Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/FprpvFxyjDZA-AQFBpgfnt7pYnY.roa
File: FprpvFxyjDZA-AQFBpgfnt7pYnY.roa (raw, json)
Hash identifier: lF4g+ykJyvWHFBQGpqqggXKaTksKe+mpjBBWkUQscbc=
Subject key identifier: 16:9A:E9:BC:5C:72:8C:36:40:F8:04:05:06:98:1F:9E:DE:E9:62:76
Certificate issuer: /CN=66d0580e1725f45de106b97f77d9cd76bc4df806
Certificate serial: 0191EC7494A183FF4DB3F3EAEB1AB29901C0
Authority key identifier: 66:D0:58:0E:17:25:F4:5D:E1:06:B9:7F:77:D9:CD:76:BC:4D:F8:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/FprpvFxyjDZA-AQFBpgfnt7pYnY.roa
Signing time: Fri 13 Sep 2024 17:35:48 +0000
ROA not before: Fri 13 Sep 2024 17:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200435
IP address blocks: 185.63.172.0/22 maxlen: 24
185.63.172.0/24 maxlen: 24
185.63.173.0/24 maxlen: 24
185.63.174.0/24 maxlen: 24
185.63.175.0/24 maxlen: 24
2a04:f600::/29 maxlen: 48
2a04:f600:4454::/48 maxlen: 48
2a04:f600:4455::/48 maxlen: 48
2a04:f600:4456::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ec:74:94:a1:83:ff:4d:b3:f3:ea:eb:1a:b2:99:01:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d0580e1725f45de106b97f77d9cd76bc4df806
Validity
Not Before: Sep 13 17:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=169ae9bc5c728c3640f8040506981f9edee96276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:98:ec:b8:2e:65:94:eb:1f:62:bb:e9:14:1f:
1b:81:93:eb:c8:2c:b6:30:4c:53:d8:10:74:ce:30:
70:e3:d3:8b:f1:c6:f2:1c:eb:88:cf:94:fc:fe:01:
55:8a:69:e9:c9:92:84:63:bb:45:5d:9d:e3:40:35:
3a:69:56:73:8d:a2:32:53:8e:fd:2b:93:18:f8:1c:
42:8e:ee:9b:14:5d:88:48:88:27:4c:c4:62:3b:08:
de:d6:3c:58:05:95:ed:da:d8:45:fe:a2:b9:3f:4e:
15:66:08:5b:a0:e7:f4:ce:f6:44:af:6b:87:81:62:
54:9f:7b:8d:e9:a5:3d:f5:40:9b:b2:97:e4:de:4e:
e5:92:07:9c:ef:39:a1:c8:36:f8:a4:c1:ea:af:2a:
5b:21:5a:eb:51:7e:f5:df:d1:8b:69:b3:38:38:d5:
b2:d8:4a:11:bc:41:03:44:94:f8:fb:63:b6:75:85:
64:84:96:bc:9d:e3:4c:47:e3:17:3a:47:0f:73:fc:
29:b6:74:0e:e7:9a:b6:bd:96:22:d7:4f:bd:7c:41:
98:8d:93:06:05:ed:36:a2:49:ac:1f:1c:8a:bb:85:
ed:7e:48:73:1c:87:a7:6f:9b:43:52:12:c1:aa:02:
97:c0:91:af:c2:a9:05:b1:02:3f:fc:a1:56:3f:78:
09:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:9A:E9:BC:5C:72:8C:36:40:F8:04:05:06:98:1F:9E:DE:E9:62:76
X509v3 Authority Key Identifier:
keyid:66:D0:58:0E:17:25:F4:5D:E1:06:B9:7F:77:D9:CD:76:BC:4D:F8:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/FprpvFxyjDZA-AQFBpgfnt7pYnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.172.0/22
IPv6:
2a04:f600::/29
Signature Algorithm: sha256WithRSAEncryption
