Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/fxTOfus4N-318ShL9ubtoBi1qjs.roa
File: fxTOfus4N-318ShL9ubtoBi1qjs.roa (raw, json)
Hash identifier: Hn26OcpXEvnGI66X60J5uM4H/zPjhcu613hV2U5805c=
Subject key identifier: 7F:14:CE:7E:EB:38:37:ED:F5:F1:28:4B:F6:E6:ED:A0:18:B5:AA:3B
Certificate issuer: /CN=e87ce7df23140c0005125a61aad721531e681f0e
Certificate serial: 01928885A292AA85AF47C44E2CEF7FEAA65F
Authority key identifier: E8:7C:E7:DF:23:14:0C:00:05:12:5A:61:AA:D7:21:53:1E:68:1F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/fxTOfus4N-318ShL9ubtoBi1qjs.roa
Signing time: Mon 14 Oct 2024 00:55:12 +0000
ROA not before: Mon 14 Oct 2024 00:55:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47160
IP address blocks: 31.14.68.0/22 maxlen: 24
45.112.120.0/23 maxlen: 24
45.112.122.0/24 maxlen: 24
45.112.123.0/24 maxlen: 24
185.126.228.0/22 maxlen: 24
2a06:c480::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 16 Oct 2024 09:58:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:88:85:a2:92:aa:85:af:47:c4:4e:2c:ef:7f:ea:a6:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e87ce7df23140c0005125a61aad721531e681f0e
Validity
Not Before: Oct 14 00:55:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f14ce7eeb3837edf5f1284bf6e6eda018b5aa3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0b:ca:b3:d7:aa:42:57:02:9d:cb:ce:f4:3e:
3e:bf:9f:f3:31:ec:e9:ca:60:f9:92:ac:da:35:8c:
9b:9c:b4:48:a2:dc:06:ff:9c:9f:14:30:53:f0:c2:
98:b1:3a:e3:dc:98:85:34:bd:5f:53:34:de:23:32:
a1:ae:e0:98:f7:60:19:94:c8:db:43:ac:78:ee:0d:
85:57:b4:de:d1:bb:a2:15:12:24:7f:80:11:ac:18:
d7:2c:66:ab:49:50:72:3f:cb:8c:05:75:a8:9f:f3:
a7:cc:4a:1c:e3:11:cd:98:17:f9:18:60:e5:0f:ba:
3a:db:37:df:3e:21:33:0c:bc:b4:19:e0:2d:22:d1:
c8:e4:c6:06:ce:15:4e:22:5d:80:1a:26:cd:76:19:
9f:9b:78:9a:4b:c2:97:66:1c:b5:ba:96:0b:d0:7d:
fc:7c:b9:0f:37:22:99:7c:fa:81:79:90:d4:d1:b8:
3d:92:51:eb:fd:d1:11:7b:15:2e:f7:95:3e:62:9d:
5b:0a:2f:92:cd:ed:12:64:02:2a:73:04:fb:95:9a:
9c:01:19:c2:d5:47:cb:21:f1:ab:db:2e:54:58:13:
4f:22:bc:8d:70:a9:d6:a1:c4:a0:cb:1e:04:dd:f0:
45:7c:0d:b9:86:96:b1:53:6e:8a:53:a7:08:e8:62:
38:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:14:CE:7E:EB:38:37:ED:F5:F1:28:4B:F6:E6:ED:A0:18:B5:AA:3B
X509v3 Authority Key Identifier:
keyid:E8:7C:E7:DF:23:14:0C:00:05:12:5A:61:AA:D7:21:53:1E:68:1F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/fxTOfus4N-318ShL9ubtoBi1qjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/6Hzn3yMUDAAFElphqtchUx5oHw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.68.0/22
45.112.120.0/22
185.126.228.0/22
IPv6:
