Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/1-FbyRtXhKSPVMDOZpn8tcU-813M.roa
File: 1-FbyRtXhKSPVMDOZpn8tcU-813M.roa (raw, json)
Hash identifier: NPeLZqnqc1fGPHOJ+r1EZKw2//+Hh8fwP6vTaz4iBRc=
Subject key identifier: F8:56:F2:46:D5:E1:29:23:D5:30:33:99:A6:7F:2D:71:4F:BC:D7:73
Certificate issuer: /CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Certificate serial: 018CC348C61D5AC592BC4A5586CCE90DF796
Authority key identifier: 02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/1-FbyRtXhKSPVMDOZpn8tcU-813M.roa
Signing time: Mon 01 Jan 2024 04:29:35 +0000
ROA not before: Mon 01 Jan 2024 04:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206174
IP address blocks: 193.31.221.0/24 maxlen: 24
66.84.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c6:1d:5a:c5:92:bc:4a:55:86:cc:e9:0d:f7:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Validity
Not Before: Jan 1 04:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f856f246d5e12923d5303399a67f2d714fbcd773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a0:9f:5f:03:83:f9:ad:08:cf:5c:bd:74:32:
dc:16:ef:2f:f4:64:3b:05:0d:7a:52:d6:4a:10:f9:
34:e0:7f:c5:eb:74:3b:9a:94:b4:98:0c:f7:59:05:
84:64:40:40:3c:fd:c0:04:ca:94:a7:89:4e:f1:75:
0f:c9:1f:92:6c:18:9c:a0:65:45:61:b6:9c:46:9b:
b4:3d:22:50:5b:e7:cc:88:6f:d7:00:1b:15:1f:6f:
e3:c8:3e:ae:d6:18:52:2a:a3:1e:70:a0:1b:15:c1:
0e:f1:93:e9:12:4f:4b:56:79:d3:f9:b6:2a:2f:12:
07:4c:08:68:fc:6b:d8:9d:41:36:43:b1:1e:b7:7b:
5d:94:60:0d:76:23:67:e4:d6:0f:89:e3:86:a1:71:
62:12:ee:23:4e:39:a2:50:d9:89:3b:ce:0d:43:f0:
d0:71:5d:b2:ab:f7:fd:7b:73:9d:ca:0a:83:bd:f8:
51:52:d9:ef:20:39:6b:c2:e0:f6:6f:dc:da:c8:1d:
28:78:2c:2b:a7:a5:86:f1:9b:ee:83:04:8e:ec:01:
d3:d9:63:98:08:6f:0b:07:2d:27:f9:3f:b7:0e:f6:
16:40:f2:3c:f8:37:2d:34:55:60:93:45:ef:e6:3d:
60:f6:82:bd:6c:37:09:5b:b8:f4:6d:18:16:05:36:
4c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:56:F2:46:D5:E1:29:23:D5:30:33:99:A6:7F:2D:71:4F:BC:D7:73
X509v3 Authority Key Identifier:
keyid:02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/1-FbyRtXhKSPVMDOZpn8tcU-813M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Akbop20wx8BJW8XOjuURD-qyhuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.84.72.0/24
193.31.221.0/24
Signature Algorithm: sha256WithRSAEncryption
48:37:8c:6b:cd:64:d8:4e:ea:e0:bc:67:b2:d7:ba:d2:eb:f9:
e0:78:c7:87:82:b5:a5:cf:06:13:95:ac:5a:6a:57:d9:6d:e0:
