Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/FjPWnPWL-8fPUp7FDnfRvT6E_HQ.roa
File: FjPWnPWL-8fPUp7FDnfRvT6E_HQ.roa (raw, json)
Hash identifier: qNH/NPxAdOd5tHkzDdaSYXMMJp0rDCty1xPvXxau3dI=
Subject key identifier: 16:33:D6:9C:F5:8B:FB:C7:CF:52:9E:C5:0E:77:D1:BD:3E:84:FC:74
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AEE3F201D5D6AF01D89863E6EE66EF
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/FjPWnPWL-8fPUp7FDnfRvT6E_HQ.roa
Signing time: Tue 26 Nov 2024 13:35:12 +0000
ROA not before: Tue 26 Nov 2024 13:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36619
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:ae:e3:f2:01:d5:d6:af:01:d8:98:63:e6:ee:66:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1633d69cf58bfbc7cf529ec50e77d1bd3e84fc74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0b:74:a5:70:79:4d:da:52:68:72:6c:b8:ab:
3b:b9:d2:87:ce:0e:89:45:d1:63:a6:18:49:ee:bc:
9d:4d:a1:67:23:fa:2d:00:60:5c:30:e1:39:7c:8b:
b2:b6:59:f3:8e:3c:e3:5d:05:d8:e0:55:ab:a4:80:
82:0c:fd:48:cf:3c:e4:f4:e0:61:e2:11:ca:99:f6:
21:b6:e7:d1:2c:2e:b8:a9:4a:1b:57:56:db:07:bf:
8b:54:f4:ba:84:b1:3b:80:76:ca:1f:5e:ba:fd:33:
41:6e:04:f2:5c:e8:05:36:d0:c3:89:f1:2d:b1:2f:
46:0e:37:f3:0d:4e:cc:b3:6e:3a:9f:6c:71:79:e1:
0c:cd:02:64:3e:f1:e7:f8:22:3e:ef:a0:b8:02:46:
a6:64:4e:62:20:1b:56:3a:ec:e3:27:08:b1:e3:8f:
9b:74:1f:b7:6f:87:3e:89:57:6b:be:10:b2:d4:53:
d4:c9:2b:60:31:82:cc:31:0c:62:65:5b:59:d6:42:
22:b7:4b:af:6c:a2:70:91:70:8d:9e:93:2b:d1:02:
7b:d1:f7:eb:2d:e9:1a:03:c1:0c:b0:e6:b2:c9:bc:
c3:e0:23:21:e6:c6:b8:ff:ec:88:38:f0:24:2e:f1:
86:78:f1:ac:76:64:0e:e0:78:ba:8f:75:49:58:36:
95:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:33:D6:9C:F5:8B:FB:C7:CF:52:9E:C5:0E:77:D1:BD:3E:84:FC:74
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/FjPWnPWL-8fPUp7FDnfRvT6E_HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
42:79:29:81:2e:08:e2:c6:fc:c1:aa:6e:04:89:28:95:74:d8:
12:7a:ae:db:37:80:8a:08:00:17:b2:a8:de:d1:ed:10:4d:73:
f5:7a:77:f0:94:f3:89:a8:ec:92:f5:3f:24:7e:e6:82:e7:43:
7e:27:68:28:4e:cd:61:f1:7f:ef:f0:ba:61:df:b9:84:d2:a2:
22:28:db:83:4c:45:0e:37:59:67:94:68:e5:17:5b:33:87:79:
7d:7a:14:2f:00:07:79:09:15:88:62:ae:02:7d:c6:f1:80:5c:
af:15:0c:81:4f:af:04:49:63:dc:80:50:45:ab:52:26:51:46:
b7:66:80:70:5d:34:9d:36:c8:ea:37:df:86:81:4f:ef:7c:8a:
d7:0a:95:17:6d:bc:69:e0:46:68:12:d0:5c:83:d6:ff:33:2f:
be:3f:69:14:88:a6:8d:d8:12:58:7f:9e:82:5d:13:3c:51:7a:
a8:98:aa:83:b9:7f:98:45:dc:d2:08:2b:52:9f:5d:0b:ac:f0:
c9:71:a7:e6:78:6e:e5:22:80:17:8a:b2:55:fa:23:f0:6d:b7:
e8:de:71:ef:ce:f4:35:cb:fe:1b:3e:b7:bb:e2:e0:58:72:8a:
c1:d4:92:cf:91:95:ef:6c:72:48:8a:fd:35:40:30:88:5b:8a:
41:f5:7d:6c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNoruPyAdXWrwHYmGPm7mbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjMzZDY5Y2Y1OGJmYmM3Y2Y1MjllYzUwZTc3ZDFiZDNlODRmYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwt0pXB5TdpSaHJsuKs7udKHzg6J
RdFjphhJ7rydTaFnI/otAGBcMOE5fIuytlnzjjzjXQXY4FWrpICCDP1Izzzk9OBh
4hHKmfYhtufRLC64qUobV1bbB7+LVPS6hLE7gHbKH166/TNBbgTyXOgFNtDDifEt
sS9GDjfzDU7Ms246n2xxeeEMzQJkPvHn+CI+76C4AkamZE5iIBtWOuzjJwix44+b
dB+3b4c+iVdrvhCy1FPUyStgMYLMMQxiZVtZ1kIit0uvbKJwkXCNnpMr0QJ70ffr
LekaA8EMsOayybzD4CMh5sa4/+yIOPAkLvGGePGsdmQO4Hi6j3VJWDaVBwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBYz1pz1i/vHz1KexQ530b0+hPx0MB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvRmpQV25QV0wtOGZQVXA3RkRuZlJ2VDZFX0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAEJ5KYEuCOLG/MGqbgSJKJV02BJ6rts3
gIoIABeyqN7R7RBNc/V6d/CU84mo7JL1PyR+5oLnQ34naChOzWHxf+/wumHfuYTS
oiIo24NMRQ43WWeUaOUXWzOHeX16FC8AB3kJFYhirgJ9xvGAXK8VDIFPrwRJY9yA
UEWrUiZRRrdmgHBdNJ02yOo334aBT+98itcKlRdtvGngRmgS0FyD1v8zL74/aRSI
po3YElh/noJdEzxReqiYqoO5f5hF3NIIK1KfXQus8Mlxp+Z4buUigBeKslX6I/Bt
t+jece/O9DXL/hs+t7vi4FhyisHUks+Rle9sckiK/TVAMIhbikH1fWw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:52 2025 by rpki-client