Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/fKqEFmYX4hLp6dYgpuklD7YAZMA.roa
File: fKqEFmYX4hLp6dYgpuklD7YAZMA.roa (raw, json)
Hash identifier: vBmVuUpiVZ/kY7U5Z189L/b5Eo9rll/jBa0ymgSWUMc=
Subject key identifier: 7C:AA:84:16:66:17:E2:12:E9:E9:D6:20:A6:E9:25:0F:B6:00:64:C0
Certificate issuer: /CN=175501d93e9b2b1a4fed308e2ae431cc277e69e0
Certificate serial: 0191DFFA4DB4668F05D59F5A5843FD6FD719
Authority key identifier: 17:55:01:D9:3E:9B:2B:1A:4F:ED:30:8E:2A:E4:31:CC:27:7E:69:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1UB2T6bKxpP7TCOKuQxzCd-aeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/fKqEFmYX4hLp6dYgpuklD7YAZMA.roa
Signing time: Wed 11 Sep 2024 07:26:48 +0000
ROA not before: Wed 11 Sep 2024 07:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5400
IP address blocks: 166.49.128.0/17 maxlen: 17
166.49.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Dec 2024 10:35:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:df:fa:4d:b4:66:8f:05:d5:9f:5a:58:43:fd:6f:d7:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=175501d93e9b2b1a4fed308e2ae431cc277e69e0
Validity
Not Before: Sep 11 07:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7caa84166617e212e9e9d620a6e9250fb60064c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:41:f0:84:61:9a:4c:b2:a4:1a:e0:49:8d:ef:
25:64:2f:52:5d:8b:f3:48:6c:4e:e3:87:8a:2c:1b:
f3:c7:2d:04:1c:94:2f:ef:44:2b:e9:1c:cb:c3:18:
ee:71:f6:84:46:25:48:a7:74:da:1f:b8:64:64:7c:
78:e8:96:48:b0:3c:9d:f6:5e:81:f8:d2:c6:eb:e2:
d8:b3:b4:23:84:48:70:58:39:0e:9c:98:dd:29:20:
a0:77:a5:b6:db:79:3b:70:77:f8:56:cd:74:52:c6:
bf:91:d4:01:ac:be:2a:b8:df:8f:4d:06:ea:ba:35:
2c:a3:8b:bd:24:79:5e:af:5f:69:41:98:72:7d:5d:
de:4c:8b:bb:0c:5e:a6:d0:82:9c:6c:e0:3c:33:77:
cb:42:f4:01:79:63:97:da:68:97:ad:75:1b:96:1c:
67:0e:a5:a5:97:c4:91:7e:43:9d:d9:6a:99:81:2a:
38:f9:c0:3c:d2:7a:b1:75:98:5d:63:9b:a0:68:c5:
df:30:72:3e:f8:79:13:75:71:f4:c5:13:96:7b:72:
5f:ed:f6:57:a0:ae:33:ef:47:fa:a9:8a:9b:5a:5e:
ec:2e:82:36:67:7f:7d:0a:65:9d:b2:79:74:2b:32:
b5:b6:9c:e4:3d:8e:da:ac:93:53:15:6d:34:55:22:
d1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:AA:84:16:66:17:E2:12:E9:E9:D6:20:A6:E9:25:0F:B6:00:64:C0
X509v3 Authority Key Identifier:
keyid:17:55:01:D9:3E:9B:2B:1A:4F:ED:30:8E:2A:E4:31:CC:27:7E:69:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1UB2T6bKxpP7TCOKuQxzCd-aeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/fKqEFmYX4hLp6dYgpuklD7YAZMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/F1UB2T6bKxpP7TCOKuQxzCd-aeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.49.128.0/17