2a06:c480::/29
Signature Algorithm: sha256WithRSAEncryption
29:8f:dc:8a:16:dc:66:30:c8:03:c8:fd:57:d1:66:5b:34:28:
9b:22:8d:31:c2:04:eb:e4:2a:3d:ea:1f:2a:84:46:76:27:56:
bb:e7:a1:41:ab:bf:1a:f0:ab:4d:d7:f5:08:2c:fa:07:57:33:
9a:23:4d:3d:c8:c2:09:dc:62:6f:fb:e0:6e:a2:97:fd:aa:31:
16:ad:06:63:53:d4:ba:9b:81:94:4e:45:7d:23:4a:c5:01:9e:
a5:b6:fa:fb:e0:d8:70:29:5f:86:6b:a8:80:47:f5:51:b6:ad:
31:34:fc:12:1c:e6:f4:be:df:d2:eb:3d:c5:a5:61:d0:c8:a9:
ed:af:2f:a6:aa:b9:31:d2:d0:3b:23:ee:ec:99:b5:8e:cf:3e:
2d:92:f5:d1:11:84:80:e3:f9:04:aa:c9:2c:f9:a4:38:09:f7:
82:6f:2a:b6:e0:08:46:54:f2:24:82:25:d7:52:dd:ea:c4:7e:
58:3f:ef:c1:c1:2d:ea:1a:1e:f5:a2:1a:dc:8a:e6:a4:b0:0d:
5e:e6:93:6d:2f:cd:63:b9:18:1a:8e:44:f1:ae:68:50:55:6d:
90:06:64:74:58:d6:2d:97:b5:6e:e5:8f:4c:e7:d0:b9:2e:95:
12:ec:0a:28:ff:90:9b:b4:24:e9:94:34:e9:46:bf:72:32:a2:
8a:27:c1:39
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZKIhaKSqoWvR8ROLO9/6qZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4N2NlN2RmMjMxNDBjMDAwNTEyNWE2MWFhZDcyMTUzMWU2
ODFmMGUwHhcNMjQxMDE0MDA1NTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjE0Y2U3ZWViMzgzN2VkZjVmMTI4NGJmNmU2ZWRhMDE4YjVhYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAvKs9eqQlcCncvO9D4+v5/zMezp
ymD5kqzaNYybnLRIotwG/5yfFDBT8MKYsTrj3JiFNL1fUzTeIzKhruCY92AZlMjb
Q6x47g2FV7Te0buiFRIkf4ARrBjXLGarSVByP8uMBXWon/OnzEoc4xHNmBf5GGDl
D7o62zffPiEzDLy0GeAtItHI5MYGzhVOIl2AGibNdhmfm3iaS8KXZhy1upYL0H38
fLkPNyKZfPqBeZDU0bg9klHr/dERexUu95U+Yp1bCi+Sze0SZAIqcwT7lZqcARnC
1UfLIfGr2y5UWBNPIryNcKnWocSgyx4E3fBFfA25hpaxU26KU6cI6GI4dQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFH8Uzn7rODft9fEoS/bm7aAYtao7MB8GA1UdIwQY
MBaAFOh8598jFAwABRJaYarXIVMeaB8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkh6bjN5TVVEQUFGRWxwaHF0Y2hVeDVvSHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzY3NDctNjI0YS00OTRlLTk0YjIt
MzIzZDM0ZGVmYzhhLzEvZnhUT2Z1czROLTMxOFNoTDl1YnRvQmkxcWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzY3NDctNjI0YS00OTRlLTk0YjItMzIzZDM0ZGVmYzhh
LzEvNkh6bjN5TVVEQUFGRWxwaHF0Y2hVeDVvSHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCHw5EAwQC
LXB4AwQCuX7kMA0EAgACMAcDBQMqBsSAMA0GCSqGSIb3DQEBCwUAA4IBAQApj9yK
FtxmMMgDyP1X0WZbNCibIo0xwgTr5Co96h8qhEZ2J1a756FBq78a8KtN1/UILPoH
VzOaI009yMIJ3GJv++Buopf9qjEWrQZjU9S6m4GUTkV9I0rFAZ6ltvr74NhwKV+G
a6iAR/VRtq0xNPwSHOb0vt/S6z3FpWHQyKntry+mqrkx0tA7I+7smbWOzz4tkvXR
EYSA4/kEqsks+aQ4CfeCbyq24AhGVPIkgiXXUt3qxH5YP+/BwS3qGh71ohrciuak
sA1e5pNtL81juRgajkTxrmhQVW2QBmR0WNYtl7Vu5Y9M59C5LpUS7Aoo/5CbtCTp
lDTpRr9yMqKKJ8E5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:24 2025 by rpki-client