Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/P6fqv7_sVYSl0jWcDYZnBV4fDlQ.roa
File: P6fqv7_sVYSl0jWcDYZnBV4fDlQ.roa (raw, json)
Hash identifier: Mg1qSvqwajUHyiJxYpwmDpolSTeN2XDNnJtT1EB+tkA=
Subject key identifier: 3F:A7:EA:BF:BF:EC:55:84:A5:D2:35:9C:0D:86:67:05:5E:1F:0E:54
Certificate issuer: /CN=a757f87f86e93b25ef4c0433664bbe72da98fbfe
Certificate serial: 01907D5B1171C93CEFAA31B23A9FA9A67328
Authority key identifier: A7:57:F8:7F:86:E9:3B:25:EF:4C:04:33:66:4B:BE:72:DA:98:FB:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p1f4f4bpOyXvTAQzZku-ctqY-_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/P6fqv7_sVYSl0jWcDYZnBV4fDlQ.roa
Signing time: Thu 04 Jul 2024 10:47:18 +0000
ROA not before: Thu 04 Jul 2024 10:47:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24806
IP address blocks: 81.2.192.0/18 maxlen: 32
185.28.100.0/22 maxlen: 32
185.129.136.0/22 maxlen: 32
195.181.208.0/20 maxlen: 32
2001:15e8::/32 maxlen: 128
Validation: Failed, certificate revoked on Thu 04 Jul 2024 10:51:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:5b:11:71:c9:3c:ef:aa:31:b2:3a:9f:a9:a6:73:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a757f87f86e93b25ef4c0433664bbe72da98fbfe
Validity
Not Before: Jul 4 10:47:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fa7eabfbfec5584a5d2359c0d8667055e1f0e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:89:06:71:ac:8e:bd:2b:ad:28:70:ec:b7:0e:
4e:71:b1:fe:13:cf:6d:9c:4c:c0:72:5b:83:a4:10:
e5:09:1a:d2:f8:40:87:1b:42:e6:cd:16:d8:b8:e7:
92:b0:87:43:d3:1e:7c:c1:3a:63:00:25:92:90:8c:
e8:4a:37:d0:2e:f5:4a:97:41:08:bb:6b:78:21:39:
86:2f:a9:ee:29:6c:19:11:8f:1a:7d:7d:d4:c7:b4:
e7:bd:15:d8:1f:ee:48:05:ef:f6:a2:78:ce:28:8e:
e1:e7:8f:e4:c1:d0:fb:b9:b3:49:ec:8d:99:83:13:
57:f8:18:bd:8f:92:24:11:b4:ff:2d:2a:57:3c:63:
44:da:75:a8:bd:c5:f8:ab:0a:2d:9e:8e:8b:64:6e:
e3:8d:b3:c2:80:93:63:2e:d9:01:d0:51:fd:3b:fd:
16:fd:5b:67:ff:16:63:1b:61:6e:c1:f2:f8:88:27:
0b:db:5d:4a:d9:e4:36:03:0d:92:f4:ad:00:2d:91:
bf:d2:62:d2:84:3a:90:46:a9:74:15:01:18:4f:3e:
fd:d4:4c:28:9d:5d:d7:e5:e0:f7:10:d8:44:bf:7d:
61:eb:c0:27:6a:26:d9:5e:21:20:d3:53:bd:30:6a:
a5:46:73:f3:dc:f3:e0:40:22:f0:16:ca:34:69:d3:
d0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A7:EA:BF:BF:EC:55:84:A5:D2:35:9C:0D:86:67:05:5E:1F:0E:54
X509v3 Authority Key Identifier:
keyid:A7:57:F8:7F:86:E9:3B:25:EF:4C:04:33:66:4B:BE:72:DA:98:FB:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p1f4f4bpOyXvTAQzZku-ctqY-_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/P6fqv7_sVYSl0jWcDYZnBV4fDlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/p1f4f4bpOyXvTAQzZku-ctqY-_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.2.192.0/18
