Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/Fml3E8qnaKnNxw3mML9HAMFiOO8.roa
File: Fml3E8qnaKnNxw3mML9HAMFiOO8.roa (raw, json)
Hash identifier: CbAIbu8XikS8+ev3u+WPVn/Dkhtd1DjeChO6HHglNDQ=
Subject key identifier: 16:69:77:13:CA:A7:68:A9:CD:C7:0D:E6:30:BF:47:00:C1:62:38:EF
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 01965DA9C9B4F332251D50792D64B4F09ED2
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/Fml3E8qnaKnNxw3mML9HAMFiOO8.roa
Signing time: Tue 22 Apr 2025 13:22:10 +0000
ROA not before: Tue 22 Apr 2025 13:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 147.185.196.0/24 maxlen: 24
193.168.202.0/24 maxlen: 24
207.244.197.0/24 maxlen: 24
207.244.198.0/24 maxlen: 24
207.244.208.0/24 maxlen: 24
207.244.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Apr 2025 11:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:a9:c9:b4:f3:32:25:1d:50:79:2d:64:b4:f0:9e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Apr 22 13:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16697713caa768a9cdc70de630bf4700c16238ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3d:21:64:93:3d:da:91:e9:eb:b7:31:c2:4b:
dc:e8:5b:bc:d3:74:1b:b9:45:78:6f:82:19:2a:c1:
c5:3c:1b:90:95:28:8f:cd:5c:5b:ca:64:c2:9c:11:
9e:70:5e:9a:11:72:21:ad:e4:84:43:fc:fd:18:db:
65:6d:2d:9f:42:59:c7:59:bf:d3:d2:78:5b:d0:95:
4a:54:f3:ea:69:c0:a3:f7:ae:11:84:b8:27:8b:15:
61:25:8b:f3:ae:67:3e:4b:ad:47:0a:b6:41:07:bf:
d1:d0:c4:c6:a3:63:e2:f1:b9:a6:30:18:50:87:72:
d7:c4:94:76:d0:86:f9:16:3a:11:08:e9:ad:43:78:
d2:2a:f7:a3:fe:96:d7:a3:20:ff:23:36:84:9f:3a:
b6:9d:8d:e4:97:cc:52:bf:2c:05:85:18:ec:a6:2a:
b9:7e:c1:00:45:32:95:c3:77:13:5b:6d:f7:8d:a9:
d0:81:2e:f4:c7:93:b3:e2:c8:07:28:cd:bc:97:e5:
81:06:d5:b0:c6:10:8e:fc:57:1b:e0:bf:f8:a7:13:
4a:6d:68:e2:57:dc:29:eb:38:e0:db:6d:fc:87:24:
a7:0e:12:8b:23:72:3c:9b:6a:4f:40:66:6a:22:1d:
97:5f:4a:5b:b9:21:3f:08:6e:7b:6a:0f:3a:f7:94:
02:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:69:77:13:CA:A7:68:A9:CD:C7:0D:E6:30:BF:47:00:C1:62:38:EF
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/Fml3E8qnaKnNxw3mML9HAMFiOO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.185.196.0/24
193.168.202.0/24
207.244.197.0-207.244.198.255
207.244.208.0/23
Signature Algorithm: sha256WithRSAEncryption
91:e3:88:bb:06:8c:43:8d:24:19:95:9c:66:c5:1a:ae:07:f8:
8a:b1:b4:90:9b:e5:5d:85:dc:51:22:db:08:b5:21:ec:51:ab:
9d:3c:71:6c:fa:a1:1a:7c:9b:8b:7f:1f:81:e9:ec:89:f1:7a:
85:4d:46:88:8f:6e:ef:3a:a5:a0:0b:01:76:73:3a:30:e7:e3:
01:6a:7d:85:05:44:30:55:98:db:f5:17:a2:d8:f5:7d:db:a8:
d8:0e:cc:1e:b3:d0:f2:89:4b:6e:bb:dd:c3:89:a5:68:00:22:
c9:b1:3f:29:5f:ca:d3:11:35:da:14:cc:41:9e:87:b7:17:28:
a3:0d:94:75:35:83:e2:a6:e5:98:1a:28:65:f7:88:4d:d4:6c:
b0:0c:12:4f:3c:90:5c:28:d4:f0:6c:0c:a8:7c:cf:28:59:46:
ad:1e:82:c9:8d:43:d1:de:e0:88:d2:ef:ab:fb:b6:c2:5b:82:
f7:87:91:cd:8d:b4:bd:6c:70:a6:2a:08:23:2a:85:51:51:99:
38:52:d2:4e:cc:ec:83:04:4b:2c:30:5f:40:5a:54:5f:30:5f:
b6:26:83:48:dc:65:24:30:b0:fc:ac:c0:65:7f:ab:a0:e7:2b:
aa:0c:82:35:e9:0d:15:1a:6e:98:37:a9:ac:de:f8:52:cd:22:
88:63:57:1b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZZdqcm08zIlHVB5LWS08J7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwNDIyMTMyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjY5NzcxM2NhYTc2OGE5Y2RjNzBkZTYzMGJmNDcwMGMxNjIzOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT0hZJM92pHp67cxwkvc6Fu803Qb
uUV4b4IZKsHFPBuQlSiPzVxbymTCnBGecF6aEXIhreSEQ/z9GNtlbS2fQlnHWb/T
0nhb0JVKVPPqacCj964RhLgnixVhJYvzrmc+S61HCrZBB7/R0MTGo2Pi8bmmMBhQ
h3LXxJR20Ib5FjoRCOmtQ3jSKvej/pbXoyD/IzaEnzq2nY3kl8xSvywFhRjspiq5
fsEARTKVw3cTW233janQgS70x5Oz4sgHKM28l+WBBtWwxhCO/Fcb4L/4pxNKbWji
V9wp6zjg2238hySnDhKLI3I8m2pPQGZqIh2XX0pbuSE/CG57ag8695QCRwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBZpdxPKp2ipzccN5jC/RwDBYjjvMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvRm1sM0U4cW5hS25OeHczbU1MOUhBTUZpT084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAk7nEAwQA
wajKMAwDBADP9MUDBADP9MYDBAHP9NAwDQYJKoZIhvcNAQELBQADggEBAJHjiLsG
jEONJBmVnGbFGq4H+IqxtJCb5V2F3FEi2wi1IexRq508cWz6oRp8m4t/H4Hp7Inx
eoVNRoiPbu86paALAXZzOjDn4wFqfYUFRDBVmNv1F6LY9X3bqNgOzB6z0PKJS267
3cOJpWgAIsmxPylfytMRNdoUzEGeh7cXKKMNlHU1g+Km5ZgaKGX3iE3UbLAMEk88
kFwo1PBsDKh8zyhZRq0egsmNQ9He4IjS76v7tsJbgveHkc2NtL1scKYqCCMqhVFR
mThS0k7M7IMESywwX0BaVF8wX7Ymg0jcZSQwsPyswGV/q6DnK6oMgjXpDRUabpg3
qaze+FLNIohjVxs=
-----END CERTIFICATE-----
Generated at Fri May 9 08:13:14 2025 by rpki-client