Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/fPQxK5A0xSB-SzMeU-_L0vrr8bc.roa
File: fPQxK5A0xSB-SzMeU-_L0vrr8bc.roa (raw, json)
Hash identifier: S00SX4dC0IniP92XchILwgwoGZLWvsCdKHyn+NB9XA4=
Subject key identifier: 7C:F4:31:2B:90:34:C5:20:7E:4B:33:1E:53:EF:CB:D2:FA:EB:F1:B7
Certificate issuer: /CN=a56316c7129831e0511079532ded81dc12c81da0
Certificate serial: 018CC3492F5FE2BF5181717144387165C2FD
Authority key identifier: A5:63:16:C7:12:98:31:E0:51:10:79:53:2D:ED:81:DC:12:C8:1D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pWMWxxKYMeBREHlTLe2B3BLIHaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/fPQxK5A0xSB-SzMeU-_L0vrr8bc.roa
Signing time: Mon 01 Jan 2024 04:30:02 +0000
ROA not before: Mon 01 Jan 2024 04:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64441
IP address blocks: 194.102.162.0/24 maxlen: 24
91.206.160.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:2f:5f:e2:bf:51:81:71:71:44:38:71:65:c2:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a56316c7129831e0511079532ded81dc12c81da0
Validity
Not Before: Jan 1 04:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cf4312b9034c5207e4b331e53efcbd2faebf1b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b6:7c:1a:92:cb:ef:dd:fd:04:67:34:ed:54:
ba:16:bf:d9:41:5a:a5:de:d6:de:6c:6d:63:50:fd:
28:65:f6:b1:6d:c5:a5:32:8e:63:67:5a:79:fe:60:
46:eb:26:f5:b0:2d:84:35:ed:ac:aa:ca:b7:0e:c2:
1a:d6:59:27:67:6f:46:a5:fe:a2:6b:b9:09:f1:0f:
95:a8:29:c6:94:77:53:fb:e8:30:2b:40:ca:07:82:
1d:a2:40:68:03:1a:74:b4:4c:72:6a:13:c2:7f:8f:
b1:14:5b:fa:79:b5:b4:a1:87:a2:96:3f:5d:5d:28:
a9:48:78:fd:67:25:14:d1:2f:68:8b:50:4c:44:ca:
73:a1:40:86:46:9e:9a:97:7e:d7:87:74:1a:f6:c9:
e4:cd:03:ed:a9:eb:6b:a1:7d:8c:38:c0:20:2e:4a:
1a:cd:90:ef:37:46:5c:00:99:b9:74:f7:e1:1d:30:
c4:ef:09:63:5b:0f:b4:9c:19:8e:f0:bd:2f:4f:a9:
72:26:74:0f:20:40:3c:d0:d2:7c:c5:4f:ba:7f:05:
2c:29:6e:45:42:f4:cb:6d:a9:62:d6:85:3d:4b:ae:
24:54:a8:47:08:dc:a4:05:57:73:0d:61:d3:7d:e4:
be:34:e7:51:a4:05:b8:01:65:52:5b:e2:b1:cf:dd:
5e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:F4:31:2B:90:34:C5:20:7E:4B:33:1E:53:EF:CB:D2:FA:EB:F1:B7
X509v3 Authority Key Identifier:
keyid:A5:63:16:C7:12:98:31:E0:51:10:79:53:2D:ED:81:DC:12:C8:1D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pWMWxxKYMeBREHlTLe2B3BLIHaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/fPQxK5A0xSB-SzMeU-_L0vrr8bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/pWMWxxKYMeBREHlTLe2B3BLIHaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.160.0/23
