Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/F4a-PNIbyIeoHJ8Md5ckQFjiPCY.roa
File: F4a-PNIbyIeoHJ8Md5ckQFjiPCY.roa (raw, json)
Hash identifier: 8GHd/0cVPxz+N9zdBQBXYiSUnMpQ0W2Vr2SzWUEqrAU=
Subject key identifier: 17:86:BE:3C:D2:1B:C8:87:A8:1C:9F:0C:77:97:24:40:58:E2:3C:26
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01924C8861BD55B0501F3BA205F95EF5C4EB
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/F4a-PNIbyIeoHJ8Md5ckQFjiPCY.roa
Signing time: Wed 02 Oct 2024 09:20:59 +0000
ROA not before: Wed 02 Oct 2024 09:20:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7303
IP address blocks: 2.18.56.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4c:88:61:bd:55:b0:50:1f:3b:a2:05:f9:5e:f5:c4:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Oct 2 09:20:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1786be3cd21bc887a81c9f0c7797244058e23c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:08:59:7c:cb:58:45:c2:f5:7e:bd:81:34:ce:
6b:57:f4:ef:1e:97:93:48:3d:b5:78:30:8e:18:95:
29:30:8a:08:27:86:43:4d:b2:b0:98:40:c2:8b:e6:
3b:a0:56:cc:81:1c:48:e2:c3:55:9d:f6:f0:76:c4:
fc:ac:e9:04:24:cf:a6:57:78:bd:53:bb:e1:40:ad:
4f:d2:a5:04:6f:6b:2c:39:83:7d:06:68:4d:b8:5c:
6e:41:0e:13:70:fa:aa:60:20:46:12:ac:4f:26:cd:
25:4b:2c:b3:ad:73:54:28:9b:df:41:c9:f7:35:ef:
43:d5:61:8f:cd:b7:ba:aa:01:d8:fc:7c:ee:31:58:
ca:78:33:16:eb:4f:85:a9:86:84:a3:35:d2:85:41:
27:89:b4:e4:7e:6d:8a:27:37:c8:87:e8:51:91:03:
2d:f7:f1:a0:1d:0f:0b:b9:32:b2:1c:40:76:69:e2:
3d:82:d6:b6:31:e6:62:81:62:d6:f8:dd:ad:43:0b:
f8:40:f2:8f:0e:31:e6:49:96:c7:22:b2:d9:0b:07:
05:eb:0e:ff:5d:9c:09:89:98:6e:b4:7a:4a:58:65:
61:ec:10:67:bf:ce:fb:00:0e:85:2b:5a:86:1c:c7:
e3:6d:9e:d2:71:09:27:1c:39:b0:d0:d3:9b:98:53:
6f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:86:BE:3C:D2:1B:C8:87:A8:1C:9F:0C:77:97:24:40:58:E2:3C:26
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/F4a-PNIbyIeoHJ8Md5ckQFjiPCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.18.56.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:0e:ea:2f:6a:eb:aa:19:d2:4d:04:53:c6:42:6a:d4:4d:ec:
6a:fa:e0:93:3b:e7:cc:20:30:38:17:f4:d0:04:cb:b3:69:e2:
3d:c3:cf:5e:0c:c6:21:08:da:24:ea:58:40:f0:d9:50:97:2b:
fc:a5:79:7b:f7:fb:78:cd:19:c5:61:ee:1c:01:e0:8c:c8:bc:
d3:bd:f8:fb:53:2b:4a:63:20:8d:49:32:8c:9a:57:ad:02:4e:
d2:1a:78:e2:33:81:e5:a2:d0:60:5f:87:e9:d0:59:41:47:15:
5a:7c:93:61:91:cb:67:40:c7:a9:a6:6e:8e:ed:2e:6f:13:77:
0e:f9:84:e8:24:1d:33:25:5c:9a:4b:00:9c:d5:8d:1e:59:a9:
22:a1:71:6e:10:61:d3:5a:a5:73:bf:c1:a3:9a:bb:32:27:ba:
0b:27:7f:be:e7:fe:e2:40:38:c2:d1:bb:40:85:65:f8:19:e0:
49:56:af:ac:26:7c:a0:77:ad:44:47:d8:44:8a:d7:ee:3e:48:
89:d7:0a:da:25:50:a2:aa:8d:ee:0c:b5:4a:4a:38:52:57:ae:
01:27:ca:e1:c8:c5:2e:45:97:c4:d6:c6:42:5a:7e:7e:fc:30:
50:98:a8:e6:5b:f1:ea:30:ba:13:6c:a0:ed:22:34:ee:8d:59:
ef:64:95:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJMiGG9VbBQHzuiBfle9cTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQxMDAyMDkyMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzg2YmUzY2QyMWJjODg3YTgxYzlmMGM3Nzk3MjQ0MDU4ZTIzYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwhZfMtYRcL1fr2BNM5rV/TvHpeT
SD21eDCOGJUpMIoIJ4ZDTbKwmEDCi+Y7oFbMgRxI4sNVnfbwdsT8rOkEJM+mV3i9
U7vhQK1P0qUEb2ssOYN9BmhNuFxuQQ4TcPqqYCBGEqxPJs0lSyyzrXNUKJvfQcn3
Ne9D1WGPzbe6qgHY/HzuMVjKeDMW60+FqYaEozXShUEnibTkfm2KJzfIh+hRkQMt
9/GgHQ8LuTKyHEB2aeI9gta2MeZigWLW+N2tQwv4QPKPDjHmSZbHIrLZCwcF6w7/
XZwJiZhutHpKWGVh7BBnv877AA6FK1qGHMfjbZ7ScQknHDmw0NObmFNvVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBeGvjzSG8iHqByfDHeXJEBY4jwmMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvRjRhLVBOSWJ5SWVvSEo4TWQ1Y2tRRmppUENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAhI4MA0G
CSqGSIb3DQEBCwUAA4IBAQBrDuovauuqGdJNBFPGQmrUTexq+uCTO+fMIDA4F/TQ
BMuzaeI9w89eDMYhCNok6lhA8NlQlyv8pXl79/t4zRnFYe4cAeCMyLzTvfj7UytK
YyCNSTKMmletAk7SGnjiM4HlotBgX4fp0FlBRxVafJNhkctnQMeppm6O7S5vE3cO
+YToJB0zJVyaSwCc1Y0eWakioXFuEGHTWqVzv8GjmrsyJ7oLJ3++5/7iQDjC0btA
hWX4GeBJVq+sJnygd61ER9hEitfuPkiJ1wraJVCiqo3uDLVKSjhSV64BJ8rhyMUu
RZfE1sZCWn5+/DBQmKjmW/HqMLoTbKDtIjTujVnvZJWi
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:41 2025 by rpki-client