Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/k00fuN8ifiHCMBEPKO3i6A0Q6gI.roa
File: k00fuN8ifiHCMBEPKO3i6A0Q6gI.roa (raw, json)
Hash identifier: RinLy95cfw23a/6oo/bLasChjRcP/GtZVApFQo69j20=
Subject key identifier: 93:4D:1F:B8:DF:22:7E:21:C2:30:11:0F:28:ED:E2:E8:0D:10:EA:02
Certificate issuer: /CN=449b18e3296d795d3a9c959be25c70aaab365200
Certificate serial: 018CC492F4BDF04CEDC7B977B822CA24FE8F
Authority key identifier: 44:9B:18:E3:29:6D:79:5D:3A:9C:95:9B:E2:5C:70:AA:AB:36:52:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/k00fuN8ifiHCMBEPKO3i6A0Q6gI.roa
Signing time: Mon 01 Jan 2024 10:30:14 +0000
ROA not before: Mon 01 Jan 2024 10:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56672
IP address blocks: 195.189.198.0/24 maxlen: 24
195.189.199.0/24 maxlen: 24
194.107.140.0/23 maxlen: 23
2a00:4680::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:f4:bd:f0:4c:ed:c7:b9:77:b8:22:ca:24:fe:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=449b18e3296d795d3a9c959be25c70aaab365200
Validity
Not Before: Jan 1 10:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=934d1fb8df227e21c230110f28ede2e80d10ea02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3c:f2:43:e6:85:34:7e:10:6a:87:09:de:34:
f0:a4:7e:66:9a:78:ef:fd:26:c2:54:d4:bd:16:28:
8e:22:3a:ce:0d:00:92:c7:90:10:1b:8e:fc:c9:60:
17:81:31:2f:3e:48:c2:56:8c:7f:15:a5:0f:53:ec:
d5:85:35:41:2d:ac:6d:f3:09:e6:37:7e:cc:60:3f:
84:20:15:10:f7:73:4a:e5:f8:f0:d9:e1:f9:6f:15:
78:7a:7b:32:f1:2a:65:b4:19:db:0b:b4:5a:a7:11:
e0:cd:e3:a8:3b:27:41:4e:2f:9b:fb:89:0c:2e:fb:
05:e1:10:97:58:65:16:60:56:ce:0c:15:55:f1:3e:
8c:cc:74:20:29:0d:ad:b4:c4:94:fd:7d:3e:86:95:
56:f4:30:e7:75:b6:3f:ce:db:e7:79:03:97:82:8a:
d9:f3:f8:75:ac:44:40:f7:89:ed:98:2c:c7:05:53:
c9:56:1a:63:2b:43:78:09:7d:cb:c5:41:d7:21:1b:
cf:a5:4c:6a:ab:03:c8:f4:a0:74:b7:d8:fd:c9:fb:
55:78:82:3d:1c:ea:e6:55:51:e8:12:56:ff:2f:42:
2d:df:73:64:24:70:51:4b:64:81:62:55:90:88:8a:
42:7a:a2:57:bd:fb:78:e2:87:c7:b8:8a:6f:65:ac:
41:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:4D:1F:B8:DF:22:7E:21:C2:30:11:0F:28:ED:E2:E8:0D:10:EA:02
X509v3 Authority Key Identifier:
keyid:44:9B:18:E3:29:6D:79:5D:3A:9C:95:9B:E2:5C:70:AA:AB:36:52:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/k00fuN8ifiHCMBEPKO3i6A0Q6gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/RJsY4ylteV06nJWb4lxwqqs2UgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.140.0/23
195.189.198.0/23
IPv6:
2a00:4680::/32
Signature Algorithm: sha256WithRSAEncryption
