Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/aa2311-b1cd-4d18-aebb-a3f2324f6d8c/1/p_FrBgbJKMqk7JXenxoCK3jnAm8.roa
File: p_FrBgbJKMqk7JXenxoCK3jnAm8.roa (raw, json)
Hash identifier: viBHWgUbDKXGBurXfE5vJ298Ljh2+Fc2OkP/E+83FWk=
Subject key identifier: A7:F1:6B:06:06:C9:28:CA:A4:EC:95:DE:9F:1A:02:2B:78:E7:02:6F
Certificate issuer: /CN=59f915ae3e2216be338f6334532f9380cfd2f40a
Certificate serial: 018CC86F98CDFFCBFF1A47FFC9DAFED68685
Authority key identifier: 59:F9:15:AE:3E:22:16:BE:33:8F:63:34:53:2F:93:80:CF:D2:F4:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WfkVrj4iFr4zj2M0Uy-TgM_S9Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/aa2311-b1cd-4d18-aebb-a3f2324f6d8c/1/p_FrBgbJKMqk7JXenxoCK3jnAm8.roa
Signing time: Tue 02 Jan 2024 04:30:05 +0000
ROA not before: Tue 02 Jan 2024 04:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 194.56.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:98:cd:ff:cb:ff:1a:47:ff:c9:da:fe:d6:86:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59f915ae3e2216be338f6334532f9380cfd2f40a
Validity
Not Before: Jan 2 04:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7f16b0606c928caa4ec95de9f1a022b78e7026f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0d:e0:9e:f2:14:7e:92:6e:85:9d:76:93:27:
70:8f:95:f5:f7:97:98:1e:1c:f0:16:ae:f0:4b:c4:
3a:93:b6:2f:af:1d:90:a9:fe:8f:ce:f7:0a:8b:e5:
8a:5b:09:00:33:1e:36:d9:ef:f4:1c:a6:f9:1d:92:
60:77:aa:cf:13:d7:76:a6:a7:33:3d:63:25:be:40:
1c:ff:80:43:00:44:09:1c:3b:bf:fd:de:b1:aa:f8:
26:df:63:db:99:97:2b:14:59:84:0e:20:9a:93:94:
11:18:2d:0c:eb:0b:c2:ee:c4:2c:01:26:ae:11:4a:
ca:b8:5f:ee:c1:85:0d:e8:d1:b6:39:92:d1:ee:4b:
83:f2:f5:f6:8e:d2:68:4c:1e:cd:d2:c1:a0:7e:3e:
8c:53:c4:69:34:65:d3:28:d2:0e:06:1c:93:d1:06:
7b:17:33:18:16:44:a1:78:2e:ba:ee:ee:5b:9d:c3:
65:cf:35:14:c9:c7:3c:a9:fa:84:53:d4:62:97:f8:
4a:16:66:10:12:80:ec:ff:53:5f:19:14:c9:ed:ab:
04:91:93:ec:ad:ac:28:f1:0d:45:cb:4b:c0:7a:24:
30:d3:84:3e:59:4f:c1:b9:99:e5:a9:c2:c7:fd:84:
6e:78:cb:73:a5:c7:25:43:4f:4a:92:02:24:b2:8d:
af:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F1:6B:06:06:C9:28:CA:A4:EC:95:DE:9F:1A:02:2B:78:E7:02:6F
X509v3 Authority Key Identifier:
keyid:59:F9:15:AE:3E:22:16:BE:33:8F:63:34:53:2F:93:80:CF:D2:F4:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WfkVrj4iFr4zj2M0Uy-TgM_S9Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/aa2311-b1cd-4d18-aebb-a3f2324f6d8c/1/p_FrBgbJKMqk7JXenxoCK3jnAm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/aa2311-b1cd-4d18-aebb-a3f2324f6d8c/1/WfkVrj4iFr4zj2M0Uy-TgM_S9Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.108.0/22
