Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d10813-fe61-4033-a433-5ee9b62246db/1/1-qjrY22dEn3uoAWsPQH-qIq9qXk.roa
File: 1-qjrY22dEn3uoAWsPQH-qIq9qXk.roa (raw, json)
Hash identifier: JBvCySfn+85QKu46DWH2zrsq7O4lp1O5jcXELlk2luI=
Subject key identifier: FA:A8:EB:63:6D:9D:12:7D:EE:A0:05:AC:3D:01:FE:A8:8A:BD:A9:79
Certificate issuer: /CN=fbf380b6675b9ccd5f812e069fff175478fb38a4
Certificate serial: 018CCA2ABABBEFDF8BB5D1AA81CF454142AC
Authority key identifier: FB:F3:80:B6:67:5B:9C:CD:5F:81:2E:06:9F:FF:17:54:78:FB:38:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_OAtmdbnM1fgS4Gn_8XVHj7OKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/d10813-fe61-4033-a433-5ee9b62246db/1/1-qjrY22dEn3uoAWsPQH-qIq9qXk.roa
Signing time: Tue 02 Jan 2024 12:34:07 +0000
ROA not before: Tue 02 Jan 2024 12:34:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57696
IP address blocks: 193.107.64.0/24 maxlen: 24
2a07:1780::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:ba:bb:ef:df:8b:b5:d1:aa:81:cf:45:41:42:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf380b6675b9ccd5f812e069fff175478fb38a4
Validity
Not Before: Jan 2 12:34:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faa8eb636d9d127deea005ac3d01fea88abda979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ad:41:34:83:2a:42:6f:84:3d:e3:54:94:e2:
c7:4b:43:c5:c5:a1:4c:f0:83:06:51:a0:73:de:e8:
d9:04:28:e2:ec:19:86:f4:e1:d8:15:da:d0:88:e1:
c0:1a:5f:ba:8b:a8:99:aa:9b:b8:09:01:85:fd:b4:
c1:c2:cc:67:9f:94:0f:70:46:1d:c0:fa:a0:64:31:
a6:2c:50:73:e7:86:be:08:cb:8c:d9:f6:30:67:93:
50:94:f0:be:93:da:59:d4:80:b0:30:2d:7a:86:37:
0c:00:6b:f8:5c:53:07:4c:65:f7:7c:96:cd:ff:4a:
7f:78:e5:6d:fb:81:b0:80:8b:06:69:c4:ed:32:af:
f6:47:b4:4f:71:c1:e0:35:fd:3c:8e:a8:e3:1f:c4:
76:fb:72:51:7f:ca:a6:64:23:ab:fc:56:c5:4b:0f:
b1:ed:38:74:90:94:4d:3f:d0:c0:14:6a:bc:f8:1c:
eb:82:f2:93:4b:dd:48:ab:a0:6c:85:76:56:a9:1a:
1f:9c:3c:15:5b:5d:b1:12:f1:5e:3b:89:c6:27:db:
8d:bf:b1:44:ab:75:22:fb:a8:88:a3:f4:a5:a8:73:
5a:28:35:be:cc:fb:97:7d:08:c2:5f:cd:e4:ec:be:
2e:de:48:16:25:7c:80:d7:d8:8b:3d:c8:56:0f:b1:
03:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A8:EB:63:6D:9D:12:7D:EE:A0:05:AC:3D:01:FE:A8:8A:BD:A9:79
X509v3 Authority Key Identifier:
keyid:FB:F3:80:B6:67:5B:9C:CD:5F:81:2E:06:9F:FF:17:54:78:FB:38:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_OAtmdbnM1fgS4Gn_8XVHj7OKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d10813-fe61-4033-a433-5ee9b62246db/1/1-qjrY22dEn3uoAWsPQH-qIq9qXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d10813-fe61-4033-a433-5ee9b62246db/1/1-_OAtmdbnM1fgS4Gn_8XVHj7OKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.107.64.0/24
