Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/FkypGaHxJRPHL2l3bcus8XXbTic.roa
File: FkypGaHxJRPHL2l3bcus8XXbTic.roa (raw, json)
Hash identifier: AAUT/AXOg/K+3uMtzhM/fSkA7+pFTP4bTPOATmY7V/M=
Subject key identifier: 16:4C:A9:19:A1:F1:25:13:C7:2F:69:77:6D:CB:AC:F1:75:DB:4E:27
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018CC2DB6410D1E089F41F6F7CDAF5A90D47
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/FkypGaHxJRPHL2l3bcus8XXbTic.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 193.9.126.0/24 maxlen: 24
45.10.108.0/24 maxlen: 24
77.83.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 10:44:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:64:10:d1:e0:89:f4:1f:6f:7c:da:f5:a9:0d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=164ca919a1f12513c72f69776dcbacf175db4e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c1:c8:ce:b4:53:bd:c6:92:07:3a:77:2b:d1:
fa:2d:a9:9b:cf:2e:c6:52:75:06:5b:1e:30:54:92:
cb:9d:6d:ce:7d:b0:22:ae:bf:bd:df:d0:6e:e2:3d:
30:d5:d1:cd:a5:46:5c:91:41:f9:33:04:ee:4a:6a:
55:4f:56:80:13:55:e6:fa:e7:b5:65:42:01:b0:c4:
ea:81:27:5c:0b:eb:04:38:01:27:72:a0:5d:db:59:
fb:b7:ee:5e:61:3d:31:97:90:ff:9f:bd:fa:d8:ca:
8b:df:51:ab:84:99:0e:58:be:2c:a9:d7:38:47:a0:
c2:af:aa:e5:99:ca:fb:23:4b:f5:45:84:2b:61:97:
67:43:74:17:ec:b4:c4:7e:92:4f:65:56:fc:a4:9b:
88:86:d8:45:af:ce:bf:56:36:bb:d6:da:f7:1a:e9:
8f:1b:3e:94:41:88:3b:4b:6d:d0:f5:45:79:7b:3b:
da:a8:a8:92:b4:f3:f9:6f:97:79:e1:b7:96:62:98:
60:fd:82:a5:17:85:04:79:27:38:db:b2:75:41:2e:
59:97:42:30:d4:73:49:36:c7:c4:30:1c:b9:e8:ad:
51:37:fe:f5:2f:65:dc:65:63:ac:cd:4d:ae:e2:e3:
75:78:32:63:93:d5:ca:90:ec:bb:e8:fc:88:e5:f9:
90:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:4C:A9:19:A1:F1:25:13:C7:2F:69:77:6D:CB:AC:F1:75:DB:4E:27
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/FkypGaHxJRPHL2l3bcus8XXbTic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.108.0/24
77.83.80.0/24
193.9.126.0/24
Signature Algorithm: sha256WithRSAEncryption
97:93:80:c2:9e:d0:02:ac:28:ec:b1:c7:e7:b0:da:0e:ae:20:
a4:d3:9a:ed:52:69:fd:c9:3c:65:26:df:88:c5:7e:32:24:2e:
73:0a:6e:06:9c:a9:ff:d9:12:62:37:e2:d1:f8:b4:e0:07:31:
a3:c2:e4:04:e9:a3:f8:2d:52:79:04:30:93:01:1e:63:70:70:
91:7e:4d:6d:9e:20:bc:b9:05:32:c9:fe:67:ea:f0:e1:4e:b0:
aa:47:d8:51:4b:6e:36:79:b9:ae:13:7d:31:b9:fa:03:13:e7:
6d:d4:38:cd:1e:fa:bd:01:5a:6b:8a:79:87:4b:c9:f5:88:9e:
31:af:bd:18:a5:7f:dc:16:43:cc:7c:32:6e:6f:56:b3:9d:20:
6a:16:af:41:ae:99:e4:7f:a8:61:a5:d8:f4:a4:14:35:fb:a7:
4b:4c:b0:ba:9c:8c:31:73:2b:c6:9c:8e:3d:12:4b:d9:62:e6:
5e:80:a4:a1:48:1c:2d:d1:46:9b:bd:6a:00:19:4c:60:90:16:
72:fb:c6:00:49:0b:f5:56:09:57:74:4a:4d:45:ca:f9:4e:da:
51:e2:d7:69:ac:b4:fb:14:8f:06:62:f8:97:10:1b:aa:a9:4a:
f1:37:eb:d1:a7:a3:6b:fb:0f:e6:a0:51:77:25:9c:59:78:99:
4c:e6:e9:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC22QQ0eCJ9B9vfNr1qQ1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjRjYTkxOWExZjEyNTEzYzcyZjY5Nzc2ZGNiYWNmMTc1ZGI0ZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMHIzrRTvcaSBzp3K9H6Lambzy7G
UnUGWx4wVJLLnW3OfbAirr+939Bu4j0w1dHNpUZckUH5MwTuSmpVT1aAE1Xm+ue1
ZUIBsMTqgSdcC+sEOAEncqBd21n7t+5eYT0xl5D/n7362MqL31GrhJkOWL4sqdc4
R6DCr6rlmcr7I0v1RYQrYZdnQ3QX7LTEfpJPZVb8pJuIhthFr86/Vja71tr3GumP
Gz6UQYg7S23Q9UV5ezvaqKiStPP5b5d54beWYphg/YKlF4UEeSc427J1QS5Zl0Iw
1HNJNsfEMBy56K1RN/71L2XcZWOszU2u4uN1eDJjk9XKkOy76PyI5fmQoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBZMqRmh8SUTxy9pd23LrPF1204nMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvRmt5cEdhSHhKUlBITDJsM2JjdXM4WFhiVGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQpsAwQA
TVNQAwQAwQl+MA0GCSqGSIb3DQEBCwUAA4IBAQCXk4DCntACrCjsscfnsNoOriCk
05rtUmn9yTxlJt+IxX4yJC5zCm4GnKn/2RJiN+LR+LTgBzGjwuQE6aP4LVJ5BDCT
AR5jcHCRfk1tniC8uQUyyf5n6vDhTrCqR9hRS242ebmuE30xufoDE+dt1DjNHvq9
AVprinmHS8n1iJ4xr70YpX/cFkPMfDJub1aznSBqFq9Brpnkf6hhpdj0pBQ1+6dL
TLC6nIwxcyvGnI49EkvZYuZegKShSBwt0UabvWoAGUxgkBZy+8YASQv1VglXdEpN
Rcr5TtpR4tdprLT7FI8GYviXEBuqqUrxN+vRp6Nr+w/moFF3JZxZeJlM5umD
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:31 2025 by rpki-client