1f:77:ad:5c:21:4e:85:52:bd:67:49:59:b4:cf:13:2d:4c:f0:
2b:6d:ff:8f:d5:f7:e9:b3:1d:d7:db:5e:f6:7e:97:06:b5:f3:
b6:14:1d:86:69:0e:39:d7:8d:3e:56:1a:ac:56:19:ae:17:58:
c2:f0:62:b0:b2:03:b2:66:ee:49:99:30:94:7f:f5:0f:c3:2c:
e1:8e:d9:a6:e0:46:24:0b:06:dd:79:48:45:9d:e2:f5:26:bb:
a4:ea:a8:28:5a:28:41:6e:ca:2c:0b:82:58:04:cb:e3:71:4a:
66:16:f5:7a:55:3a:34:58:3d:21:fe:9b:96:a0:e5:86:4e:34:
fa:74:74:0a:31:75:98:c4:e4:49:58:c0:bc:1e:8b:73:b7:d7:
7e:57:97:c7:79:b1:ea:b3:b1:4a:75:38:eb:c1:85:a8:1b:a5:
5b:69:00:96:b7:2c:ef:d9:ef:66:78:1c:6b:e7:ce:15:03:97:
e7:99:aa:7d:68:23:a9:16:60:85:44:96:04:94:12:92:fd:b3:
12:fb:8e:8e:d8:c6:91:86:43:e0:97:32:1a:44:f5:aa:3d:3c:
b6:26:7f:29:4f:ca:dc:fa:a9:27:50:dc:06:12:12:bf:d2:22:
e9:3b:d2:f4:c5:0b:11:59:e8:83:d3:e2:b2:5d:90:93:f6:37:
2d:ff:d5:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZHsdJShg/9Ns/Pq6xqymQHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDA1ODBlMTcyNWY0NWRlMTA2Yjk3Zjc3ZDljZDc2YmM0
ZGY4MDYwHhcNMjQwOTEzMTczNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjlhZTliYzVjNzI4YzM2NDBmODA0MDUwNjk4MWY5ZWRlZTk2Mjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JjsuC5llOsfYrvpFB8bgZPryCy2
MExT2BB0zjBw49OL8cbyHOuIz5T8/gFVimnpyZKEY7tFXZ3jQDU6aVZzjaIyU479
K5MY+BxCju6bFF2ISIgnTMRiOwje1jxYBZXt2thF/qK5P04VZghboOf0zvZEr2uH
gWJUn3uN6aU99UCbspfk3k7lkgec7zmhyDb4pMHqrypbIVrrUX7139GLabM4ONWy
2EoRvEEDRJT4+2O2dYVkhJa8neNMR+MXOkcPc/wptnQO55q2vZYi10+9fEGYjZMG
Be02okmsHxyKu4XtfkhzHIenb5tDUhLBqgKXwJGvwqkFsQI//KFWP3gJeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBaa6bxccow2QPgEBQaYH57e6WJ2MB8GA1UdIwQY
MBaAFGbQWA4XJfRd4Qa5f3fZzXa8TfgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRCWURoY2w5RjNoQnJsX2Q5bk5kcnhOLUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS82ZTljMDctMzNlZC00ZWU0LTgzZWMt
OTVkOTVhY2U4MjgxLzEvRnBycHZGeHlqRFpBLUFRRkJwZ2ZudDdwWW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS82ZTljMDctMzNlZC00ZWU0LTgzZWMtOTVkOTVhY2U4Mjgx
LzEvWnRCWURoY2w5RjNoQnJsX2Q5bk5kcnhOLUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT+sMA0E
AgACMAcDBQMqBPYAMA0GCSqGSIb3DQEBCwUAA4IBAQAfd61cIU6FUr1nSVm0zxMt
TPArbf+P1ffpsx3X2172fpcGtfO2FB2GaQ45140+VhqsVhmuF1jC8GKwsgOyZu5J
mTCUf/UPwyzhjtmm4EYkCwbdeUhFneL1Jruk6qgoWihBbsosC4JYBMvjcUpmFvV6
VTo0WD0h/puWoOWGTjT6dHQKMXWYxORJWMC8Hotzt9d+V5fHebHqs7FKdTjrwYWo
G6VbaQCWtyzv2e9meBxr584VA5fnmap9aCOpFmCFRJYElBKS/bMS+46O2MaRhkPg
lzIaRPWqPTy2Jn8pT8rc+qknUNwGEhK/0iLpO9L0xQsRWeiD0+KyXZCT9jct/9Vi
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:27:16 2025 by rpki-client