Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/FnQII-PAcNudfwZJsyNyFgxFiGg.roa
File: FnQII-PAcNudfwZJsyNyFgxFiGg.roa (raw, json)
Hash identifier: EkWpU3YV1wO5pp2al+MJ+11gJRmJAT+m1oCqTFqvJL8=
Subject key identifier: 16:74:08:23:E3:C0:70:DB:9D:7F:06:49:B3:23:72:16:0C:45:88:68
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019422FBA52B50A9220CC9CB7A2EA5F94283
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/FnQII-PAcNudfwZJsyNyFgxFiGg.roa
Signing time: Wed 01 Jan 2025 17:48:24 +0000
ROA not before: Wed 01 Jan 2025 17:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213730
IP address blocks: 88.209.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:14:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a5:2b:50:a9:22:0c:c9:cb:7a:2e:a5:f9:42:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 17:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16740823e3c070db9d7f0649b32372160c458868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3c:b4:04:f4:6f:f6:3e:97:d7:64:fb:91:fa:
45:a2:14:38:5a:9c:fa:b1:c8:3d:f7:4c:42:db:98:
0b:fe:80:f3:8b:55:3d:9b:ef:1d:7e:a4:bf:d5:bc:
45:29:8c:6a:02:77:87:91:a9:bd:96:5c:f1:67:c1:
f6:3d:c9:26:1a:20:e6:b7:52:99:45:2a:ba:f6:e6:
d8:19:d8:e9:7b:00:60:18:60:bc:da:4e:a4:11:0e:
92:26:e1:f9:f9:40:99:31:3d:3e:76:7f:bb:6c:f1:
17:06:bc:5f:6f:dd:b8:47:d7:e8:f0:57:43:b2:a2:
62:d8:16:10:3d:00:6c:72:0e:4b:18:06:d8:af:0c:
9a:bb:03:62:2d:90:06:56:80:69:52:f1:45:6c:1e:
02:40:2f:81:7e:c7:c6:6b:16:4b:0f:6e:b8:43:a6:
07:50:4b:79:01:43:1d:0b:6b:f6:69:49:4a:bd:fe:
9f:37:39:07:eb:31:c1:80:df:38:ca:a6:a2:d9:17:
67:c4:0a:16:97:50:6a:e6:ac:22:fe:a4:fe:1b:81:
27:b0:29:68:90:9a:db:df:60:ca:e4:c6:c9:77:1d:
3c:71:84:1f:e3:e8:a8:60:54:0a:24:03:63:48:34:
94:bc:af:07:79:11:58:9a:e8:9f:7e:c0:5e:96:8a:
cd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:74:08:23:E3:C0:70:DB:9D:7F:06:49:B3:23:72:16:0C:45:88:68
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/FnQII-PAcNudfwZJsyNyFgxFiGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.244.0/24
Signature Algorithm: sha256WithRSAEncryption
27:2f:17:c7:17:a7:a4:5f:35:2d:ba:07:ca:8c:d4:8d:79:e5:
a4:66:fb:47:9c:73:0e:b0:c8:52:00:4b:13:90:5e:8b:25:c4:
dd:e3:70:b0:4b:43:6a:74:c7:cf:a8:5f:64:95:e4:51:ee:0a:
c0:46:1e:b5:fc:1f:f6:0f:78:02:7c:1f:41:39:e1:f5:32:cb:
e9:e5:f9:0c:fe:65:f2:3e:30:18:1a:42:bf:ca:8e:99:72:aa:
1e:84:14:2d:ad:27:ea:18:76:8b:9a:7e:cf:41:8a:b2:6a:6a:
e4:9e:66:c2:44:ce:22:cf:6c:27:32:03:09:1e:12:6d:03:a9:
c6:6b:fc:64:90:2e:ba:09:f8:6a:52:82:95:ba:ae:cb:42:79:
a1:b4:a1:54:b2:37:19:ea:4f:83:89:82:d1:0f:3b:58:a7:9b:
cf:0c:b1:cd:55:20:39:31:92:9f:db:82:bc:05:81:74:73:4e:
72:1d:bb:19:6e:3f:1c:55:88:2c:b7:38:f1:9e:fd:60:4f:bb:
8d:40:d6:8b:73:f0:7e:10:1a:77:a0:8e:fe:34:83:9c:72:c7:
96:18:cd:32:98:2f:14:2e:7d:83:1e:71:46:bc:32:93:7b:d6:
2e:f4:cf:77:2a:fd:99:cc:91:4e:dd:84:eb:b9:d2:1d:44:0f:
9c:0c:31:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+6UrUKkiDMnLei6l+UKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMTAxMTc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjc0MDgyM2UzYzA3MGRiOWQ3ZjA2NDliMzIzNzIxNjBjNDU4ODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jy0BPRv9j6X12T7kfpFohQ4Wpz6
scg990xC25gL/oDzi1U9m+8dfqS/1bxFKYxqAneHkam9llzxZ8H2PckmGiDmt1KZ
RSq69ubYGdjpewBgGGC82k6kEQ6SJuH5+UCZMT0+dn+7bPEXBrxfb924R9fo8FdD
sqJi2BYQPQBscg5LGAbYrwyauwNiLZAGVoBpUvFFbB4CQC+BfsfGaxZLD264Q6YH
UEt5AUMdC2v2aUlKvf6fNzkH6zHBgN84yqai2RdnxAoWl1Bq5qwi/qT+G4EnsClo
kJrb32DK5MbJdx08cYQf4+ioYFQKJANjSDSUvK8HeRFYmuiffsBelorNaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBZ0CCPjwHDbnX8GSbMjchYMRYhoMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvRm5RSUktUEFjTnVkZndaSnN5TnlGZ3hGaUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNH0MA0G
CSqGSIb3DQEBCwUAA4IBAQAnLxfHF6ekXzUtugfKjNSNeeWkZvtHnHMOsMhSAEsT
kF6LJcTd43CwS0NqdMfPqF9kleRR7grARh61/B/2D3gCfB9BOeH1Msvp5fkM/mXy
PjAYGkK/yo6ZcqoehBQtrSfqGHaLmn7PQYqyamrknmbCRM4iz2wnMgMJHhJtA6nG
a/xkkC66CfhqUoKVuq7LQnmhtKFUsjcZ6k+DiYLRDztYp5vPDLHNVSA5MZKf24K8
BYF0c05yHbsZbj8cVYgstzjxnv1gT7uNQNaLc/B+EBp3oI7+NIOccseWGM0ymC8U
Ln2DHnFGvDKTe9Yu9M93Kv2ZzJFO3YTrudIdRA+cDDER
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:12:27 2025 by rpki-client