Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/fpnaCow1N5fVaq2sOCznj3yzsjY.roa
File: fpnaCow1N5fVaq2sOCznj3yzsjY.roa (raw, json)
Hash identifier: Z+9bRF9YZYS826m9oxoeKf0GcjF/lPb4bcPnuNZ6fOA=
Subject key identifier: 7E:99:DA:0A:8C:35:37:97:D5:6A:AD:AC:38:2C:E7:8F:7C:B3:B2:36
Certificate issuer: /CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Certificate serial: 018CC348C100C3047F56A7C2AABE96AD94CC
Authority key identifier: 5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/fpnaCow1N5fVaq2sOCznj3yzsjY.roa
Signing time: Mon 01 Jan 2024 04:29:34 +0000
ROA not before: Mon 01 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49720
IP address blocks: 94.131.240.0/24 maxlen: 24
94.131.241.0/24 maxlen: 24
94.131.242.0/24 maxlen: 24
185.241.109.0/24 maxlen: 24
94.131.243.0/24 maxlen: 24
94.131.246.0/24 maxlen: 24
94.131.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c1:00:c3:04:7f:56:a7:c2:aa:be:96:ad:94:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Validity
Not Before: Jan 1 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e99da0a8c353797d56aadac382ce78f7cb3b236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f1:20:a0:0e:4d:f7:dd:d5:12:f4:cc:c2:11:
72:9b:9e:ba:d9:e0:f2:62:13:ff:e6:f9:73:37:3b:
dc:a6:74:12:dd:74:de:0f:ef:5d:3a:a6:e5:4e:d5:
b2:86:f5:58:41:af:1e:4f:31:42:20:d3:f9:6f:f9:
b7:87:63:7e:a2:1d:97:18:a2:e9:ad:2b:c2:91:6a:
41:05:cd:8d:8a:4b:e7:53:6f:e4:74:9e:68:c7:96:
a3:17:29:80:fa:97:4b:03:70:1d:c0:38:73:16:5b:
f6:b2:8e:da:92:33:8f:1c:1e:c3:44:0e:98:61:d4:
4e:fc:21:39:27:29:38:92:7c:62:76:7b:7f:d1:1d:
aa:61:37:b0:f8:40:c2:b9:54:28:f4:b9:c5:41:96:
86:d8:d6:50:70:b3:77:d4:9e:89:be:7b:3c:15:1e:
de:5e:a8:99:1a:c4:24:01:be:d7:98:6c:73:28:c2:
51:55:25:9d:50:6a:72:ab:4c:1c:ec:b2:df:ee:89:
75:25:7d:4a:f6:82:c6:c8:36:42:9b:16:3d:3e:86:
63:27:53:7e:be:f3:c5:19:e1:87:e5:3a:af:16:a1:
87:6a:95:0c:7d:41:b4:87:c1:60:df:a9:f5:6f:b0:
55:32:af:54:2b:46:1c:8b:39:11:e8:a2:13:bc:ae:
6b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:99:DA:0A:8C:35:37:97:D5:6A:AD:AC:38:2C:E7:8F:7C:B3:B2:36
X509v3 Authority Key Identifier:
keyid:5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/fpnaCow1N5fVaq2sOCznj3yzsjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.240.0/22
94.131.246.0/23
185.241.109.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ae:44:cf:23:7e:fa:41:34:4c:42:97:24:1a:f0:7b:7e:59:
70:7d:63:c2:6c:a4:a4:2b:0c:eb:25:38:db:ad:b9:a0:6e:86:
06:df:20:cd:79:b6:e6:19:56:0b:b2:90:11:c0:f1:f1:a9:ce:
75:47:0a:8e:54:a9:14:12:63:08:9e:55:d3:d9:66:84:48:30:
2c:37:2b:e3:32:0f:ce:5c:8c:da:f9:20:8a:f3:14:e8:35:74:
12:4b:c4:61:04:42:aa:78:63:a2:30:27:d6:dd:a0:3d:45:d9:
dd:33:13:09:52:2f:b8:d3:94:99:dd:51:ab:59:55:d5:f8:60:
0b:67:4f:15:27:f9:b7:44:a0:25:57:44:c2:96:95:8c:a2:38:
4a:0b:ee:3b:46:33:39:78:13:ce:c8:2d:0b:3b:db:b3:2e:7a:
0e:27:af:e8:fc:2d:08:3d:9d:ba:08:49:7f:df:41:8b:21:32:
34:3c:94:67:f7:95:07:ff:57:37:52:51:23:85:54:e2:93:ee:
af:4d:c0:b4:cd:76:4b:60:84:96:da:5a:a2:94:ce:0e:34:ef:
e9:50:2f:b2:79:cd:1e:aa:1f:46:a1:92:bc:89:af:91:67:f9:
2a:0d:a7:0e:d1:07:56:a7:f5:44:10:e6:ba:ec:38:69:9e:69:
7f:92:f3:1f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSMEAwwR/VqfCqr6WrZTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNmIwYzAwMWE5OWFiNjI5NmUyNDIxNzNiZjdlN2ZkY2Yw
M2MwMTkwHhcNMjQwMTAxMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTk5ZGEwYThjMzUzNzk3ZDU2YWFkYWMzODJjZTc4ZjdjYjNiMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvEgoA5N993VEvTMwhFym5662eDy
YhP/5vlzNzvcpnQS3XTeD+9dOqblTtWyhvVYQa8eTzFCINP5b/m3h2N+oh2XGKLp
rSvCkWpBBc2NikvnU2/kdJ5ox5ajFymA+pdLA3AdwDhzFlv2so7akjOPHB7DRA6Y
YdRO/CE5Jyk4knxidnt/0R2qYTew+EDCuVQo9LnFQZaG2NZQcLN31J6Jvns8FR7e
XqiZGsQkAb7XmGxzKMJRVSWdUGpyq0wc7LLf7ol1JX1K9oLGyDZCmxY9PoZjJ1N+
vvPFGeGH5TqvFqGHapUMfUG0h8Fg36n1b7BVMq9UK0YcizkR6KITvK5rIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH6Z2gqMNTeX1WqtrDgs5498s7I2MB8GA1UdIwQY
MBaAFFxrDAAamatiluJCFzv35/3PA8AZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMt
YzE4ZTNjY2M3NDJiLzEvZnBuYUNvdzFONWZWYXEyc09Dem5qM3l6c2pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMtYzE4ZTNjY2M3NDJi
LzEvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXoPwAwQB
XoP2AwQAufFtMA0GCSqGSIb3DQEBCwUAA4IBAQB5rkTPI376QTRMQpckGvB7fllw
fWPCbKSkKwzrJTjbrbmgboYG3yDNebbmGVYLspARwPHxqc51RwqOVKkUEmMInlXT
2WaESDAsNyvjMg/OXIza+SCK8xToNXQSS8RhBEKqeGOiMCfW3aA9RdndMxMJUi+4
05SZ3VGrWVXV+GALZ08VJ/m3RKAlV0TClpWMojhKC+47RjM5eBPOyC0LO9uzLnoO
J6/o/C0IPZ26CEl/30GLITI0PJRn95UH/1c3UlEjhVTik+6vTcC0zXZLYISW2lqi
lM4ONO/pUC+yec0eqh9GoZK8ia+RZ/kqDacO0QdWp/VEEOa67Dhpnml/kvMf
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:22:56 2025 by rpki-client