194.102.162.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:05:78:31:b4:5d:56:88:9a:10:4a:57:04:54:9f:7e:7a:d7:
0a:be:dd:00:a7:91:51:f1:7f:88:d8:d2:8b:45:27:8e:4d:60:
77:ad:3e:1e:19:65:31:47:ed:fe:49:eb:36:5c:f8:5f:92:fa:
f9:81:02:3e:c9:9b:b1:53:9f:65:59:4e:de:a1:1a:59:6d:ed:
18:76:43:0b:85:ca:76:53:51:e6:c8:a7:32:cd:26:21:76:93:
dd:dd:6a:e4:3c:b7:56:f2:69:ad:a1:be:d5:f5:a5:2a:94:f6:
ef:e3:04:52:6c:c3:31:4d:ad:4e:d0:89:81:5a:1c:e0:fc:45:
82:12:ee:59:69:9b:80:30:02:b8:6c:c4:49:ce:60:c5:5b:be:
ef:01:4f:2a:43:fb:c2:df:f6:89:d7:c4:20:dd:12:17:d2:a2:
8b:25:6f:be:59:77:0e:73:31:9a:b4:02:c2:72:15:75:1e:02:
5d:a7:79:cf:5b:9e:7a:92:8f:70:be:d4:3e:97:0c:7e:7b:00:
1e:fe:f0:5c:da:26:00:a4:a6:ad:4f:af:bc:18:37:78:c4:da:
06:15:65:f4:00:cd:8c:9c:3f:e2:d0:63:34:c6:a1:4a:0b:99:
63:a9:7f:2f:a0:25:56:d2:9d:cd:14:1a:40:ca:f9:35:49:05:
7a:3d:9a:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSS9f4r9RgXFxRDhxZcL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NjMxNmM3MTI5ODMxZTA1MTEwNzk1MzJkZWQ4MWRjMTJj
ODFkYTAwHhcNMjQwMTAxMDQzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Y0MzEyYjkwMzRjNTIwN2U0YjMzMWU1M2VmY2JkMmZhZWJmMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7Z8GpLL7939BGc07VS6Fr/ZQVql
3tbebG1jUP0oZfaxbcWlMo5jZ1p5/mBG6yb1sC2ENe2sqsq3DsIa1lknZ29Gpf6i
a7kJ8Q+VqCnGlHdT++gwK0DKB4IdokBoAxp0tExyahPCf4+xFFv6ebW0oYeilj9d
XSipSHj9ZyUU0S9oi1BMRMpzoUCGRp6al37Xh3Qa9snkzQPtqetroX2MOMAgLkoa
zZDvN0ZcAJm5dPfhHTDE7wljWw+0nBmO8L0vT6lyJnQPIEA80NJ8xU+6fwUsKW5F
QvTLbali1oU9S64kVKhHCNykBVdzDWHTfeS+NOdRpAW4AWVSW+Kxz91ehQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHz0MSuQNMUgfkszHlPvy9L66/G3MB8GA1UdIwQY
MBaAFKVjFscSmDHgURB5Uy3tgdwSyB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFdNV3h4S1lNZUJSRUhsVExlMkIzQkxJSGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80ZDkyNjctNGVhYy00MjEzLTliY2It
MjhiODJjMGExNGYwLzEvZlBReEs1QTB4U0ItU3pNZVUtX0wwdnJyOGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS80ZDkyNjctNGVhYy00MjEzLTliY2ItMjhiODJjMGExNGYw
LzEvcFdNV3h4S1lNZUJSRUhsVExlMkIzQkxJSGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW86gAwQA
wmaiMA0GCSqGSIb3DQEBCwUAA4IBAQC5BXgxtF1WiJoQSlcEVJ9+etcKvt0Ap5FR
8X+I2NKLRSeOTWB3rT4eGWUxR+3+Ses2XPhfkvr5gQI+yZuxU59lWU7eoRpZbe0Y
dkMLhcp2U1HmyKcyzSYhdpPd3WrkPLdW8mmtob7V9aUqlPbv4wRSbMMxTa1O0ImB
Whzg/EWCEu5ZaZuAMAK4bMRJzmDFW77vAU8qQ/vC3/aJ18Qg3RIX0qKLJW++WXcO
czGatALCchV1HgJdp3nPW556ko9wvtQ+lwx+ewAe/vBc2iYApKatT6+8GDd4xNoG
FWX0AM2MnD/i0GM0xqFKC5ljqX8voCVW0p3NFBpAyvk1SQV6PZrF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:43 2025 by rpki-client