Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/FfMt3Jrjn02Lidl3VwmHRsf57Pk.roa
File: FfMt3Jrjn02Lidl3VwmHRsf57Pk.roa (raw, json)
Hash identifier: MAloI5B/Ltkh7pRwetVEv0MD0FUfOFnY0G1uxUOn9Ww=
Subject key identifier: 15:F3:2D:DC:9A:E3:9F:4D:8B:89:D9:77:57:09:87:46:C7:F9:EC:F9
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018F3FDDE0E39DF813EABC862F3290ABF725
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/FfMt3Jrjn02Lidl3VwmHRsf57Pk.roa
Signing time: Fri 03 May 2024 19:10:56 +0000
ROA not before: Fri 03 May 2024 19:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.86.158.0/24 maxlen: 24
85.117.240.0/24 maxlen: 24
192.144.33.0/24 maxlen: 24
193.38.249.0/24 maxlen: 24
2a09:ff00:8000::/37 maxlen: 48
2a09:ff00:8800::/37 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 May 2024 18:22:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3f:dd:e0:e3:9d:f8:13:ea:bc:86:2f:32:90:ab:f7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: May 3 19:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15f32ddc9ae39f4d8b89d97757098746c7f9ecf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:9f:99:50:7b:97:4a:8d:94:d9:78:3c:84:f2:
bb:aa:73:e4:e5:43:1a:10:3a:61:9e:f2:2c:fe:65:
fc:90:37:b9:d7:94:eb:09:8c:dd:69:6d:7c:8b:f5:
e2:2c:4d:08:cb:29:6e:35:eb:40:d4:10:ac:6e:4b:
50:72:4a:68:44:d5:e3:29:72:bb:f9:12:1b:7e:bd:
38:96:74:07:7f:a3:60:f5:47:12:97:00:1a:05:f9:
1a:14:85:d6:c7:e5:0d:4f:5a:98:b1:be:d0:7a:b6:
1d:b5:c2:49:92:df:93:f8:01:83:88:5b:b2:f8:71:
86:36:16:9c:04:a6:47:63:d7:24:ee:25:d9:9f:68:
b6:aa:5e:e8:d4:b3:4c:40:75:d3:23:79:fc:90:89:
4d:c3:ab:78:75:35:60:c5:2f:17:e5:51:a0:53:e9:
fe:ba:0f:29:4a:b4:34:07:c8:51:11:8d:f2:59:56:
d4:73:2c:e5:99:b4:8f:05:4e:ea:99:63:9f:b6:89:
0f:36:9b:00:32:a6:68:45:74:b5:2e:76:01:7b:42:
27:57:5b:b7:bd:42:65:3f:55:fc:4d:5b:3c:d0:02:
f9:a8:02:41:91:6b:b8:17:d8:89:f7:91:99:5b:ae:
a2:ba:69:8a:91:ec:72:6f:52:64:d7:40:3a:58:b3:
99:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:F3:2D:DC:9A:E3:9F:4D:8B:89:D9:77:57:09:87:46:C7:F9:EC:F9
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/FfMt3Jrjn02Lidl3VwmHRsf57Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.158.0/24
85.117.240.0/24
192.144.33.0/24
193.38.249.0/24
IPv6:
2a09:ff00:8000::/36
Signature Algorithm: sha256WithRSAEncryption
05:f2:4a:74:2e:ba:a2:71:19:85:7f:ae:9a:08:97:86:6d:e0:
33:38:29:73:d7:83:9d:bf:f4:6c:4a:a8:3d:26:85:f5:67:3e:
19:50:ba:8e:fb:1f:1a:9a:69:8e:6d:2e:9d:cf:19:be:9e:9a:
e6:32:48:76:f5:be:95:e7:a4:32:2b:00:f1:3c:24:f9:27:d3:
2b:78:cd:f6:7f:ba:65:ea:94:4f:e8:23:52:83:f3:b5:36:5e:
9a:69:1e:65:43:f2:a6:0f:67:85:75:89:80:04:f2:d2:23:5f:
2b:92:73:b3:35:64:ce:29:e6:c8:82:8c:06:30:42:17:bc:ed:
2f:9a:6c:44:39:24:64:cc:a2:df:11:e0:cd:0d:a6:05:74:7e:
f1:ac:99:97:2c:ff:00:e8:6b:ea:d1:d3:b2:75:09:53:3e:fc:
9a:6a:4b:66:54:dc:99:09:af:30:d0:54:f0:68:97:32:87:be:
44:fe:a7:2e:7b:5e:f7:43:28:3f:9e:c8:0c:62:5a:a1:8d:09:
b7:bc:6f:a0:43:17:3f:93:6a:f9:dd:9f:1e:79:ab:f7:ac:bf:
05:db:fb:ac:02:44:0f:5b:fe:d6:62:aa:84:13:d8:bc:88:30:
27:fa:5d:81:ca:aa:ff:63:bb:1f:b8:34:9a:b5:fb:24:4a:9b:
2f:7c:5b:ec
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY8/3eDjnfgT6ryGLzKQq/clMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwNTAzMTkxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWYzMmRkYzlhZTM5ZjRkOGI4OWQ5Nzc1NzA5ODc0NmM3ZjllY2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4p+ZUHuXSo2U2Xg8hPK7qnPk5UMa
EDphnvIs/mX8kDe515TrCYzdaW18i/XiLE0IyyluNetA1BCsbktQckpoRNXjKXK7
+RIbfr04lnQHf6Ng9UcSlwAaBfkaFIXWx+UNT1qYsb7QerYdtcJJkt+T+AGDiFuy
+HGGNhacBKZHY9ck7iXZn2i2ql7o1LNMQHXTI3n8kIlNw6t4dTVgxS8X5VGgU+n+
ug8pSrQ0B8hREY3yWVbUcyzlmbSPBU7qmWOftokPNpsAMqZoRXS1LnYBe0InV1u3
vUJlP1X8TVs80AL5qAJBkWu4F9iJ95GZW66iummKkexyb1Jk10A6WLOZuwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBXzLdya459Ni4nZd1cJh0bH+ez5MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvRmZNdDNKcmpuMDJMaWRsM1Z3bUhSc2Y1N1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQALVaeAwQA
VXXwAwQAwJAhAwQAwSb5MA4EAgACMAgDBgQqCf8AgDANBgkqhkiG9w0BAQsFAAOC
AQEABfJKdC66onEZhX+umgiXhm3gMzgpc9eDnb/0bEqoPSaF9Wc+GVC6jvsfGppp
jm0unc8Zvp6a5jJIdvW+leekMisA8Twk+SfTK3jN9n+6ZeqUT+gjUoPztTZemmke
ZUPypg9nhXWJgATy0iNfK5JzszVkzinmyIKMBjBCF7ztL5psRDkkZMyi3xHgzQ2m
BXR+8ayZlyz/AOhr6tHTsnUJUz78mmpLZlTcmQmvMNBU8GiXMoe+RP6nLnte90Mo
P57IDGJaoY0Jt7xvoEMXP5Nq+d2fHnmr96y/Bdv7rAJED1v+1mKqhBPYvIgwJ/pd
gcqq/2O7H7g0mrX7JEqbL3xb7A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:19 2025 by rpki-client