Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/FIplCbS7i8NM0cSo8hAGismnqcs.roa
File: FIplCbS7i8NM0cSo8hAGismnqcs.roa (raw, json)
Hash identifier: mXxzu5IFt6FiPg7wKBK83wX5IG2WdM+MvKbliHATmF4=
Subject key identifier: 14:8A:65:09:B4:BB:8B:C3:4C:D1:C4:A8:F2:10:06:8A:C9:A7:A9:CB
Certificate issuer: /CN=3f3f554b80281dea2a300318aaad6d2d97f1ce44
Certificate serial: 0194610B8132B099D040846B6244CBE74454
Authority key identifier: 3F:3F:55:4B:80:28:1D:EA:2A:30:03:18:AA:AD:6D:2D:97:F1:CE:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pz9VS4AoHeoqMAMYqq1tLZfxzkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/FIplCbS7i8NM0cSo8hAGismnqcs.roa
Signing time: Mon 13 Jan 2025 19:02:11 +0000
ROA not before: Mon 13 Jan 2025 19:02:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.224.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 19:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:61:0b:81:32:b0:99:d0:40:84:6b:62:44:cb:e7:44:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f3f554b80281dea2a300318aaad6d2d97f1ce44
Validity
Not Before: Jan 13 19:02:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=148a6509b4bb8bc34cd1c4a8f210068ac9a7a9cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1a:55:98:3d:a7:c8:cf:e1:dd:ae:f6:2d:1b:
05:17:86:25:f7:4f:ba:91:d3:d7:c0:a6:38:f8:09:
0c:a8:2c:d3:1d:4e:87:57:97:50:53:a8:04:b4:c1:
6f:4e:e9:71:7b:58:64:02:13:fa:bb:a5:32:a3:bc:
7d:e7:78:61:65:54:eb:48:a0:35:a3:b1:8c:50:c3:
dd:a7:eb:d4:61:1e:a1:f2:1a:72:1c:8b:bb:11:89:
84:68:a4:a8:15:e7:67:64:0e:7d:69:ee:60:e9:ea:
0c:95:a3:f2:aa:b1:22:29:bf:ff:5f:36:bf:f8:a4:
32:ef:17:4f:19:d2:fc:98:a9:29:a4:8a:96:15:3f:
d4:82:3f:49:3c:27:6a:94:ef:b0:44:80:21:f9:2b:
b5:a8:07:37:ff:31:f6:df:ae:9f:77:16:6f:94:62:
da:6c:24:0d:a1:06:27:d9:2d:5e:c7:27:37:44:6f:
8b:ba:ca:36:a3:18:a3:2e:f7:d5:99:65:2a:c8:7f:
13:85:4f:98:e3:ce:24:22:cc:85:e9:ca:eb:49:87:
af:c6:66:4d:3a:7e:3e:15:08:f1:99:58:bc:3d:02:
4c:9c:61:ba:ca:75:67:c1:c0:01:9d:67:b0:58:d5:
c5:24:68:84:dd:a8:74:bc:9f:91:de:29:8a:e4:63:
b5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:8A:65:09:B4:BB:8B:C3:4C:D1:C4:A8:F2:10:06:8A:C9:A7:A9:CB
X509v3 Authority Key Identifier:
keyid:3F:3F:55:4B:80:28:1D:EA:2A:30:03:18:AA:AD:6D:2D:97:F1:CE:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pz9VS4AoHeoqMAMYqq1tLZfxzkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/FIplCbS7i8NM0cSo8hAGismnqcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/Pz9VS4AoHeoqMAMYqq1tLZfxzkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.0.0/24
