Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1c9dc7-78a5-4d8a-b185-fd606b06a01a/1/fMiTHKY_ARIMiKXGFPXvf8srK20.roa
File: fMiTHKY_ARIMiKXGFPXvf8srK20.roa (raw, json)
Hash identifier: E0sZHJ3JlnPhaauqRjjtfrDtyAcPuMwWHrZzyAyMOKM=
Subject key identifier: 7C:C8:93:1C:A6:3F:01:12:0C:88:A5:C6:14:F5:EF:7F:CB:2B:2B:6D
Certificate issuer: /CN=b7bc1adfbf362648fc635c3332f383bcbc01e774
Certificate serial: 018CC4246A53FE9C8ECBBEFDBC903D8DCCE4
Authority key identifier: B7:BC:1A:DF:BF:36:26:48:FC:63:5C:33:32:F3:83:BC:BC:01:E7:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t7wa3782Jkj8Y1wzMvODvLwB53Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1c9dc7-78a5-4d8a-b185-fd606b06a01a/1/fMiTHKY_ARIMiKXGFPXvf8srK20.roa
Signing time: Mon 01 Jan 2024 08:29:30 +0000
ROA not before: Mon 01 Jan 2024 08:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50572
IP address blocks: 37.49.240.0/20 maxlen: 20
91.211.169.0/24 maxlen: 24
91.211.170.0/23 maxlen: 23
91.211.168.0/24 maxlen: 24
109.205.216.0/21 maxlen: 21
185.5.20.0/22 maxlen: 22
2a02:1380::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:6a:53:fe:9c:8e:cb:be:fd:bc:90:3d:8d:cc:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7bc1adfbf362648fc635c3332f383bcbc01e774
Validity
Not Before: Jan 1 08:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cc8931ca63f01120c88a5c614f5ef7fcb2b2b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f8:38:15:ba:83:92:7d:1d:04:3b:78:d4:a9:
8b:19:17:5f:c1:ff:3c:47:6a:2e:01:ac:ec:ae:3b:
b7:7e:2c:a5:a6:68:30:ec:c6:38:e2:a9:99:33:b4:
43:bf:5b:27:d3:36:a8:33:fb:38:ff:c0:a7:9d:b2:
74:dd:2e:fa:31:51:7a:96:4e:3a:89:4e:32:6c:7d:
c7:d8:23:91:d5:4b:d5:d5:7c:0a:b3:ba:05:51:c2:
11:7f:e7:d0:0f:28:84:8f:7e:58:66:c5:61:1a:dc:
53:a6:8e:c8:60:82:3a:07:4c:10:db:79:3f:70:66:
c1:cd:df:a9:85:62:1c:25:a8:6f:5a:66:12:81:e1:
c6:e1:7a:30:87:c6:f4:56:4f:56:21:07:cc:fd:2f:
58:dd:3b:c4:8a:7a:ce:fe:7e:3a:74:b5:ee:a0:f6:
89:24:58:bd:c5:d0:00:52:e0:48:ef:a2:3a:44:90:
38:f7:c8:66:a3:90:25:a5:ec:56:5a:ea:b9:0f:15:
c0:62:ec:4e:d8:2d:b4:cd:f1:5b:28:7a:cb:38:55:
85:55:a2:02:32:c2:18:73:3f:f7:33:30:44:35:e5:
d0:49:ac:d6:9d:5d:85:18:bc:9b:8f:3c:ad:55:50:
f1:ef:b9:1f:9b:6d:6b:fb:5f:f0:b8:cd:39:14:b1:
95:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C8:93:1C:A6:3F:01:12:0C:88:A5:C6:14:F5:EF:7F:CB:2B:2B:6D
X509v3 Authority Key Identifier:
keyid:B7:BC:1A:DF:BF:36:26:48:FC:63:5C:33:32:F3:83:BC:BC:01:E7:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t7wa3782Jkj8Y1wzMvODvLwB53Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1c9dc7-78a5-4d8a-b185-fd606b06a01a/1/fMiTHKY_ARIMiKXGFPXvf8srK20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1c9dc7-78a5-4d8a-b185-fd606b06a01a/1/t7wa3782Jkj8Y1wzMvODvLwB53Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.240.0/20
