Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/_Bbq2dD_BO1IghA2_iGevRtTo14.roa
File: _Bbq2dD_BO1IghA2_iGevRtTo14.roa (raw, json)
Hash identifier: fJV3r/CrkSz0acuVuadFmLNPPtdCpzQiSwscXaD1SRs=
Subject key identifier: FC:16:EA:D9:D0:FF:04:ED:48:82:10:36:FE:21:9E:BD:1B:53:A3:5E
Certificate issuer: /CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Certificate serial: 01915A50A2CA1BA99F0599779FA757E007B7
Authority key identifier: AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/_Bbq2dD_BO1IghA2_iGevRtTo14.roa
Signing time: Fri 16 Aug 2024 08:31:59 +0000
ROA not before: Fri 16 Aug 2024 08:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57242
IP address blocks: 81.163.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Aug 2024 08:53:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5a:50:a2:ca:1b:a9:9f:05:99:77:9f:a7:57:e0:07:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Validity
Not Before: Aug 16 08:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc16ead9d0ff04ed48821036fe219ebd1b53a35e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:81:22:5e:8b:a1:4e:1f:cf:b7:d7:58:f3:03:
96:39:24:b2:99:e2:d3:3b:73:6a:62:9a:32:1e:a2:
bc:47:b6:34:08:3e:4b:ea:ee:7e:5b:89:c4:0b:54:
a3:4f:02:ad:5b:8f:26:cf:9a:bc:71:57:f6:3f:08:
02:8b:f2:76:96:9c:b4:4b:bc:7b:7b:7c:65:42:00:
63:58:45:df:1b:c0:10:50:fb:3c:dc:47:36:5c:14:
e9:eb:f3:80:87:57:a9:ad:f5:1b:25:ac:45:ee:5c:
d9:1e:e9:7f:db:2b:d9:f7:f6:27:f7:79:68:e2:65:
e0:12:3c:64:0d:02:9a:c3:8b:78:86:a4:0c:75:8c:
7b:05:22:15:3f:f9:24:c2:16:65:1a:76:d7:34:3c:
bb:2f:56:df:d6:be:87:5e:60:dd:e6:c2:3f:47:60:
fc:cb:ae:80:43:42:45:bd:3f:36:2c:b9:c2:10:70:
3b:f5:3f:3c:c9:af:e9:ce:ee:2a:a2:b7:f5:3b:14:
15:2b:c0:44:90:e4:af:9f:2d:89:53:ac:10:5e:b7:
f6:50:75:18:9e:5a:7c:72:ca:49:a8:58:ca:77:db:
e9:bc:40:39:13:69:db:a3:2c:17:85:52:a9:3a:6b:
f0:7a:2b:90:7a:46:fc:cc:6e:33:79:3a:93:b4:ee:
9d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:16:EA:D9:D0:FF:04:ED:48:82:10:36:FE:21:9E:BD:1B:53:A3:5E
X509v3 Authority Key Identifier:
keyid:AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/_Bbq2dD_BO1IghA2_iGevRtTo14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.163.214.0/24
Signature Algorithm: sha256WithRSAEncryption
18:71:7a:19:10:70:d6:07:5f:60:21:60:c0:2b:e0:c0:86:d4:
0a:fe:94:c8:88:89:32:99:b0:4b:5e:03:32:a0:13:61:f3:c0:
83:f1:ad:1d:88:e0:f0:b6:69:3a:90:7b:84:a4:2e:2e:13:43:
47:a1:e2:83:1e:be:50:47:d8:8c:71:e1:11:63:69:c4:a0:7b:
28:d3:19:ad:fd:96:3d:56:df:8e:4b:b6:d3:43:40:b7:2a:06:
78:9c:96:d3:81:81:fb:bd:f1:72:bd:86:26:c8:bb:3e:77:fe:
cd:8e:ab:82:da:0b:8c:ca:1f:c4:af:5c:a9:07:d7:72:9a:76:
71:c9:21:3f:a5:79:81:63:0b:13:0d:de:aa:7a:75:1c:18:23:
fa:17:f5:b9:80:43:a4:b3:b0:8a:2e:47:34:f3:ea:c3:d2:d1:
d2:f7:cf:b9:bb:5a:9a:47:2e:2a:a4:2a:6c:fe:46:15:fc:a9:
ee:33:58:f7:94:dc:33:45:a1:4c:7e:34:8f:a9:93:db:02:14:
8e:69:46:32:47:75:19:05:5f:57:02:84:2d:c5:1f:9d:84:df:
60:93:88:29:96:7b:15:0b:6a:6b:5a:90:7a:b4:a8:53:97:4d:
6c:b8:63:f6:fa:82:44:87:da:67:32:36:ef:87:90:1e:c6:b7:
ad:5e:f8:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFaUKLKG6mfBZl3n6dX4Ae3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYjRlMDRhMGVkMzQ0MTEyYzE4NTNjYWIwOWY1MmUxY2Q5
YWJhZjIwHhcNMjQwODE2MDgzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzE2ZWFkOWQwZmYwNGVkNDg4MjEwMzZmZTIxOWViZDFiNTNhMzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYEiXouhTh/Pt9dY8wOWOSSymeLT
O3NqYpoyHqK8R7Y0CD5L6u5+W4nEC1SjTwKtW48mz5q8cVf2PwgCi/J2lpy0S7x7
e3xlQgBjWEXfG8AQUPs83Ec2XBTp6/OAh1eprfUbJaxF7lzZHul/2yvZ9/Yn93lo
4mXgEjxkDQKaw4t4hqQMdYx7BSIVP/kkwhZlGnbXNDy7L1bf1r6HXmDd5sI/R2D8
y66AQ0JFvT82LLnCEHA79T88ya/pzu4qorf1OxQVK8BEkOSvny2JU6wQXrf2UHUY
nlp8cspJqFjKd9vpvEA5E2nboywXhVKpOmvweiuQekb8zG4zeTqTtO6dRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPwW6tnQ/wTtSIIQNv4hnr0bU6NeMB8GA1UdIwQY
MBaAFK+04EoO00QRLBhTyrCfUuHNmrryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTct
ODA5NWYzMjk3MTc5LzEvX0JicTJkRF9CTzFJZ2hBMl9pR2V2UnRUbzE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTctODA5NWYzMjk3MTc5
LzEvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUaPWMA0G
CSqGSIb3DQEBCwUAA4IBAQAYcXoZEHDWB19gIWDAK+DAhtQK/pTIiIkymbBLXgMy
oBNh88CD8a0diODwtmk6kHuEpC4uE0NHoeKDHr5QR9iMceERY2nEoHso0xmt/ZY9
Vt+OS7bTQ0C3KgZ4nJbTgYH7vfFyvYYmyLs+d/7NjquC2guMyh/Er1ypB9dymnZx
ySE/pXmBYwsTDd6qenUcGCP6F/W5gEOks7CKLkc08+rD0tHS98+5u1qaRy4qpCps
/kYV/KnuM1j3lNwzRaFMfjSPqZPbAhSOaUYyR3UZBV9XAoQtxR+dhN9gk4gplnsV
C2prWpB6tKhTl01suGP2+oJEh9pnMjbvh5AexretXvgi
-----END CERTIFICATE-----
Generated at Mon Apr 28 19:53:13 2025 by rpki-client