Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/Fo_rY69kdEVAv2faJ1adbvz70qk.roa
File: Fo_rY69kdEVAv2faJ1adbvz70qk.roa (raw, json)
Hash identifier: 2/s2Ea7p9Op9qSURaZynUx0Cd06hSzRh0PRfSoz2Rig=
Subject key identifier: 16:8F:EB:63:AF:64:74:45:40:BF:67:DA:27:56:9D:6E:FC:FB:D2:A9
Certificate issuer: /CN=b5344218a4880b500c033321e76bd78b4f3c1658
Certificate serial: 018CC8710AFCCA190B54963F43EAF036FCAD
Authority key identifier: B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/Fo_rY69kdEVAv2faJ1adbvz70qk.roa
Signing time: Tue 02 Jan 2024 04:31:40 +0000
ROA not before: Tue 02 Jan 2024 04:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34615
IP address blocks: 192.109.30.0/24 maxlen: 24
192.109.37.0/24 maxlen: 24
192.109.38.0/24 maxlen: 24
192.109.47.0/24 maxlen: 24
2a0f:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 05 Apr 2024 15:31:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:0a:fc:ca:19:0b:54:96:3f:43:ea:f0:36:fc:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5344218a4880b500c033321e76bd78b4f3c1658
Validity
Not Before: Jan 2 04:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=168feb63af64744540bf67da27569d6efcfbd2a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c6:73:58:b2:4b:25:32:9f:0d:77:bf:3b:b9:
ee:45:68:b3:34:a3:39:35:d9:bb:dc:0f:4a:ea:d2:
ee:76:60:e8:68:95:11:f9:98:e5:f1:c7:43:10:0b:
b7:13:b1:e3:29:54:c1:49:a8:fc:41:8d:57:59:16:
28:d1:eb:5b:fc:be:e2:d0:62:c1:5c:29:d2:fc:16:
ba:35:62:c1:d0:5e:49:85:15:7e:d2:4d:f1:98:97:
ee:ca:74:c8:11:6e:d9:28:d8:c4:6a:af:a5:2c:52:
69:29:27:84:2e:55:75:37:d7:8a:ed:4b:2b:c5:19:
3e:ba:aa:eb:7f:ba:ab:e2:fc:d1:ca:70:f1:d3:ae:
48:01:06:52:8a:09:a4:50:8c:21:99:39:eb:d8:d2:
ce:68:7e:b3:6b:4d:25:29:63:fe:08:e5:17:fd:48:
0e:2b:1d:0f:98:01:73:30:ed:9a:75:b3:ce:7c:47:
d4:0c:90:61:a5:d9:08:8c:09:ed:13:ff:86:64:53:
87:db:6b:ba:29:35:50:36:9f:e8:7b:1e:7a:95:e0:
78:91:c2:e5:79:a9:87:8c:b4:f1:4c:13:ce:67:44:
9d:b9:fb:ac:ee:75:cf:f6:37:cb:be:44:63:da:61:
e3:9b:1e:eb:75:e9:86:e2:1e:74:ea:de:6d:a3:2b:
77:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:8F:EB:63:AF:64:74:45:40:BF:67:DA:27:56:9D:6E:FC:FB:D2:A9
X509v3 Authority Key Identifier:
keyid:B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/Fo_rY69kdEVAv2faJ1adbvz70qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.30.0/24
192.109.37.0-192.109.38.255
192.109.47.0/24
IPv6:
2a0f:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