IPv6:
2a07:1780::/29
Signature Algorithm: sha256WithRSAEncryption
5f:03:a1:fb:69:5f:85:f5:d6:01:57:e3:ef:04:3f:7d:ff:a5:
20:4d:bb:74:78:62:35:8b:ab:a2:40:cf:16:51:5f:e3:b0:52:
fa:5f:52:4e:86:71:49:b0:14:c8:f2:bd:75:b1:d8:39:eb:e5:
1a:41:c0:e9:7d:f7:7d:fd:86:f2:98:91:38:94:c3:84:94:5d:
44:9e:b4:22:de:47:aa:fd:19:df:77:4c:e6:17:46:73:b1:47:
d8:fc:9b:e0:3d:72:b7:3d:e2:d2:3a:a2:aa:52:fe:64:82:1f:
93:94:3c:e1:cf:f9:b5:88:5e:0b:24:3d:02:44:4c:67:12:d8:
8c:03:39:09:32:9e:d3:4a:01:35:43:76:59:35:b2:b4:6e:2d:
c4:b7:42:06:6c:cf:fd:0e:7e:44:d1:d0:05:1d:49:62:65:27:
bc:6d:b8:92:fa:d5:06:d3:93:b1:b3:9d:45:89:aa:47:16:6b:
40:2c:66:0d:78:42:6b:20:88:b9:a6:e9:00:6a:a4:b9:e4:9f:
d6:52:ec:88:c7:fb:14:1d:1a:a9:55:82:88:37:83:f2:5f:35:
e6:ea:4a:1a:71:80:3e:c0:d6:36:9e:3d:8d:2a:e9:83:d0:08:
a6:ef:3a:2c:a6:ff:0a:ff:b4:3f:f7:6a:4b:a5:0a:02:32:b2:
9b:01:a5:fd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKrq779+LtdGqgc9FQUKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjM4MGI2Njc1YjljY2Q1ZjgxMmUwNjlmZmYxNzU0Nzhm
YjM4YTQwHhcNMjQwMTAyMTIzNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWE4ZWI2MzZkOWQxMjdkZWVhMDA1YWMzZDAxZmVhODhhYmRhOTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK1BNIMqQm+EPeNUlOLHS0PFxaFM
8IMGUaBz3ujZBCji7BmG9OHYFdrQiOHAGl+6i6iZqpu4CQGF/bTBwsxnn5QPcEYd
wPqgZDGmLFBz54a+CMuM2fYwZ5NQlPC+k9pZ1ICwMC16hjcMAGv4XFMHTGX3fJbN
/0p/eOVt+4GwgIsGacTtMq/2R7RPccHgNf08jqjjH8R2+3JRf8qmZCOr/FbFSw+x
7Th0kJRNP9DAFGq8+BzrgvKTS91Iq6BshXZWqRofnDwVW12xEvFeO4nGJ9uNv7FE
q3Ui+6iIo/SlqHNaKDW+zPuXfQjCX83k7L4u3kgWJXyA19iLPchWD7EDewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPqo62NtnRJ97qAFrD0B/qiKval5MB8GA1UdIwQY
MBaAFPvzgLZnW5zNX4EuBp//F1R4+zikMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fT0F0bWRibk0xZmdTNEduXzhYVkhqN09LUS5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMvZDEwODEzLWZlNjEtNDAzMy1hNDMz
LTVlZTliNjIyNDZkYi8xLzEtcWpyWTIyZEVuM3VvQVdzUFFILXFJcTlxWGsucm9h
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxULzZjL2QxMDgxMy1mZTYxLTQwMzMtYTQzMy01ZWU5YjYyMjQ2
ZGIvMS8xLV9PQXRtZGJuTTFmZ1M0R25fOFhWSGo3T0tRLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwWtA
MA0EAgACMAcDBQMqBxeAMA0GCSqGSIb3DQEBCwUAA4IBAQBfA6H7aV+F9dYBV+Pv
BD99/6UgTbt0eGI1i6uiQM8WUV/jsFL6X1JOhnFJsBTI8r11sdg56+UaQcDpffd9
/YbymJE4lMOElF1EnrQi3keq/Rnfd0zmF0ZzsUfY/JvgPXK3PeLSOqKqUv5kgh+T
lDzhz/m1iF4LJD0CRExnEtiMAzkJMp7TSgE1Q3ZZNbK0bi3Et0IGbM/9Dn5E0dAF
HUliZSe8bbiS+tUG05Oxs51FiapHFmtALGYNeEJrIIi5pukAaqS55J/WUuyIx/sU
HRqpVYKIN4PyXzXm6koacYA+wNY2nj2NKumD0Aim7zospv8K/7Q/92pLpQoCMrKb
AaX9
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:26:54 2025 by rpki-client