Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1-FXK1zYwqEYyFuRV0ELPmGW0nOQ.roa
File: 1-FXK1zYwqEYyFuRV0ELPmGW0nOQ.roa (raw, json)
Hash identifier: 36X1Q8RxMthhTNJkMuRJ2zlgVcR7d1Q5OG448xYSRJ4=
Subject key identifier: F8:55:CA:D7:36:30:A8:46:32:16:E4:55:D0:42:CF:98:65:B4:9C:E4
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CAD95E4C6F385A0C5032808C614CC
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1-FXK1zYwqEYyFuRV0ELPmGW0nOQ.roa
Signing time: Wed 01 Jan 2025 01:48:20 +0000
ROA not before: Wed 01 Jan 2025 01:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50129
IP address blocks: 31.44.144.0/20 maxlen: 24
31.222.96.0/19 maxlen: 24
185.30.196.0/22 maxlen: 24
185.209.8.0/22 maxlen: 24
185.215.0.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 11:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:ad:95:e4:c6:f3:85:a0:c5:03:28:08:c6:14:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f855cad73630a8463216e455d042cf9865b49ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:30:c5:58:6e:71:e9:03:23:ea:5c:38:db:22:
be:26:2a:d6:ee:d4:2f:04:2e:2f:90:e5:66:52:1a:
0c:29:58:6d:c0:92:33:7b:2b:f4:16:b8:23:14:2b:
69:80:30:52:d2:f4:53:83:df:ab:2f:8e:07:42:45:
4c:41:23:70:00:75:5b:78:fa:2e:5c:8e:b9:2b:bb:
10:d3:1f:69:81:fc:76:72:b6:5a:a9:be:1d:41:cc:
67:0f:56:bb:ce:51:8b:b4:dd:17:7e:2b:af:1a:2b:
c0:1d:42:46:4d:51:2a:47:fd:3f:72:c8:59:6c:59:
82:88:a9:5d:9d:33:a0:04:37:c8:bd:13:d8:4f:94:
a1:1f:8c:5e:1e:ad:0b:f0:bb:d8:c8:31:c2:4a:aa:
1d:3e:0a:e5:b3:fb:a5:59:44:dd:aa:cb:71:53:12:
30:57:57:8a:cb:88:8a:27:fb:dc:0d:5c:b2:b9:32:
b9:31:60:ec:c8:32:fc:1f:4f:c0:21:77:3c:2b:7a:
0d:3c:72:3c:2a:c7:ba:e9:3a:50:07:b3:f7:67:18:
11:94:59:83:9a:29:0d:26:85:c1:62:84:15:3b:fe:
15:3f:1d:58:bd:f1:d5:e8:73:91:18:11:4b:18:e1:
66:df:6c:0a:8f:d2:f9:02:39:74:9b:cc:10:e6:59:
1a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:55:CA:D7:36:30:A8:46:32:16:E4:55:D0:42:CF:98:65:B4:9C:E4
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1-FXK1zYwqEYyFuRV0ELPmGW0nOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.144.0/20
31.222.96.0/19
185.30.196.0/22
185.209.8.0/22
185.215.0.0/22
Signature Algorithm: sha256WithRSAEncryption
22:0f:e9:03:77:11:c2:42:da:80:ec:33:be:4a:7d:96:8a:88:
64:cc:ca:4a:09:2c:b6:4c:39:32:da:c7:18:e9:89:04:9b:72:
d3:64:95:6f:79:8c:72:7a:c2:37:15:0c:93:95:43:f3:7e:a8:
5f:c5:d4:a4:71:44:38:f4:b7:5f:6f:cf:f1:4c:a4:b0:99:53:
7e:76:9b:75:cf:5d:28:f6:08:5d:4d:c5:67:4f:50:28:ea:fe:
70:e5:9f:1a:12:84:7b:29:c5:c6:f2:fe:05:a2:2c:0a:a4:e3:
94:71:03:15:4f:22:d5:22:89:e7:0b:b7:9b:b5:bc:85:a5:3a:
d0:b9:50:1a:d0:29:a8:63:f9:45:05:3c:15:85:ee:51:a5:0b:
9b:1c:1e:1b:80:07:1e:a5:73:0a:2f:a5:65:a4:5f:2e:e3:e4:
7a:72:c0:7b:95:41:b0:df:1a:e8:8b:aa:89:76:d4:b4:ed:e0:
59:11:90:ea:9d:2e:e3:79:11:14:39:0d:30:c4:13:2e:14:f3:
4b:7e:f4:fd:68:11:21:6e:f5:c4:80:ae:8b:c1:6d:ad:86:54:
98:ed:84:17:bb:1e:a7:18:c6:d0:f1:06:27:34:e1:0a:25:82:
91:48:c4:3a:cb:25:bd:e8:e2:ee:38:cf:94:15:5f:03:23:6c:
51:c8:cc:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQfjK2V5MbzhaDFAygIxhTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODU1Y2FkNzM2MzBhODQ2MzIxNmU0NTVkMDQyY2Y5ODY1YjQ5Y2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zDFWG5x6QMj6lw42yK+JirW7tQv
BC4vkOVmUhoMKVhtwJIzeyv0FrgjFCtpgDBS0vRTg9+rL44HQkVMQSNwAHVbePou
XI65K7sQ0x9pgfx2crZaqb4dQcxnD1a7zlGLtN0XfiuvGivAHUJGTVEqR/0/cshZ
bFmCiKldnTOgBDfIvRPYT5ShH4xeHq0L8LvYyDHCSqodPgrls/ulWUTdqstxUxIw
V1eKy4iKJ/vcDVyyuTK5MWDsyDL8H0/AIXc8K3oNPHI8Kse66TpQB7P3ZxgRlFmD
mikNJoXBYoQVO/4VPx1YvfHV6HORGBFLGOFm32wKj9L5Ajl0m8wQ5lkaowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhVytc2MKhGMhbkVdBCz5hltJzkMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvMS1GWEsxell3cUVZeUZ1UlYwRUxQbUdXMG5PUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvYmZmNGFhLTRmMDctNDEyOS04YWQ2LWM3OTE0YWI2NDI3
My8xLzFIWDdDVFRQYWxqY3p2RVFoMTItWGo2TGEzVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEBB8skAME
BR/eYAMEArkexAMEArnRCAMEArnXADANBgkqhkiG9w0BAQsFAAOCAQEAIg/pA3cR
wkLagOwzvkp9loqIZMzKSgkstkw5MtrHGOmJBJty02SVb3mMcnrCNxUMk5VD836o
X8XUpHFEOPS3X2/P8UyksJlTfnabdc9dKPYIXU3FZ09QKOr+cOWfGhKEeynFxvL+
BaIsCqTjlHEDFU8i1SKJ5wu3m7W8haU60LlQGtApqGP5RQU8FYXuUaULmxweG4AH
HqVzCi+lZaRfLuPkenLAe5VBsN8a6IuqiXbUtO3gWRGQ6p0u43kRFDkNMMQTLhTz
S370/WgRIW71xICui8FtrYZUmO2EF7sepxjG0PEGJzThCiWCkUjEOsslveji7jjP
lBVfAyNsUcjMeQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:16:10 2025 by rpki-client