Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/ef9498-44f4-4ffd-844f-5c830fe4bad0/1/Fy7cWCtKj8YOkoMfbsk_GmQ-omQ.roa
File: Fy7cWCtKj8YOkoMfbsk_GmQ-omQ.roa (raw, json)
Hash identifier: 0XxmheMLs4H1o+dU+r7DMDKeGIGjTSyHgDTmVKVd4wM=
Subject key identifier: 17:2E:DC:58:2B:4A:8F:C6:0E:92:83:1F:6E:C9:3F:1A:64:3E:A2:64
Certificate issuer: /CN=37ca50022828d901bf42b2798f7844104b05404d
Certificate serial: 018CC4939407432FCC7683886C8FF55BDEF8
Authority key identifier: 37:CA:50:02:28:28:D9:01:BF:42:B2:79:8F:78:44:10:4B:05:40:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N8pQAigo2QG_QrJ5j3hEEEsFQE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/ef9498-44f4-4ffd-844f-5c830fe4bad0/1/Fy7cWCtKj8YOkoMfbsk_GmQ-omQ.roa
Signing time: Mon 01 Jan 2024 10:30:55 +0000
ROA not before: Mon 01 Jan 2024 10:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42677
IP address blocks: 195.248.232.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:94:07:43:2f:cc:76:83:88:6c:8f:f5:5b:de:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ca50022828d901bf42b2798f7844104b05404d
Validity
Not Before: Jan 1 10:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=172edc582b4a8fc60e92831f6ec93f1a643ea264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:32:17:2f:51:8b:2b:a2:ca:65:8f:b2:3a:5c:
ae:18:7a:1e:7d:df:a1:8e:f0:3b:a1:82:15:2a:31:
d0:d4:16:11:99:47:da:3f:e7:0f:77:aa:48:c4:24:
c4:92:e9:02:6d:50:5d:97:de:ea:4d:43:f7:3b:8f:
01:2e:ab:a0:77:25:58:10:b9:50:d8:79:7a:87:cc:
86:af:33:a0:61:58:c1:aa:0f:ad:e4:13:4e:de:36:
4d:5e:4a:ed:99:8c:d7:4c:f6:8c:ad:d9:e2:17:fd:
8c:26:c1:dd:ef:13:6b:77:4b:38:06:e1:fd:fc:b3:
69:29:ad:3f:35:72:4c:62:30:12:89:1a:ba:19:85:
cc:d6:4a:79:a6:85:e6:5a:41:77:d3:98:28:cd:ba:
31:63:29:0a:57:9a:9a:6e:e4:29:a5:f5:1e:7a:08:
22:f7:5b:b4:5f:42:ce:15:00:10:19:6f:3a:cd:14:
f6:1e:6e:c2:5e:4a:fa:07:c8:29:c5:54:6f:16:e3:
cc:3d:a9:0b:2d:a8:e9:64:85:83:59:00:e8:1b:fd:
6d:5a:b9:4a:a8:ae:5d:40:38:bf:72:0d:5d:88:88:
72:e5:ac:c4:06:63:42:37:0d:4e:cb:26:76:15:d2:
24:a0:0e:e9:d9:a8:bd:d6:d3:3d:93:a0:bd:a7:56:
61:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:2E:DC:58:2B:4A:8F:C6:0E:92:83:1F:6E:C9:3F:1A:64:3E:A2:64
X509v3 Authority Key Identifier:
keyid:37:CA:50:02:28:28:D9:01:BF:42:B2:79:8F:78:44:10:4B:05:40:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N8pQAigo2QG_QrJ5j3hEEEsFQE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ef9498-44f4-4ffd-844f-5c830fe4bad0/1/Fy7cWCtKj8YOkoMfbsk_GmQ-omQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/ef9498-44f4-4ffd-844f-5c830fe4bad0/1/N8pQAigo2QG_QrJ5j3hEEEsFQE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.248.232.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:ff:8a:b8:0b:7a:27:82:0b:30:3a:bc:b2:33:64:10:08:af:
05:27:4e:fa:47:05:c7:0d:33:58:bf:b6:ed:70:b9:e9:60:fa:
a6:19:e6:f7:a1:0b:4d:75:97:13:00:96:81:c7:dd:19:9f:63:
96:ec:27:4b:c4:53:96:a9:ad:d4:5f:ea:3b:74:81:c9:1f:1c:
9e:1d:03:cd:00:a9:91:2f:10:6f:62:a3:b3:80:0e:f7:79:0f:
70:2c:4b:9b:3e:20:56:cc:5c:ec:f4:8c:84:c2:5a:a6:12:4c:
be:56:7d:fc:9e:a7:7e:44:bb:93:fb:8a:63:56:b3:4b:45:88:
7b:9c:f4:7c:5b:9a:dc:c5:fc:d6:cd:b7:aa:94:67:be:cc:63:
07:a2:16:9b:6d:c8:07:b9:56:c1:33:77:e1:4b:48:da:a0:c8:
57:4a:35:e9:9c:98:7d:30:b2:1b:66:24:da:f2:75:c8:6d:71:
01:6f:05:c7:65:24:53:c8:58:5b:fb:4a:97:fe:01:a1:ce:bb:
c8:bb:5b:40:9c:fc:0f:d9:e4:7b:57:ec:af:09:cb:9a:47:fa:
6f:c3:26:f6:a7:0f:f9:f4:4f:d2:79:c4:cb:70:85:32:a2:ac:
92:f3:94:39:85:19:f2:62:e8:61:a5:24:c9:a0:dc:e3:40:98:
a2:e8:5c:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk5QHQy/MdoOIbI/1W974MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Y2E1MDAyMjgyOGQ5MDFiZjQyYjI3OThmNzg0NDEwNGIw
NTQwNGQwHhcNMjQwMTAxMTAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzJlZGM1ODJiNGE4ZmM2MGU5MjgzMWY2ZWM5M2YxYTY0M2VhMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDIXL1GLK6LKZY+yOlyuGHoefd+h
jvA7oYIVKjHQ1BYRmUfaP+cPd6pIxCTEkukCbVBdl97qTUP3O48BLqugdyVYELlQ
2Hl6h8yGrzOgYVjBqg+t5BNO3jZNXkrtmYzXTPaMrdniF/2MJsHd7xNrd0s4BuH9
/LNpKa0/NXJMYjASiRq6GYXM1kp5poXmWkF305gozboxYykKV5qabuQppfUeeggi
91u0X0LOFQAQGW86zRT2Hm7CXkr6B8gpxVRvFuPMPakLLajpZIWDWQDoG/1tWrlK
qK5dQDi/cg1diIhy5azEBmNCNw1OyyZ2FdIkoA7p2ai91tM9k6C9p1ZhgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBcu3FgrSo/GDpKDH27JPxpkPqJkMB8GA1UdIwQY
MBaAFDfKUAIoKNkBv0KyeY94RBBLBUBNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjhwUUFpZ28yUUdfUXJKNWozaEVFRXNGUUUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9lZjk0OTgtNDRmNC00ZmZkLTg0NGYt
NWM4MzBmZTRiYWQwLzEvRnk3Y1dDdEtqOFlPa29NZmJza19HbVEtb21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9lZjk0OTgtNDRmNC00ZmZkLTg0NGYtNWM4MzBmZTRiYWQw
LzEvTjhwUUFpZ28yUUdfUXJKNWozaEVFRXNGUUUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/joMA0G
CSqGSIb3DQEBCwUAA4IBAQAM/4q4C3onggswOryyM2QQCK8FJ076RwXHDTNYv7bt
cLnpYPqmGeb3oQtNdZcTAJaBx90Zn2OW7CdLxFOWqa3UX+o7dIHJHxyeHQPNAKmR
LxBvYqOzgA73eQ9wLEubPiBWzFzs9IyEwlqmEky+Vn38nqd+RLuT+4pjVrNLRYh7
nPR8W5rcxfzWzbeqlGe+zGMHohabbcgHuVbBM3fhS0jaoMhXSjXpnJh9MLIbZiTa
8nXIbXEBbwXHZSRTyFhb+0qX/gGhzrvIu1tAnPwP2eR7V+yvCcuaR/pvwyb2pw/5
9E/SecTLcIUyoqyS85Q5hRnyYuhhpSTJoNzjQJii6FzQ
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:50:29 2025 by rpki-client