5:23:2b:f2:5e:c4:24:11:34:f6:1c:fe:
3a:a2:b6:d7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzFbrArVLBX7Jvs3IVF9r/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjQwMTAxMTQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWYyNWZiZTlkYWI0MTFhNWUxNDQ3ZjNlYmJlYzBlMTkzYjg3ODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxdQuWHwZhCUOHfR9HYefsRBNhsz
4YlkqrpJAU7zjPTlKlufKfN+d+32khMUkCPgo7TqC7yk+yhXCqJIKNQTRJfcb21W
7BlFEPjSXJqW3OgN5buMYsTZnP4pWbR8lC/16QvoQ7TIXGs8EwTpe9ou9FbvRkXC
Uy3mWIa0qV2DLyS363ft0RHcaeiXSGiLb6eGriN/l+b8xiycrCNQiZfPkb0MogeX
TkyFlu2yDJ8pLk+huwchhVqSr5hRmEcbWauWIAm6Zm79/s+ZQiG3Mbu6e7US//Vt
F062WOY1q0JOaZjyuXUBLPVQDmt2513lZYKlVzhNp/3TdF+PwQe8k9sxmQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGryX76dq0EaXhRH8+u+wOGTuHhdMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL2F2SmZ2cDJyUVJwZUZFZno2NzdBNFpPNGVGMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABWb1cD
BAJf19gDBAGwJyAwDQYJKoZIhvcNAQELBQADggEBAHYJUpVxs/r396hXurIMgybe
haJxfb5mAb85LawJvH6XhXNmu0hdgl1p7Y8g/xdk14Gj66xe0LZNE0Pm3NQ7dq5O
4rahq52suC6c8FCcYOXI5PGDX8Jor2bx/0rfsLviJAgnv1wyhEUraeQdiibnAd5p
tc3tKPH91DQKxmZO0Sp+/tWmPQgZQjoBnRQI0mxj5Q5Ciyb7sQ8gAdG/7uP4HkOM
hBdqvKPrmLABseJfJl/9L9iYWfz+qba0/DEX2pUiskUvCSKSKDBwN/1MMKSwLeF3
gxDTnxF/okfJQ+zFXGKT69w2mP5AqJPaznbYjdspz7UjK/JexCQRNPYc/jqittc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:46 2025 by rpki-client