Signature Algorithm: sha256WithRSAEncryption
42:13:00:d2:73:7d:bf:3b:d8:89:df:cf:c6:47:a7:0c:48:97:
32:35:a0:48:8c:e7:7e:40:a0:d8:6d:1b:ee:e6:c5:fa:0f:c1:
02:73:3b:c9:f9:7f:3a:f9:22:14:53:5c:ee:8b:46:91:66:50:
46:87:cc:b8:8c:06:ec:67:21:d5:6b:2d:0c:49:6b:6d:0b:4c:
cc:8a:6f:17:fe:89:55:9a:38:18:1c:dc:90:1a:e5:68:fc:a2:
47:08:07:b9:2f:82:57:fa:24:ae:cb:c9:5b:ff:65:8d:cc:d4:
30:9e:1c:02:10:77:d7:cd:92:0b:05:fd:77:28:e2:86:8f:d1:
5e:97:b2:fc:70:76:b6:c9:20:2a:3b:eb:3d:0f:25:0c:ab:a1:
df:91:a3:c2:cc:41:07:f6:24:2b:c8:63:1b:8e:ca:7e:5e:5e:
83:26:03:6a:0a:28:2e:53:3e:92:e7:88:e8:59:61:f7:a2:1d:
1d:30:a7:35:99:65:2f:2e:5e:fd:ef:01:2b:61:65:c3:95:da:
86:85:72:33:77:36:d3:4f:ef:c6:bb:79:0c:0f:7d:3a:45:5e:
99:dc:73:38:98:b6:79:7e:17:88:e9:5e:55:8e:4b:be:79:41:
f4:5d:35:ca:22:36:6b:7e:84:61:7d:28:28:15:17:53:6f:e7:
31:8e:f2:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHf+k20Zo8F1Z9aWEP9b9cZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTUwMWQ5M2U5YjJiMWE0ZmVkMzA4ZTJhZTQzMWNjMjc3
ZTY5ZTAwHhcNMjQwOTExMDcyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2FhODQxNjY2MTdlMjEyZTllOWQ2MjBhNmU5MjUwZmI2MDA2NGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5EHwhGGaTLKkGuBJje8lZC9SXYvz
SGxO44eKLBvzxy0EHJQv70Qr6RzLwxjucfaERiVIp3TaH7hkZHx46JZIsDyd9l6B
+NLG6+LYs7QjhEhwWDkOnJjdKSCgd6W223k7cHf4Vs10Usa/kdQBrL4quN+PTQbq
ujUso4u9JHler19pQZhyfV3eTIu7DF6m0IKcbOA8M3fLQvQBeWOX2miXrXUblhxn
DqWll8SRfkOd2WqZgSo4+cA80nqxdZhdY5ugaMXfMHI++HkTdXH0xROWe3Jf7fZX
oK4z70f6qYqbWl7sLoI2Z399CmWdsnl0KzK1tpzkPY7arJNTFW00VSLRawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHyqhBZmF+IS6enWIKbpJQ+2AGTAMB8GA1UdIwQY
MBaAFBdVAdk+mysaT+0wjirkMcwnfmngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFVQjJUNmJLeHBQN1RDT0t1UXh6Q2QtYWVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wNjgxOTEtODc4ZC00MjVjLTg5OTMt
MDliOTkwNWQ0MWRiLzEvZktxRUZtWVg0aExwNmRZZ3B1a2xEN1lBWk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8wNjgxOTEtODc4ZC00MjVjLTg5OTMtMDliOTkwNWQ0MWRi
LzEvRjFVQjJUNmJLeHBQN1RDT0t1UXh6Q2QtYWVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHpjGAMA0G
CSqGSIb3DQEBCwUAA4IBAQBCEwDSc32/O9iJ38/GR6cMSJcyNaBIjOd+QKDYbRvu
5sX6D8ECczvJ+X86+SIUU1zui0aRZlBGh8y4jAbsZyHVay0MSWttC0zMim8X/olV
mjgYHNyQGuVo/KJHCAe5L4JX+iSuy8lb/2WNzNQwnhwCEHfXzZILBf13KOKGj9Fe
l7L8cHa2ySAqO+s9DyUMq6HfkaPCzEEH9iQryGMbjsp+Xl6DJgNqCiguUz6S54jo
WWH3oh0dMKc1mWUvLl797wErYWXDldqGhXIzdzbTT+/Gu3kMD306RV6Z3HM4mLZ5
fheI6V5Vjku+eUH0XTXKIjZrfoRhfSgoFRdTb+cxjvK7
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:42:59 2025 by rpki-client