18:be:da:68:43:5d:1a:8a:b8:8c:8b:4c:55:55:07:35:1e:fd:
b0:bd:63:af:1a:79:1c:ed:63:ac:68:d8:35:bc:06:d3:fd:5d:
a9:39:dd:51:e1:4b:45:4f:c2:16:e0:47:f2:ca:b2:61:23:f4:
e6:cd:6c:35:d4:9c:65:4d:43:c8:02:f2:83:8e:df:31:57:96:
fb:5f:a8:01:7c:ab:21:2a:71:ba:de:34:d6:b1:0e:11:34:5a:
35:19:6c:ef:ec:4b:b3:f2:2d:62:dd:31:6d:56:0c:d9:07:51:
09:c7:3f:53:6e:01:e3:93:36:c6:3d:36:84:d5:ca:de:ec:d8:
fd:a2:2d:a0:ca:97:3d:75:99:ba:3e:81:d2:ad:e2:4f:b5:11:
e4:11:bc:d6:49:ab:b5:60:de:6d:fa:f1:fb:7f:06:72:aa:9e:
67:99:12:0d:e4:40:ed:cc:12:3a:19:dc:fd:56:cc:d2:a2:47:
e7:6d:62:e6:3f:e3:8d:76:c6:ac:47:db:29:65:29:70:c4:8e:
67:64:9a:8a:79:9f:e0:30:f5:a4:fc:00:b4:99:ea:b4:2d:a7:
1a:25:bf:af:84:93:4a:b1:0c:b2:7a:19:7d:5f:05:44:f9:26:
94:fc:02:3c:af:c0:95:1a:60:a0:2d:9f:91:a0:67:99:38:3e:
aa:4b:b7:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEkvS98Eztx7l3uCLKJP6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0OWIxOGUzMjk2ZDc5NWQzYTljOTU5YmUyNWM3MGFhYWIz
NjUyMDAwHhcNMjQwMTAxMTAzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzRkMWZiOGRmMjI3ZTIxYzIzMDExMGYyOGVkZTJlODBkMTBlYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTzyQ+aFNH4QaocJ3jTwpH5mmnjv
/SbCVNS9FiiOIjrODQCSx5AQG478yWAXgTEvPkjCVox/FaUPU+zVhTVBLaxt8wnm
N37MYD+EIBUQ93NK5fjw2eH5bxV4ensy8SpltBnbC7RapxHgzeOoOydBTi+b+4kM
LvsF4RCXWGUWYFbODBVV8T6MzHQgKQ2ttMSU/X0+hpVW9DDndbY/ztvneQOXgorZ
8/h1rERA94ntmCzHBVPJVhpjK0N4CX3LxUHXIRvPpUxqqwPI9KB0t9j9yftVeII9
HOrmVVHoElb/L0It33NkJHBRS2SBYlWQiIpCeqJXvft44ofHuIpvZaxB+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJNNH7jfIn4hwjARDyjt4ugNEOoCMB8GA1UdIwQY
MBaAFESbGOMpbXldOpyVm+JccKqrNlIAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkpzWTR5bHRlVjA2bkpXYjRseHdxcXMyVWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9mYjM5ZWQtN2M3My00NDc4LTkwMWQt
NjVhODk5YTYwMzY2LzEvazAwZnVOOGlmaUhDTUJFUEtPM2k2QTBRNmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9mYjM5ZWQtN2M3My00NDc4LTkwMWQtNjVhODk5YTYwMzY2
LzEvUkpzWTR5bHRlVjA2bkpXYjRseHdxcXMyVWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwmuMAwQB
w73GMA0EAgACMAcDBQAqAEaAMA0GCSqGSIb3DQEBCwUAA4IBAQAYvtpoQ10airiM
i0xVVQc1Hv2wvWOvGnkc7WOsaNg1vAbT/V2pOd1R4UtFT8IW4EfyyrJhI/TmzWw1
1JxlTUPIAvKDjt8xV5b7X6gBfKshKnG63jTWsQ4RNFo1GWzv7Euz8i1i3TFtVgzZ
B1EJxz9TbgHjkzbGPTaE1cre7Nj9oi2gypc9dZm6PoHSreJPtRHkEbzWSau1YN5t
+vH7fwZyqp5nmRIN5EDtzBI6Gdz9VszSokfnbWLmP+ONdsasR9spZSlwxI5nZJqK
eZ/gMPWk/AC0meq0LacaJb+vhJNKsQyyehl9XwVE+SaU/AI8r8CVGmCgLZ+RoGeZ
OD6qS7fL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:55 2025 by rpki-client