185.28.100.0/22
185.129.136.0/22
195.181.208.0/20
IPv6:
2001:15e8::/32
Signature Algorithm: sha256WithRSAEncryption
5a:d1:a3:31:1f:8f:09:9d:27:ee:5c:7a:32:44:6b:8c:f9:b9:
8d:26:53:39:f9:b9:30:cd:62:94:51:94:8f:64:70:79:eb:95:
93:42:37:b8:c3:2d:b1:62:cc:b8:e9:a0:b7:2d:fc:4c:f4:0d:
46:f1:1a:92:9f:c4:65:66:e4:8b:53:01:9b:5e:0c:fe:0a:16:
7c:f3:83:82:1c:c6:39:ab:1b:14:d9:28:9d:0a:2e:bc:87:29:
d2:47:9d:03:5e:a4:2e:68:88:d2:16:5f:ff:f4:9b:18:8c:42:
2a:09:53:57:96:83:af:93:66:5a:9a:8a:44:5e:b8:1b:a7:d3:
2c:67:19:82:34:92:82:9c:ea:32:4a:9e:59:8d:a5:ea:68:2f:
81:a8:c6:48:fa:11:79:72:d8:c3:02:7c:80:3e:02:ad:a6:b1:
99:f8:ed:7c:fb:60:06:fe:ea:8d:d3:f3:96:61:4a:42:cc:bc:
8c:c0:1a:2b:35:6b:a2:fc:d3:7f:94:15:db:84:23:04:0e:72:
90:1a:ad:fd:d4:12:31:8c:b5:0d:b6:3b:78:23:c7:41:de:fe:
a6:a3:1f:00:0b:63:63:04:b1:3c:61:f0:ab:f7:06:b0:c1:3f:
8c:25:96:14:d4:cf:cc:ec:9c:3c:7e:79:16:e6:f0:f4:10:cb:
72:2a:19:0b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZB9WxFxyTzvqjGyOp+ppnMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NTdmODdmODZlOTNiMjVlZjRjMDQzMzY2NGJiZTcyZGE5
OGZiZmUwHhcNMjQwNzA0MTA0NzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmE3ZWFiZmJmZWM1NTg0YTVkMjM1OWMwZDg2NjcwNTVlMWYwZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYkGcayOvSutKHDstw5OcbH+E89t
nEzAcluDpBDlCRrS+ECHG0LmzRbYuOeSsIdD0x58wTpjACWSkIzoSjfQLvVKl0EI
u2t4ITmGL6nuKWwZEY8afX3Ux7TnvRXYH+5IBe/2onjOKI7h54/kwdD7ubNJ7I2Z
gxNX+Bi9j5IkEbT/LSpXPGNE2nWovcX4qwotno6LZG7jjbPCgJNjLtkB0FH9O/0W
/Vtn/xZjG2FuwfL4iCcL211K2eQ2Aw2S9K0ALZG/0mLShDqQRql0FQEYTz791Ewo
nV3X5eD3ENhEv31h68AnaibZXiEg01O9MGqlRnPz3PPgQCLwFso0adPQKwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFD+n6r+/7FWEpdI1nA2GZwVeHw5UMB8GA1UdIwQY
MBaAFKdX+H+G6Tsl70wEM2ZLvnLamPv+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDFmNGY0YnBPeVh2VEFRelprdS1jdHFZLV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy84NmU0MGMtMTU2My00MGVhLThmNGUt
YTE3ODMzMjUzM2UwLzEvUDZmcXY3X3NWWVNsMGpXY0RZWm5CVjRmRGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy84NmU0MGMtMTU2My00MGVhLThmNGUtYTE3ODMzMjUzM2Uw
LzEvcDFmNGY0YnBPeVh2VEFRelprdS1jdHFZLV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGUQLAAwQC
uRxkAwQCuYGIAwQEw7XQMA0EAgACMAcDBQAgARXoMA0GCSqGSIb3DQEBCwUAA4IB
AQBa0aMxH48JnSfuXHoyRGuM+bmNJlM5+bkwzWKUUZSPZHB565WTQje4wy2xYsy4
6aC3LfxM9A1G8RqSn8RlZuSLUwGbXgz+ChZ884OCHMY5qxsU2SidCi68hynSR50D
XqQuaIjSFl//9JsYjEIqCVNXloOvk2ZamopEXrgbp9MsZxmCNJKCnOoySp5ZjaXq
aC+BqMZI+hF5ctjDAnyAPgKtprGZ+O18+2AG/uqN0/OWYUpCzLyMwBorNWui/NN/
lBXbhCMEDnKQGq391BIxjLUNtjt4I8dB3v6mox8AC2NjBLE8YfCr9wawwT+MJZYU
1M/M7Jw8fnkW5vD0EMtyKhkL
-----END CERTIFICATE-----
Generated at Mon May 12 02:13:29 2025 by rpki-client