Signature Algorithm: sha256WithRSAEncryption
47:aa:d5:c8:17:e3:de:df:75:26:ca:55:3c:24:9e:6e:bd:20:
4e:06:d4:6e:d2:25:bb:65:f6:c1:c8:66:cb:c0:47:be:c7:0e:
ec:19:18:61:dd:c2:ca:6d:c7:be:78:03:dd:32:2a:b3:e7:05:
d8:94:34:a3:5d:fa:24:70:8b:52:47:53:98:e1:e4:fb:a2:b2:
bf:b5:91:50:a3:bd:b2:a2:de:52:15:fd:27:ae:51:e7:09:5b:
20:b6:e3:c3:c8:b0:25:c4:95:d5:66:24:a6:91:97:67:9a:bb:
f3:be:e8:dc:05:9a:19:59:fb:8b:0e:88:36:3a:38:11:1c:24:
0a:f7:09:d9:ad:08:c6:53:e7:cd:ea:97:7b:a5:97:da:86:9b:
d4:e2:6f:4d:c5:6d:90:9f:37:a8:b9:8c:04:e2:a3:bd:26:59:
34:1e:47:fd:9b:4b:40:61:8d:3f:2f:08:a7:a0:50:b0:09:d1:
e0:d9:70:f7:1c:ac:fe:d3:b9:42:b6:da:ba:af:85:cb:c7:d3:
4e:1a:6f:a0:a5:09:8d:ec:5b:3f:ef:c0:cc:39:6e:49:78:14:
d7:6c:e8:2e:19:d3:54:ad:97:75:94:5b:56:2c:81:86:9a:d8:
09:eb:23:f9:62:df:dc:b3:54:30:b6:f7:a9:00:dc:5c:4a:23:
33:d4:dc:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb5jN/8v/Gkf/ydr+1oaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZjkxNWFlM2UyMjE2YmUzMzhmNjMzNDUzMmY5MzgwY2Zk
MmY0MGEwHhcNMjQwMTAyMDQzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2YxNmIwNjA2YzkyOGNhYTRlYzk1ZGU5ZjFhMDIyYjc4ZTcwMjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ3gnvIUfpJuhZ12kydwj5X195eY
HhzwFq7wS8Q6k7Yvrx2Qqf6PzvcKi+WKWwkAMx422e/0HKb5HZJgd6rPE9d2pqcz
PWMlvkAc/4BDAEQJHDu//d6xqvgm32PbmZcrFFmEDiCak5QRGC0M6wvC7sQsASau
EUrKuF/uwYUN6NG2OZLR7kuD8vX2jtJoTB7N0sGgfj6MU8RpNGXTKNIOBhyT0QZ7
FzMYFkSheC667u5bncNlzzUUycc8qfqEU9Ril/hKFmYQEoDs/1NfGRTJ7asEkZPs
rawo8Q1Fy0vAeiQw04Q+WU/BuZnlqcLH/YRueMtzpcclQ09KkgIkso2vuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKfxawYGySjKpOyV3p8aAit45wJvMB8GA1UdIwQY
MBaAFFn5Fa4+Iha+M49jNFMvk4DP0vQKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2ZrVnJqNGlGcjR6ajJNMFV5LVRnTV9TOUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9hYTIzMTEtYjFjZC00ZDE4LWFlYmIt
YTNmMjMyNGY2ZDhjLzEvcF9GckJnYkpLTXFrN0pYZW54b0NLM2puQW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9hYTIzMTEtYjFjZC00ZDE4LWFlYmItYTNmMjMyNGY2ZDhj
LzEvV2ZrVnJqNGlGcjR6ajJNMFV5LVRnTV9TOUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwjhsMA0G
CSqGSIb3DQEBCwUAA4IBAQBHqtXIF+Pe33UmylU8JJ5uvSBOBtRu0iW7ZfbByGbL
wEe+xw7sGRhh3cLKbce+eAPdMiqz5wXYlDSjXfokcItSR1OY4eT7orK/tZFQo72y
ot5SFf0nrlHnCVsgtuPDyLAlxJXVZiSmkZdnmrvzvujcBZoZWfuLDog2OjgRHCQK
9wnZrQjGU+fN6pd7pZfahpvU4m9NxW2QnzeouYwE4qO9Jlk0Hkf9m0tAYY0/Lwin
oFCwCdHg2XD3HKz+07lCttq6r4XLx9NOGm+gpQmN7Fs/78DMOW5JeBTXbOguGdNU
rZd1lFtWLIGGmtgJ6yP5Yt/cs1QwtvepANxcSiMz1Nxu
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:00:34 2025 by rpki-client