Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/FvHP6rtAD12w-L83Q2gMki0tEXM.roa
File: FvHP6rtAD12w-L83Q2gMki0tEXM.roa (raw, json)
Hash identifier: JykBa+r/vSizmNSKS7d0RdftWcMwMVkze8s2JSr9vrc=
Subject key identifier: 16:F1:CF:EA:BB:40:0F:5D:B0:F8:BF:37:43:68:0C:92:2D:2D:11:73
Certificate issuer: /CN=0dc2061405956993cc63a60db0f963525d357731
Certificate serial: 018CC56E6A889D6F0266D3D831FA46F181BE
Authority key identifier: 0D:C2:06:14:05:95:69:93:CC:63:A6:0D:B0:F9:63:52:5D:35:77:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DcIGFAWVaZPMY6YNsPljUl01dzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/FvHP6rtAD12w-L83Q2gMki0tEXM.roa
Signing time: Mon 01 Jan 2024 14:29:56 +0000
ROA not before: Mon 01 Jan 2024 14:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24853
IP address blocks: 185.139.80.0/22 maxlen: 22
193.111.162.0/24 maxlen: 24
2a07:1400::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:6a:88:9d:6f:02:66:d3:d8:31:fa:46:f1:81:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dc2061405956993cc63a60db0f963525d357731
Validity
Not Before: Jan 1 14:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16f1cfeabb400f5db0f8bf3743680c922d2d1173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5b:e5:19:a1:15:67:62:42:42:c0:33:62:cd:
73:47:3a:bb:ba:d8:fa:81:5c:73:5a:e1:62:97:ae:
9d:19:10:79:13:bb:c1:f3:a3:30:29:7d:4b:11:86:
35:a0:b1:83:d3:51:be:49:e4:32:63:1e:a9:a8:13:
80:49:08:f9:7a:0b:3d:f5:2c:67:0a:e3:06:a4:38:
b5:48:f3:94:31:42:2f:98:cc:84:0c:f6:b9:00:66:
a6:4b:18:35:0d:13:00:55:1b:d7:27:2d:62:3d:76:
60:49:a4:46:ca:32:d6:07:b1:f2:f6:d2:6e:44:8a:
0e:4a:f4:a0:8b:2e:23:b0:fb:16:97:7a:34:d2:12:
4a:99:f6:9e:22:69:48:e3:b3:c8:06:0a:ff:1d:9a:
0a:34:cb:83:cb:1a:f2:e1:de:ef:a7:a3:ff:05:56:
a3:05:64:27:73:f1:40:e3:df:02:aa:f9:9e:e7:ea:
2f:bc:a5:b1:17:bc:9d:c1:b3:e3:0f:50:1a:ea:fd:
34:c8:ae:40:66:92:11:cd:bf:80:25:86:06:ea:69:
60:7e:9c:58:17:8b:82:29:a7:17:d9:4b:2b:7f:8b:
ad:b4:84:63:28:d2:17:4d:de:4c:30:24:75:c9:31:
fe:4a:ed:81:02:3f:15:8a:0e:f7:0a:4f:2e:3d:0c:
32:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:F1:CF:EA:BB:40:0F:5D:B0:F8:BF:37:43:68:0C:92:2D:2D:11:73
X509v3 Authority Key Identifier:
keyid:0D:C2:06:14:05:95:69:93:CC:63:A6:0D:B0:F9:63:52:5D:35:77:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcIGFAWVaZPMY6YNsPljUl01dzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/FvHP6rtAD12w-L83Q2gMki0tEXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/9de767-3a28-49ab-ae28-2348ba6fb4c3/1/DcIGFAWVaZPMY6YNsPljUl01dzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.80.0/22
193.111.162.0/24