91.211.168.0/22
109.205.216.0/21
185.5.20.0/22
IPv6:
2a02:1380::/32
Signature Algorithm: sha256WithRSAEncryption
05:a0:cf:d1:80:e6:81:bb:5c:4d:df:57:30:c9:51:a6:dd:85:
ec:2d:88:19:03:73:29:fe:f6:39:d0:0f:32:bb:93:1f:2e:40:
d0:df:ae:bb:a2:85:6a:37:49:70:a6:ec:c1:78:a7:ed:32:32:
7d:50:34:83:ec:f3:44:fe:73:b5:b3:de:e9:8a:56:48:25:1b:
01:56:de:76:63:2d:1b:10:7b:72:64:3b:f7:db:36:b5:41:c7:
ee:a4:24:ed:e8:82:28:23:2c:d9:92:5d:a7:36:8a:cf:db:30:
8c:cb:3b:c2:97:6c:5c:39:46:c2:0d:d8:7f:8d:c5:a0:2c:f7:
fd:d5:1f:3c:ff:94:45:22:30:ea:74:93:b5:51:e5:ad:bb:2d:
10:27:01:91:d3:e1:f5:66:5c:78:f7:b4:ff:d5:a6:cc:fc:4c:
29:3d:c1:de:fe:04:85:95:e7:ca:63:7a:23:43:00:f7:d8:e7:
44:4b:84:23:10:86:31:b9:77:63:fe:4b:de:0a:6d:80:b1:2d:
d5:83:60:f7:51:b7:39:83:62:22:3e:60:b7:be:1d:5c:50:d4:
70:4c:7f:6d:35:9d:6f:10:5a:6b:4d:86:d8:e5:cd:d9:2f:8d:
57:a8:88:1c:07:31:5a:d2:05:33:40:6f:b7:5b:9b:8d:ce:87:
f7:fd:ea:9e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEJGpT/pyOy779vJA9jczkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YmMxYWRmYmYzNjI2NDhmYzYzNWMzMzMyZjM4M2JjYmMw
MWU3NzQwHhcNMjQwMTAxMDgyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M4OTMxY2E2M2YwMTEyMGM4OGE1YzYxNGY1ZWY3ZmNiMmIyYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvg4FbqDkn0dBDt41KmLGRdfwf88
R2ouAazsrju3fiylpmgw7MY44qmZM7RDv1sn0zaoM/s4/8CnnbJ03S76MVF6lk46
iU4ybH3H2COR1UvV1XwKs7oFUcIRf+fQDyiEj35YZsVhGtxTpo7IYII6B0wQ23k/
cGbBzd+phWIcJahvWmYSgeHG4Xowh8b0Vk9WIQfM/S9Y3TvEinrO/n46dLXuoPaJ
JFi9xdAAUuBI76I6RJA498hmo5AlpexWWuq5DxXAYuxO2C20zfFbKHrLOFWFVaIC
MsIYcz/3MzBENeXQSazWnV2FGLybjzytVVDx77kfm21r+1/wuM05FLGVPQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHzIkxymPwESDIilxhT173/LKyttMB8GA1UdIwQY
MBaAFLe8Gt+/NiZI/GNcMzLzg7y8Aed0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDd3YTM3ODJKa2o4WTF3ek12T0R2THdCNTNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xYzlkYzctNzhhNS00ZDhhLWIxODUt
ZmQ2MDZiMDZhMDFhLzEvZk1pVEhLWV9BUklNaUtYR0ZQWHZmOHNySzIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xYzlkYzctNzhhNS00ZDhhLWIxODUtZmQ2MDZiMDZhMDFh
LzEvdDd3YTM3ODJKa2o4WTF3ek12T0R2THdCNTNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEJTHwAwQC
W9OoAwQDbc3YAwQCuQUUMA0EAgACMAcDBQAqAhOAMA0GCSqGSIb3DQEBCwUAA4IB
AQAFoM/RgOaBu1xN31cwyVGm3YXsLYgZA3Mp/vY50A8yu5MfLkDQ3667ooVqN0lw
puzBeKftMjJ9UDSD7PNE/nO1s97pilZIJRsBVt52Yy0bEHtyZDv32za1QcfupCTt
6IIoIyzZkl2nNorP2zCMyzvCl2xcOUbCDdh/jcWgLPf91R88/5RFIjDqdJO1UeWt
uy0QJwGR0+H1Zlx497T/1abM/EwpPcHe/gSFlefKY3ojQwD32OdES4QjEIYxuXdj
/kveCm2AsS3Vg2D3Ubc5g2IiPmC3vh1cUNRwTH9tNZ1vEFprTYbY5c3ZL41XqIgc
BzFa0gUzQG+3W5uNzof3/eqe
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:03:02 2025 by rpki-client