Signature Algorithm: sha256WithRSAEncryption
36:a2:20:b9:ae:db:b1:75:86:80:fd:60:2f:74:37:27:58:cc:
6a:6f:a0:d4:c1:aa:ac:e4:6b:ec:ea:ed:c5:3d:f0:30:c7:9f:
4c:50:f1:67:e8:2c:94:61:ed:27:8a:33:5f:b7:6d:8e:af:e3:
df:ac:33:3b:77:b2:b6:d2:31:61:46:ac:8a:4e:2e:be:29:e2:
bd:1b:4b:66:86:01:b4:9a:9d:6f:f3:c8:4e:11:c1:23:02:51:
0a:99:e3:f0:1f:3f:32:d8:59:a6:15:58:c9:28:2e:f6:da:8c:
c4:fb:cf:db:ed:29:61:3b:6e:d6:32:51:cb:63:cc:de:52:eb:
41:c8:58:e7:c0:10:83:7c:40:9e:c5:bd:c9:c5:a9:81:4c:9d:
c9:a5:0e:fa:3c:4f:07:48:45:e7:c9:b3:4a:b8:c3:7f:7f:06:
2f:d5:04:80:db:47:5d:b4:22:41:b9:af:01:97:20:5c:88:06:
d4:99:b9:ea:a8:c3:f4:5d:b4:31:18:d3:3c:ce:ba:f7:12:23:
4f:3f:0a:43:63:6f:e7:aa:08:f9:35:99:e2:f4:01:2d:3f:3c:
b3:8a:d7:15:52:45:f5:0b:2c:a8:b8:a8:2a:57:0f:e7:54:72:
22:63:a8:b5:db:dd:83:d8:fe:e9:55:ce:85:43:6c:c4:2b:bf:
6e:95:a7:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRhC4EysJnQQIRrYkTL50RUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmM2Y1NTRiODAyODFkZWEyYTMwMDMxOGFhYWQ2ZDJkOTdm
MWNlNDQwHhcNMjUwMTEzMTkwMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDhhNjUwOWI0YmI4YmMzNGNkMWM0YThmMjEwMDY4YWM5YTdhOWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BpVmD2nyM/h3a72LRsFF4Yl90+6
kdPXwKY4+AkMqCzTHU6HV5dQU6gEtMFvTulxe1hkAhP6u6Uyo7x953hhZVTrSKA1
o7GMUMPdp+vUYR6h8hpyHIu7EYmEaKSoFednZA59ae5g6eoMlaPyqrEiKb//Xza/
+KQy7xdPGdL8mKkppIqWFT/Ugj9JPCdqlO+wRIAh+Su1qAc3/zH2366fdxZvlGLa
bCQNoQYn2S1exyc3RG+Luso2oxijLvfVmWUqyH8ThU+Y484kIsyF6crrSYevxmZN
On4+FQjxmVi8PQJMnGG6ynVnwcABnWewWNXFJGiE3ah0vJ+R3imK5GO1SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBSKZQm0u4vDTNHEqPIQBorJp6nLMB8GA1UdIwQY
MBaAFD8/VUuAKB3qKjADGKqtbS2X8c5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHo5VlM0QW9IZW9xTUFNWXFxMXRMWmZ4emtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy83OGQ1MjgtN2NkZi00NGMwLWFjZGQt
ZjUzM2I4ZGY4MGE5LzEvRklwbENiUzdpOE5NMGNTbzhoQUdpc21ucWNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy83OGQ1MjgtN2NkZi00NGMwLWFjZGQtZjUzM2I4ZGY4MGE5
LzEvUHo5VlM0QW9IZW9xTUFNWXFxMXRMWmZ4emtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueAAMA0G
CSqGSIb3DQEBCwUAA4IBAQA2oiC5rtuxdYaA/WAvdDcnWMxqb6DUwaqs5Gvs6u3F
PfAwx59MUPFn6CyUYe0nijNft22Or+PfrDM7d7K20jFhRqyKTi6+KeK9G0tmhgG0
mp1v88hOEcEjAlEKmePwHz8y2FmmFVjJKC722ozE+8/b7SlhO27WMlHLY8zeUutB
yFjnwBCDfECexb3JxamBTJ3JpQ76PE8HSEXnybNKuMN/fwYv1QSA20ddtCJBua8B
lyBciAbUmbnqqMP0XbQxGNM8zrr3EiNPPwpDY2/nqgj5NZni9AEtPzyzitcVUkX1
CyyouKgqVw/nVHIiY6i1292D2P7pVc6FQ2zEK79ulafE
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:47:13 2025 by rpki-client