IPv6:
2a07:1400::/29
Signature Algorithm: sha256WithRSAEncryption
4b:b6:be:c5:54:68:b1:36:50:84:69:ba:80:2f:8c:5c:ff:3a:
76:59:57:a4:0d:4d:55:7b:56:d2:8d:6a:2c:9a:37:50:80:07:
98:d9:67:b6:85:78:bb:11:59:d6:aa:cb:76:67:b7:9f:89:57:
24:88:e3:c5:de:7c:9a:12:bc:fb:0f:61:29:25:ad:52:3e:10:
b5:dc:8a:50:31:01:5a:84:70:5d:c3:45:0f:3b:73:2d:75:2f:
d5:7e:22:46:f3:52:06:1d:6d:e9:76:38:09:d2:fa:07:41:11:
ab:c6:0c:59:7a:ae:3a:7c:15:22:69:4c:50:5b:24:75:aa:45:
e6:e3:40:30:17:a4:59:12:e7:6c:dd:e2:d4:9f:2d:d2:d2:d2:
3b:5a:91:21:87:f7:56:e4:25:77:c0:25:73:08:f4:87:e2:71:
79:3f:71:86:af:55:47:21:34:8f:be:8b:ad:c4:c2:87:42:f4:
92:cd:d7:f0:e5:30:8a:e5:35:64:89:fc:0d:70:14:6a:81:ab:
52:54:7e:70:03:d2:bb:14:e0:a0:33:73:76:3f:84:2a:4a:48:
ed:b1:bc:9f:92:53:e8:6b:d4:62:4c:d4:1c:0d:15:4e:56:e6:
bf:f9:dc:77:f5:38:45:e1:8c:ef:83:fb:19:43:c3:8f:27:64:
a4:e1:d4:8d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbmqInW8CZtPYMfpG8YG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzIwNjE0MDU5NTY5OTNjYzYzYTYwZGIwZjk2MzUyNWQz
NTc3MzEwHhcNMjQwMTAxMTQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmYxY2ZlYWJiNDAwZjVkYjBmOGJmMzc0MzY4MGM5MjJkMmQxMTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1vlGaEVZ2JCQsAzYs1zRzq7utj6
gVxzWuFil66dGRB5E7vB86MwKX1LEYY1oLGD01G+SeQyYx6pqBOASQj5egs99Sxn
CuMGpDi1SPOUMUIvmMyEDPa5AGamSxg1DRMAVRvXJy1iPXZgSaRGyjLWB7Hy9tJu
RIoOSvSgiy4jsPsWl3o00hJKmfaeImlI47PIBgr/HZoKNMuDyxry4d7vp6P/BVaj
BWQnc/FA498Cqvme5+ovvKWxF7ydwbPjD1Aa6v00yK5AZpIRzb+AJYYG6mlgfpxY
F4uCKacX2Usrf4uttIRjKNIXTd5MMCR1yTH+Su2BAj8Vig73Ck8uPQwysQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBbxz+q7QA9dsPi/N0NoDJItLRFzMB8GA1UdIwQY
MBaAFA3CBhQFlWmTzGOmDbD5Y1JdNXcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNJR0ZBV1ZhWlBNWTZZTnNQbGpVbDAxZHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy85ZGU3NjctM2EyOC00OWFiLWFlMjgt
MjM0OGJhNmZiNGMzLzEvRnZIUDZydEFEMTJ3LUw4M1EyZ01raTB0RVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy85ZGU3NjctM2EyOC00OWFiLWFlMjgtMjM0OGJhNmZiNGMz
LzEvRGNJR0ZBV1ZhWlBNWTZZTnNQbGpVbDAxZHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYtQAwQA
wW+iMA0EAgACMAcDBQMqBxQAMA0GCSqGSIb3DQEBCwUAA4IBAQBLtr7FVGixNlCE
abqAL4xc/zp2WVekDU1Ve1bSjWosmjdQgAeY2We2hXi7EVnWqst2Z7efiVckiOPF
3nyaErz7D2EpJa1SPhC13IpQMQFahHBdw0UPO3MtdS/VfiJG81IGHW3pdjgJ0voH
QRGrxgxZeq46fBUiaUxQWyR1qkXm40AwF6RZEuds3eLUny3S0tI7WpEhh/dW5CV3
wCVzCPSH4nF5P3GGr1VHITSPvoutxMKHQvSSzdfw5TCK5TVkifwNcBRqgatSVH5w
A9K7FOCgM3N2P4QqSkjtsbyfklPoa9RiTNQcDRVOVua/+dx39ThF4Yzvg/sZQ8OP
J2Sk4dSN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:52 2025 by rpki-client