Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/fT_CFO0vgfh4ogrNC_3bGWS4l0E.roa
File: fT_CFO0vgfh4ogrNC_3bGWS4l0E.roa (raw, json)
Hash identifier: LP8Xji/7hrU+mU8sQ1zP989XLlbLp4Hu9DJILd8vEn8=
Subject key identifier: 7D:3F:C2:14:ED:2F:81:F8:78:A2:0A:CD:0B:FD:DB:19:64:B8:97:41
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018DF861155B872F0B02CAC7E56F4BD7B11F
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/fT_CFO0vgfh4ogrNC_3bGWS4l0E.roa
Signing time: Fri 01 Mar 2024 04:58:48 +0000
ROA not before: Fri 01 Mar 2024 04:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7026
IP address blocks: 176.46.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 04:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f8:61:15:5b:87:2f:0b:02:ca:c7:e5:6f:4b:d7:b1:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Mar 1 04:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d3fc214ed2f81f878a20acd0bfddb1964b89741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0e:d6:4d:64:6e:fc:ba:18:3a:3e:05:5d:1f:
77:ec:1b:18:d7:24:49:3f:a8:a9:1a:af:b3:13:fd:
43:88:89:91:50:bf:84:67:78:2b:da:a5:c1:fb:79:
5c:c0:be:39:3a:8e:a8:91:84:6a:3d:e6:d5:9f:6c:
ee:97:6c:d9:50:18:06:57:2d:50:46:54:47:af:27:
3c:ff:68:36:7a:b6:f2:ca:70:a9:9e:82:71:75:03:
2d:36:b3:d8:fb:81:ad:9b:c4:7b:d1:f1:59:0e:22:
60:ff:d3:af:4f:8c:ca:df:17:0a:de:3c:c4:f3:9b:
49:aa:6c:b7:b8:af:21:f8:76:dc:3a:ea:6c:85:be:
45:9a:11:80:64:ee:6e:97:07:b5:87:8d:4a:de:8b:
84:c3:99:bb:d3:a8:45:36:f1:dc:dc:7a:eb:ba:1a:
6c:e5:b1:c1:c0:9b:38:86:5f:4d:38:8d:73:02:2b:
82:7b:cb:4d:7c:d4:6a:fd:6a:6d:5a:cf:52:e7:cf:
c7:17:4a:37:75:37:dd:89:3e:76:3a:a3:c9:fd:61:
22:05:da:9d:93:23:2c:3a:45:7b:08:be:28:1b:71:
43:bf:7b:11:fe:f0:41:8b:af:3f:1d:25:f3:f3:2e:
70:b7:6d:27:9c:40:08:16:9f:44:3e:13:78:cd:a5:
b4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:3F:C2:14:ED:2F:81:F8:78:A2:0A:CD:0B:FD:DB:19:64:B8:97:41
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/fT_CFO0vgfh4ogrNC_3bGWS4l0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.46.159.0/24
Signature Algorithm: sha256WithRSAEncryption
58:e5:d3:6c:d5:be:3b:20:00:b0:dc:90:48:bc:6e:6a:27:58:
eb:e8:40:48:81:51:79:7a:88:f5:01:50:81:54:a2:94:53:be:
02:2c:30:4f:cd:61:14:06:38:da:bf:44:7b:40:4e:4c:bd:b8:
3f:87:2e:a9:fd:28:69:72:04:26:e0:01:76:fc:a5:00:60:8d:
9f:11:6a:d1:3c:39:59:85:98:93:94:ce:3e:1c:c1:1c:9b:2e:
5e:f3:35:97:06:d1:b2:ca:be:97:a9:3f:23:7e:4a:d8:b0:44:
c4:42:ef:7d:42:83:26:bb:f6:12:f3:c4:c3:cd:a1:f1:6f:09:
ed:49:cd:94:16:59:f7:f7:79:a7:2b:af:4e:6d:fa:27:17:db:
f1:7c:67:7a:71:80:97:77:26:26:9e:72:ed:e2:4c:fc:5b:ec:
93:97:ef:f3:21:4e:34:7f:a0:5e:1a:ea:bf:9e:f7:3c:c4:61:
75:97:0c:36:af:d3:3a:46:be:9f:2b:51:f7:a1:60:87:97:01:
8e:98:91:3f:61:cf:d4:2c:5c:c6:be:f8:14:5d:9a:e9:50:23:
1d:02:c7:a8:12:49:a2:db:e3:98:f6:74:6b:4e:b0:bf:a8:06:
92:c4:b0:93:f5:51:78:dd:cb:87:ec:9e:61:3e:88:f6:fa:8e:
81:96:8f:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY34YRVbhy8LAsrH5W9L17EfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMzAxMDQ1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDNmYzIxNGVkMmY4MWY4NzhhMjBhY2QwYmZkZGIxOTY0Yjg5NzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQ7WTWRu/LoYOj4FXR937BsY1yRJ
P6ipGq+zE/1DiImRUL+EZ3gr2qXB+3lcwL45Oo6okYRqPebVn2zul2zZUBgGVy1Q
RlRHryc8/2g2erbyynCpnoJxdQMtNrPY+4Gtm8R70fFZDiJg/9OvT4zK3xcK3jzE
85tJqmy3uK8h+HbcOupshb5FmhGAZO5ulwe1h41K3ouEw5m706hFNvHc3Hrruhps
5bHBwJs4hl9NOI1zAiuCe8tNfNRq/WptWs9S58/HF0o3dTfdiT52OqPJ/WEiBdqd
kyMsOkV7CL4oG3FDv3sR/vBBi68/HSXz8y5wt20nnEAIFp9EPhN4zaW0iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH0/whTtL4H4eKIKzQv92xlkuJdBMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvZlRfQ0ZPMHZnZmg0b2dyTkNfM2JHV1M0bDBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsC6fMA0G
CSqGSIb3DQEBCwUAA4IBAQBY5dNs1b47IACw3JBIvG5qJ1jr6EBIgVF5eoj1AVCB
VKKUU74CLDBPzWEUBjjav0R7QE5Mvbg/hy6p/ShpcgQm4AF2/KUAYI2fEWrRPDlZ
hZiTlM4+HMEcmy5e8zWXBtGyyr6XqT8jfkrYsETEQu99QoMmu/YS88TDzaHxbwnt
Sc2UFln393mnK69ObfonF9vxfGd6cYCXdyYmnnLt4kz8W+yTl+/zIU40f6BeGuq/
nvc8xGF1lww2r9M6Rr6fK1H3oWCHlwGOmJE/Yc/ULFzGvvgUXZrpUCMdAseoEkmi
2+OY9nRrTrC/qAaSxLCT9VF43cuH7J5hPoj2+o6Blo/8
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:20:11 2025 by rpki-client