2e:20:49:08:48:48:0c:04:f2:2f:1a:4d:47:60:17:80:26:78:
9a:39:85:89:59:c7:df:3a:de:04:96:b5:6f:cc:bc:ff:19:70:
66:15:c4:48:93:09:29:92:0f:91:01:12:22:58:3e:82:1f:0b:
fe:fb:cd:fb:63:3d:54:08:57:c0:54:95:01:06:ae:46:af:5f:
a9:a1:4f:b8:08:b6:57:b0:9c:9c:d2:90:b8:36:0e:74:5b:96:
f4:90:9d:67:b6:75:64:d9:03:9c:04:df:25:d4:33:ec:a2:58:
91:5b:f6:05:f5:e9:08:d5:26:85:d8:47:f1:e0:dc:e7:fb:16:
6c:e3:1c:a6:e7:d7:5f:13:f1:d5:de:a8:33:6f:53:14:e2:ba:
45:e3:31:24:74:cf:76:1e:71:df:f7:c6:a9:4b:16:eb:22:ac:
33:66:e5:0c:3a:9b:f9:1d:93:b7:7a:68:6e:be:da:dc:ad:f4:
94:a0:de:7a:2e:a9:58:b9:74:8c:c4:70:63:68:51:b4:49:8f:
9b:0a:94:93:22:07:3e:83:fd:2c:77:5d:af:7b:fa:f6:c6:27:
74:e4:2b:b3:05:19:1d:61:84:a9:2d:80:47:31:ef:63:d7:d8:
46:7d:cf:f9:74:a5:b6:74:61:b5:e6:b1:22:2b:f6:3d:0c:e4:
d8:b9:31:ce
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzIcQr8yhkLVJY/Q+rwNvytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzQ0MjE4YTQ4ODBiNTAwYzAzMzMyMWU3NmJkNzhiNGYz
YzE2NTgwHhcNMjQwMTAyMDQzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjhmZWI2M2FmNjQ3NDQ1NDBiZjY3ZGEyNzU2OWQ2ZWZjZmJkMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMZzWLJLJTKfDXe/O7nuRWizNKM5
Ndm73A9K6tLudmDoaJUR+Zjl8cdDEAu3E7HjKVTBSaj8QY1XWRYo0etb/L7i0GLB
XCnS/Ba6NWLB0F5JhRV+0k3xmJfuynTIEW7ZKNjEaq+lLFJpKSeELlV1N9eK7Usr
xRk+uqrrf7qr4vzRynDx065IAQZSigmkUIwhmTnr2NLOaH6za00lKWP+COUX/UgO
Kx0PmAFzMO2adbPOfEfUDJBhpdkIjAntE/+GZFOH22u6KTVQNp/oex56leB4kcLl
eamHjLTxTBPOZ0Sdufus7nXP9jfLvkRj2mHjmx7rdemG4h506t5toyt3WwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBaP62OvZHRFQL9n2idWnW78+9KpMB8GA1UdIwQY
MBaAFLU0QhikiAtQDAMzIedr14tPPBZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQt
Y2ZhYjEwZDMwNjkzLzEvRm9fclk2OWtkRVZBdjJmYUoxYWRidno3MHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQtY2ZhYjEwZDMwNjkz
LzEvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAwG0eMAwD
BADAbSUDBADAbSYDBADAbS8wDQQCAAIwBwMFAyoPbEAwDQYJKoZIhvcNAQELBQAD
ggEBAC4gSQhISAwE8i8aTUdgF4AmeJo5hYlZx9863gSWtW/MvP8ZcGYVxEiTCSmS
D5EBEiJYPoIfC/77zftjPVQIV8BUlQEGrkavX6mhT7gItlewnJzSkLg2DnRblvSQ
nWe2dWTZA5wE3yXUM+yiWJFb9gX16QjVJoXYR/Hg3Of7FmzjHKbn118T8dXeqDNv
UxTiukXjMSR0z3Yecd/3xqlLFusirDNm5Qw6m/kdk7d6aG6+2tyt9JSg3nouqVi5
dIzEcGNoUbRJj5sKlJMiBz6D/Sx3Xa97+vbGJ3TkK7MFGR1hhKktgEcx72PX2EZ9
z/l0pbZ0YbXmsSIr9j0M5Ni5Mc4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:39:32 2025 by rpki-client