Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/flGWGJBSJRB3OVz2-AIKsyVQzhY.roa
File: flGWGJBSJRB3OVz2-AIKsyVQzhY.roa (raw, json)
Hash identifier: WncPIbu551wOPNYaTlkQ85WeMqd4oia5RgXgIRMMqoE=
Subject key identifier: 7E:51:96:18:90:52:25:10:77:39:5C:F6:F8:02:0A:B3:25:50:CE:16
Certificate issuer: /CN=40518ecbd6464d78ad451551648f9206f7fb5f42
Certificate serial: 0194972BEF629A560BF749AE16F4FF3A7DBC
Authority key identifier: 40:51:8E:CB:D6:46:4D:78:AD:45:15:51:64:8F:92:06:F7:FB:5F:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QFGOy9ZGTXitRRVRZI-SBvf7X0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/flGWGJBSJRB3OVz2-AIKsyVQzhY.roa
Signing time: Fri 24 Jan 2025 07:17:06 +0000
ROA not before: Fri 24 Jan 2025 07:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214849
IP address blocks: 138.222.65.0/24 maxlen: 24
138.222.66.0/24 maxlen: 24
138.222.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 08:46:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:97:2b:ef:62:9a:56:0b:f7:49:ae:16:f4:ff:3a:7d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40518ecbd6464d78ad451551648f9206f7fb5f42
Validity
Not Before: Jan 24 07:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e5196189052251077395cf6f8020ab32550ce16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ce:e0:e7:c2:cd:19:92:e8:09:63:d4:41:d2:
ff:1a:9d:cf:3a:23:6e:c3:d1:04:8c:ca:92:1c:14:
4c:79:36:29:b0:cf:0c:81:a2:7a:20:4d:92:67:83:
e9:5f:91:95:05:2c:c3:16:a9:46:4f:1c:e1:09:1c:
25:1c:8a:a1:41:7a:ed:80:15:d2:36:36:7b:43:e5:
21:b7:ca:e0:f3:48:85:b0:f0:6f:10:f8:3c:55:d8:
a4:70:6e:88:7d:0c:fb:bb:a8:ea:e2:32:de:c2:78:
81:71:f4:e4:f5:00:fd:0a:1e:2e:8f:5c:10:d8:ba:
36:d3:39:c9:39:9e:bd:b5:d8:eb:7d:4e:22:75:30:
dd:7e:1e:66:8d:82:70:ce:ff:97:76:c2:e5:8e:4e:
36:94:7b:56:92:3f:3d:7d:c8:72:cc:a1:41:12:f5:
33:49:fe:15:aa:4c:15:53:ad:41:89:41:ee:6c:26:
91:28:6e:f1:9c:4b:93:bc:55:a2:85:7d:f9:a0:88:
1f:22:51:95:e0:10:3e:ee:5a:9e:3c:08:27:ca:7a:
37:29:6f:91:82:a3:b8:9b:48:e6:18:9d:29:79:95:
7b:73:2a:19:f7:02:5a:36:e0:4d:a7:0e:30:42:61:
84:30:14:38:18:82:bb:99:be:1c:1a:ba:62:59:b4:
09:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:51:96:18:90:52:25:10:77:39:5C:F6:F8:02:0A:B3:25:50:CE:16
X509v3 Authority Key Identifier:
keyid:40:51:8E:CB:D6:46:4D:78:AD:45:15:51:64:8F:92:06:F7:FB:5F:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QFGOy9ZGTXitRRVRZI-SBvf7X0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/flGWGJBSJRB3OVz2-AIKsyVQzhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/QFGOy9ZGTXitRRVRZI-SBvf7X0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.222.65.0-138.222.67.255