e1:e2:5f:13:31:39:49:14:18:ef:6a:82:6a:45:3e:ed:6e:43:
41:17:ea:44:a9:e0:ed:3c:09:a0:00:d7:ab:5e:36:ca:3f:6d:
8e:53:b0:77:3b:6a:71:f2:72:4e:b4:59:51:61:13:78:1a:48:
c4:25:39:58:8b:ec:d2:a2:e5:1f:98:23:db:b3:bd:8e:84:03:
4f:39:84:21:c5:8f:59:02:a3:a3:2e:9d:69:8f:ea:07:24:af:
69:a0:1e:a4:44:a5:9a:7e:55:dc:72:d5:b5:a9:bd:90:de:9f:
c8:4b:de:34:8f:ec:23:fd:b0:c7:2d:c9:84:bb:9b:1c:aa:9c:
b0:0d:07:8d:1b:9c:5e:c6:fb:f0:59:5f:ec:aa:72:06:6e:fd:
40:52:b6:35:04:72:88:c0:8e:91:56:3e:91:9e:fe:8e:8a:c1:
62:0a:3c:e5:e3:ef:fe:90:ce:10:ca:0a:b2:4f:66:5a:09:cc:
77:7d:4e:00:55:98:16:c6:02:56:07:f3:b6:b8:88:a9:a7:fc:
be:d8:67:ac:16:b5:7e:79:e4:8d:58:3b:f7:da:83:1d:66:fc:
9a:93:f3:ff
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzDSMYdWsWSvEpVhszpDfeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDZlOGE3NmQzMGM3YzA0OTViYzVjZThlZTUxMTBmZWFi
Mjg2ZTYwHhcNMjQwMTAxMDQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODU2ZjI0NmQ1ZTEyOTIzZDUzMDMzOTlhNjdmMmQ3MTRmYmNkNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaCfXwOD+a0Iz1y9dDLcFu8v9GQ7
BQ16UtZKEPk04H/F63Q7mpS0mAz3WQWEZEBAPP3ABMqUp4lO8XUPyR+SbBicoGVF
YbacRpu0PSJQW+fMiG/XABsVH2/jyD6u1hhSKqMecKAbFcEO8ZPpEk9LVnnT+bYq
LxIHTAho/GvYnUE2Q7Eet3tdlGANdiNn5NYPieOGoXFiEu4jTjmiUNmJO84NQ/DQ
cV2yq/f9e3OdygqDvfhRUtnvIDlrwuD2b9zayB0oeCwrp6WG8ZvugwSO7AHT2WOY
CG8LBy0n+T+3DvYWQPI8+DctNFVgk0Xv5j1g9oK9bDcJW7j0bRgWBTZMXwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPhW8kbV4Skj1TAzmaZ/LXFPvNdzMB8GA1UdIwQY
MBaAFAJG6KdtMMfASVvFzo7lEQ/qsobmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtib3AyMHd4OEJKVzhYT2p1VVJELXF5aHVZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jMGE1NzYtYTIyMC00ZGUwLWFhYzEt
N2I5NmE5OTk3NzE4LzEvMS1GYnlSdFhoS1NQVk1ET1pwbjh0Y1UtODEzTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODYvYzBhNTc2LWEyMjAtNGRlMC1hYWMxLTdiOTZhOTk5Nzcx
OC8xL0FrYm9wMjB3eDhCSlc4WE9qdVVSRC1xeWh1WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAEJUSAME
AMEf3TANBgkqhkiG9w0BAQsFAAOCAQEASDeMa81k2E7q4Lxnste60uv54HjHh4K1
pc8GE5WsWmpX2W3g4eJfEzE5SRQY72qCakU+7W5DQRfqRKng7TwJoADXq142yj9t
jlOwdztqcfJyTrRZUWETeBpIxCU5WIvs0qLlH5gj27O9joQDTzmEIcWPWQKjoy6d
aY/qBySvaaAepESlmn5V3HLVtam9kN6fyEveNI/sI/2wxy3JhLubHKqcsA0HjRuc
Xsb78Flf7KpyBm79QFK2NQRyiMCOkVY+kZ7+jorBYgo85ePv/pDOEMoKsk9mWgnM
d31OAFWYFsYCVgfztriIqaf8vthnrBa1fnnkjVg799qDHWb8mpPz/w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:47 2025 by rpki-client