Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/fpQTSpbcD6ekiV6W5AogEc248hw.roa
File: fpQTSpbcD6ekiV6W5AogEc248hw.roa (raw, json)
Hash identifier: UT5b16uM5pjSBY6Rt44M4vHM/A+1ZeasbZ1pNvMlPg4=
Subject key identifier: 7E:94:13:4A:96:DC:0F:A7:A4:89:5E:96:E4:0A:20:11:CD:B8:F2:1C
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 0194F5A9F0C52B8361539472E814A90EE2CA
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/fpQTSpbcD6ekiV6W5AogEc248hw.roa
Signing time: Tue 11 Feb 2025 15:39:02 +0000
ROA not before: Tue 11 Feb 2025 15:39:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21100
IP address blocks: 91.90.192.0/24 maxlen: 24
91.90.194.0/24 maxlen: 24
91.223.123.0/24 maxlen: 24
94.131.16.0/24 maxlen: 24
185.198.164.0/22 maxlen: 22
195.245.112.0/23 maxlen: 23
2001:67c:2f5c::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Feb 2025 21:57:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f5:a9:f0:c5:2b:83:61:53:94:72:e8:14:a9:0e:e2:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Feb 11 15:39:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e94134a96dc0fa7a4895e96e40a2011cdb8f21c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:19:4d:51:7f:08:6e:71:bc:d3:f9:eb:74:0b:
7a:31:cc:cf:4c:8b:de:65:4a:bb:b7:51:24:da:93:
e3:57:f1:c0:ac:d9:99:ed:0c:69:db:a7:39:6a:4e:
52:b3:3d:d2:9c:71:34:01:d8:af:27:98:97:5b:52:
2e:8d:79:af:fb:3e:0f:91:73:2c:1a:02:ea:64:bc:
a7:1c:e4:09:09:53:4f:87:02:f7:40:85:05:d4:69:
4f:7f:fa:12:63:02:f1:0b:3f:7c:98:06:fd:63:55:
fe:f2:f3:0a:1c:de:dc:eb:76:8d:b3:64:8e:07:e7:
95:3f:b7:64:62:77:40:8c:9f:ea:2e:30:a6:49:23:
cf:33:68:21:1f:f0:bd:3d:db:b1:4a:30:09:61:81:
30:34:72:a6:f3:93:a5:5a:24:27:c8:62:6f:01:67:
e2:aa:c9:00:81:1b:03:2f:59:71:f3:f1:f0:65:95:
df:34:c9:d7:a1:da:cc:ab:7b:f1:96:39:37:dd:f8:
cb:e3:a3:28:e1:a5:c4:db:ec:2d:f6:f1:0d:0e:ab:
05:a8:d4:16:f7:e5:af:f7:27:06:5d:f6:e5:5d:87:
27:76:d3:86:b7:4d:b3:51:c5:58:8d:80:64:a2:e3:
d4:5c:a1:6c:d8:c9:de:0f:18:86:fe:c3:f0:fe:b3:
bf:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:94:13:4A:96:DC:0F:A7:A4:89:5E:96:E4:0A:20:11:CD:B8:F2:1C
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/fpQTSpbcD6ekiV6W5AogEc248hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.192.0/24
91.90.194.0/24
91.223.123.0/24
94.131.16.0/24
185.198.164.0/22
195.245.112.0/23
IPv6:
2001:67c:2f5c::/48
Signature Algorithm: sha256WithRSAEncryption
80:fe:73:d0:cc:d2:ff:7a:8a:a3:60:c8:2e:ef:c3:3d:09:9b:
37:b4:e8:fb:35:fb:ee:77:a3:37:b2:e1:6f:41:39:f1:9a:9e:
e8:01:90:ac:6e:81:52:db:0e:e8:8c:59:1c:72:e5:d5:58:42:
54:f0:e3:1d:21:05:ad:e9:92:76:40:f9:9c:eb:94:75:9a:42:
d3:48:cb:e8:bb:a9:b6:d2:b3:22:fa:73:84:b3:fe:66:55:c6:
a4:11:e1:8e:43:6f:f2:8d:1f:94:0b:0c:e6:79:58:02:9b:65:
12:a4:15:47:c8:6b:e0:3a:c8:51:22:f3:f6:73:a4:e1:9b:01:
11:76:1a:df:2f:70:c0:fa:a0:2c:dd:7e:97:d3:a5:9c:b6:93:
50:c9:39:f6:a5:02:b9:12:4a:52:3e:6b:b0:09:9d:a7:02:96:
ea:78:f4:de:42:d8:27:79:85:70:53:54:1b:98:55:a2:f1:94:
0d:fc:50:22:13:d7:70:96:b9:62:0d:fe:be:b1:f6:3e:bf:dc:
35:b1:1a:5d:36:f8:ba:d8:ba:94:2c:9b:e7:6b:1d:41:5d:67:
dc:e1:c5:77:ea:b3:0a:c5:b3:2d:09:7b:fb:49:79:0c:21:eb:
ca:98:5d:76:0e:1d:6f:09:4c:dd:f3:e5:6d:1e:7c:be:34:0e:
23:28:af:19
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZT1qfDFK4NhU5Ry6BSpDuLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjUwMjExMTUzOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTk0MTM0YTk2ZGMwZmE3YTQ4OTVlOTZlNDBhMjAxMWNkYjhmMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRlNUX8IbnG80/nrdAt6MczPTIve
ZUq7t1Ek2pPjV/HArNmZ7Qxp26c5ak5Ssz3SnHE0AdivJ5iXW1IujXmv+z4PkXMs
GgLqZLynHOQJCVNPhwL3QIUF1GlPf/oSYwLxCz98mAb9Y1X+8vMKHN7c63aNs2SO
B+eVP7dkYndAjJ/qLjCmSSPPM2ghH/C9PduxSjAJYYEwNHKm85OlWiQnyGJvAWfi
qskAgRsDL1lx8/HwZZXfNMnXodrMq3vxljk33fjL46Mo4aXE2+wt9vENDqsFqNQW
9+Wv9ycGXfblXYcndtOGt02zUcVYjYBkouPUXKFs2MneDxiG/sPw/rO/YQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFH6UE0qW3A+npIleluQKIBHNuPIcMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvZnBRVFNwYmNENmVraVY2VzVBb2dFYzI0OGh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAW1rAAwQA
W1rCAwQAW997AwQAXoMQAwQCucakAwQBw/VwMA8EAgACMAkDBwAgAQZ8L1wwDQYJ
KoZIhvcNAQELBQADggEBAID+c9DM0v96iqNgyC7vwz0Jmze06Ps1++53ozey4W9B
OfGanugBkKxugVLbDuiMWRxy5dVYQlTw4x0hBa3pknZA+ZzrlHWaQtNIy+i7qbbS
syL6c4Sz/mZVxqQR4Y5Db/KNH5QLDOZ5WAKbZRKkFUfIa+A6yFEi8/ZzpOGbARF2
Gt8vcMD6oCzdfpfTpZy2k1DJOfalArkSSlI+a7AJnacClup49N5C2Cd5hXBTVBuY
VaLxlA38UCIT13CWuWIN/r6x9j6/3DWxGl02+LrYupQsm+drHUFdZ9zhxXfqswrF
sy0Je/tJeQwh68qYXXYOHW8JTN3z5W0efL40DiMorxk=
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:04:31 2025 by rpki-client