Signature Algorithm: sha256WithRSAEncryption
14:0d:8e:e8:ce:2e:21:82:37:86:a9:6b:ba:30:c8:cb:1c:c7:
d0:ea:bc:1e:73:67:a4:c2:b9:39:03:31:8b:0f:8f:7b:76:6a:
06:8b:ee:dd:f7:ee:6e:63:39:93:30:d0:20:bd:3b:d7:22:47:
98:7d:cd:2c:c6:bf:25:c8:6a:99:8e:16:6e:cb:a2:39:f7:ca:
d0:7e:41:49:06:1b:d9:79:e3:32:3f:00:a8:3c:f4:c6:e3:ee:
0f:cd:7f:9b:28:f7:9b:6b:33:1f:8f:6a:bf:3f:68:26:fc:40:
6b:d9:ad:9b:b8:5c:5f:77:8f:7c:e3:01:b2:23:67:a5:e6:36:
2a:82:69:5d:9e:d9:0e:47:9c:c6:1c:71:93:64:cc:a1:69:81:
c7:64:87:8b:32:25:7d:78:3d:2e:50:c0:4d:6f:00:20:f7:5d:
b3:66:db:f8:ff:48:42:6c:12:62:53:6a:c9:04:ea:e5:27:a1:
f0:97:1a:1b:e5:96:e0:74:b0:d1:04:d5:13:1d:d5:cd:f1:18:
b8:d9:8a:75:bb:eb:3a:59:14:d4:b9:15:e3:95:64:c5:58:3e:
b8:1c:30:09:64:7c:58:7e:c4:85:69:9d:5d:a7:c2:f5:b8:d8:
2b:bd:8c:3d:08:7d:8a:80:a3:92:28:49:4f:4b:c8:82:7b:fb:
5c:c9:84:5d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZSXK+9imlYL90muFvT/On28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNTE4ZWNiZDY0NjRkNzhhZDQ1MTU1MTY0OGY5MjA2Zjdm
YjVmNDIwHhcNMjUwMTI0MDcxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTUxOTYxODkwNTIyNTEwNzczOTVjZjZmODAyMGFiMzI1NTBjZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq87g58LNGZLoCWPUQdL/Gp3POiNu
w9EEjMqSHBRMeTYpsM8MgaJ6IE2SZ4PpX5GVBSzDFqlGTxzhCRwlHIqhQXrtgBXS
NjZ7Q+Uht8rg80iFsPBvEPg8VdikcG6IfQz7u6jq4jLewniBcfTk9QD9Ch4uj1wQ
2Lo20znJOZ69tdjrfU4idTDdfh5mjYJwzv+XdsLljk42lHtWkj89fchyzKFBEvUz
Sf4VqkwVU61BiUHubCaRKG7xnEuTvFWihX35oIgfIlGV4BA+7lqePAgnyno3KW+R
gqO4m0jmGJ0peZV7cyoZ9wJaNuBNpw4wQmGEMBQ4GIK7mb4cGrpiWbQJlQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFH5RlhiQUiUQdzlc9vgCCrMlUM4WMB8GA1UdIwQY
MBaAFEBRjsvWRk14rUUVUWSPkgb3+19CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUZHT3k5WkdUWGl0UlJWUlpJLVNCdmY3WDBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80MzcxNTAtNzgzYy00MzFhLWIzZmQt
N2MzZDc5NDAxZWMyLzEvZmxHV0dKQlNKUkIzT1Z6Mi1BSUtzeVZRemhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80MzcxNTAtNzgzYy00MzFhLWIzZmQtN2MzZDc5NDAxZWMy
LzEvUUZHT3k5WkdUWGl0UlJWUlpJLVNCdmY3WDBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACK3kED
BAKK3kAwDQYJKoZIhvcNAQELBQADggEBABQNjujOLiGCN4apa7owyMscx9DqvB5z
Z6TCuTkDMYsPj3t2agaL7t337m5jOZMw0CC9O9ciR5h9zSzGvyXIapmOFm7Lojn3
ytB+QUkGG9l54zI/AKg89Mbj7g/Nf5so95trMx+Par8/aCb8QGvZrZu4XF93j3zj
AbIjZ6XmNiqCaV2e2Q5HnMYccZNkzKFpgcdkh4syJX14PS5QwE1vACD3XbNm2/j/
SEJsEmJTaskE6uUnofCXGhvlluB0sNEE1RMd1c3xGLjZinW76zpZFNS5FeOVZMVY
PrgcMAlkfFh+xIVpnV2nwvW42Cu9jD0IfYqAo5IoSU9LyIJ7+1zJhF0=
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:38 2025 by rpki-client