Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/fF_WF68aIjdAuGRJOF93F3FEv2w.roa
File: fF_WF68aIjdAuGRJOF93F3FEv2w.roa (raw, json)
Hash identifier: yFafFfytQieHRLxht6ED427F8SvvqtxgkqlXy0Gd+Gc=
Subject key identifier: 7C:5F:D6:17:AF:1A:22:37:40:B8:64:49:38:5F:77:17:71:44:BF:6C
Certificate issuer: /CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Certificate serial: 018CC2DB54E8027F53F84135DA28FA8152EB
Authority key identifier: 32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/fF_WF68aIjdAuGRJOF93F3FEv2w.roa
Signing time: Mon 01 Jan 2024 02:30:03 +0000
ROA not before: Mon 01 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49621
IP address blocks: 185.105.200.0/22 maxlen: 22
188.64.48.0/21 maxlen: 21
2a03:8f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:54:e8:02:7f:53:f8:41:35:da:28:fa:81:52:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Validity
Not Before: Jan 1 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c5fd617af1a223740b86449385f77177144bf6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9a:c2:d3:b0:af:4f:a3:18:64:0a:a7:1f:04:
de:02:fc:f2:9f:1e:03:d0:fa:05:c7:d7:b9:ed:89:
b2:9f:79:e8:34:ab:33:54:c8:aa:3e:88:e4:b5:f9:
d6:08:73:4f:91:f0:38:0d:c8:10:b9:1a:0e:55:15:
6a:38:c3:ca:24:15:f0:6b:96:36:19:d9:e3:3a:7d:
f3:6b:7a:c0:fc:cd:51:e9:ce:93:59:14:ff:1f:53:
aa:43:e1:a2:9f:a7:67:4a:61:4d:f0:17:14:c4:2b:
42:e0:51:16:38:47:73:08:ea:c2:40:a0:85:7c:2c:
9d:3f:8a:67:4c:2f:56:65:e9:23:98:eb:87:d1:38:
2f:92:0d:18:3a:73:71:48:ee:c6:be:86:36:64:9c:
d9:7b:51:0a:2d:74:15:bc:b7:dc:8b:79:a9:20:6f:
c3:f5:fc:d0:3d:74:44:4c:28:88:20:42:6c:22:60:
c9:12:70:49:f0:dd:d6:1e:9e:1f:b5:54:d9:ce:97:
03:85:20:5a:fe:45:a4:c9:0e:61:e2:81:cf:97:70:
5f:6d:f0:8b:7c:eb:3f:40:d1:18:a8:6b:23:ca:87:
33:ea:98:91:68:fa:7f:9e:7b:cf:5b:89:20:84:f9:
bb:8e:62:d6:ff:8b:07:6e:e6:0e:63:6c:78:d3:4d:
3f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:5F:D6:17:AF:1A:22:37:40:B8:64:49:38:5F:77:17:71:44:BF:6C
X509v3 Authority Key Identifier:
keyid:32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/fF_WF68aIjdAuGRJOF93F3FEv2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.200.0/22
188.64.48.0/21
IPv6:
2a03:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
7a:ed:6a:3a:1e:c3:ca:c0:be:7b:10:23:2d:81:67:f3:a7:33:
f4:2a:9d:e9:af:e7:8b:5e:d8:e8:b0:8d:9f:09:7d:2f:51:5f:
d3:98:8a:33:76:20:f6:4e:c2:f2:00:19:fe:4a:4a:01:36:f1:
00:a5:73:87:ce:ad:63:9f:53:3c:57:e5:03:5d:c7:d9:f4:9a:
0f:65:5a:29:72:f1:1c:d8:4d:88:f9:95:e9:e1:3d:31:bc:c8:
4a:95:c7:17:81:55:65:57:26:27:ac:cf:9a:6f:9d:22:a7:30:
01:28:a3:2e:6c:36:19:9a:6e:a2:f5:d9:3d:96:fa:33:0e:ae:
96:24:73:70:f3:82:c2:22:15:43:4a:f2:7f:91:71:0c:b2:f1:
ee:11:be:48:86:48:78:86:f6:c0:41:b1:c0:bf:1b:4f:b5:b2:
e7:8f:3d:a1:f7:0a:d6:06:3d:5b:34:1c:2f:29:4e:e1:17:6b:
45:fc:05:4c:02:fa:dd:1f:23:b4:aa:94:54:5d:5a:0f:f0:82:
bb:3f:4f:97:46:09:dd:71:9b:9d:b1:13:35:c6:0e:49:16:d8:
d4:43:37:2a:5c:e6:11:18:f2:b2:66:21:d9:45:06:7f:c5:a6:
77:8a:ff:cd:8c:6b:4a:3c:54:3c:9f:fd:72:23:e4:ad:6b:1d:
dc:16:d7:f7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC21ToAn9T+EE12ij6gVLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyM2FiNWJhOThiZWY1ZDBkOWJkMGNlYTAzMWExZmUxMzc3
N2E0ODYwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzVmZDYxN2FmMWEyMjM3NDBiODY0NDkzODVmNzcxNzcxNDRiZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJrC07CvT6MYZAqnHwTeAvzynx4D
0PoFx9e57Ymyn3noNKszVMiqPojktfnWCHNPkfA4DcgQuRoOVRVqOMPKJBXwa5Y2
GdnjOn3za3rA/M1R6c6TWRT/H1OqQ+Gin6dnSmFN8BcUxCtC4FEWOEdzCOrCQKCF
fCydP4pnTC9WZekjmOuH0Tgvkg0YOnNxSO7GvoY2ZJzZe1EKLXQVvLfci3mpIG/D
9fzQPXRETCiIIEJsImDJEnBJ8N3WHp4ftVTZzpcDhSBa/kWkyQ5h4oHPl3BfbfCL
fOs/QNEYqGsjyocz6piRaPp/nnvPW4kghPm7jmLW/4sHbuYOY2x4000/NwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHxf1hevGiI3QLhkSThfdxdxRL9sMB8GA1UdIwQY
MBaAFDI6tbqYvvXQ2b0M6gMaH+E3d6SGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWpxMXVwaS05ZERadlF6cUF4b2Y0VGQzcElZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9iMDEyOTAtZDc2ZC00MmQ4LWEyMzQt
Zjk1MTI0OTllMDVjLzEvZkZfV0Y2OGFJamRBdUdSSk9GOTNGM0ZFdjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9iMDEyOTAtZDc2ZC00MmQ4LWEyMzQtZjk1MTI0OTllMDVj
LzEvTWpxMXVwaS05ZERadlF6cUF4b2Y0VGQzcElZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWnIAwQD
vEAwMA0EAgACMAcDBQMqA48AMA0GCSqGSIb3DQEBCwUAA4IBAQB67Wo6HsPKwL57
ECMtgWfzpzP0Kp3pr+eLXtjosI2fCX0vUV/TmIozdiD2TsLyABn+SkoBNvEApXOH
zq1jn1M8V+UDXcfZ9JoPZVopcvEc2E2I+ZXp4T0xvMhKlccXgVVlVyYnrM+ab50i
pzABKKMubDYZmm6i9dk9lvozDq6WJHNw84LCIhVDSvJ/kXEMsvHuEb5Ihkh4hvbA
QbHAvxtPtbLnjz2h9wrWBj1bNBwvKU7hF2tF/AVMAvrdHyO0qpRUXVoP8IK7P0+X
RgndcZudsRM1xg5JFtjUQzcqXOYRGPKyZiHZRQZ/xaZ3iv/NjGtKPFQ8n/1yI+St
ax3cFtf3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:26 2025 by rpki-client