Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/FqUmwsIS-UjCTZRr7JjEccoQk80.roa
File: FqUmwsIS-UjCTZRr7JjEccoQk80.roa (raw, json)
Hash identifier: NpCUxJslvSkQKt/rflAt7iM15eUAPPnRW7dbpMpsSyc=
Subject key identifier: 16:A5:26:C2:C2:12:F9:48:C2:4D:94:6B:EC:98:C4:71:CA:10:93:CD
Certificate issuer: /CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Certificate serial: 01857139CA45C733E958733B994C327A9F57
Authority key identifier: CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/FqUmwsIS-UjCTZRr7JjEccoQk80.roa
Signing time: Mon 02 Jan 2023 06:44:50 +0000
ROA not before: Mon 02 Jan 2023 06:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207518
IP address blocks: 2a09:d2c1:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:ca:45:c7:33:e9:58:73:3b:99:4c:32:7a:9f:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Validity
Not Before: Jan 2 06:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16a526c2c212f948c24d946bec98c471ca1093cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:95:aa:6d:d1:67:12:60:b7:29:f3:02:46:24:
fd:2d:c1:cd:15:1e:12:23:10:e7:a7:9b:fc:37:81:
fc:9c:01:bc:d4:e9:2b:33:69:2b:91:f6:73:cb:75:
ab:2b:38:f9:0a:66:3a:1d:66:bf:f8:f8:77:cc:a4:
d2:1d:0c:67:c6:0c:86:36:6f:df:42:6b:c6:e9:cc:
81:a1:d0:3f:7a:75:d1:49:65:6d:bd:cf:29:57:26:
17:32:27:e0:f8:b9:53:74:11:6d:05:82:f5:a3:8f:
dc:57:61:d6:e4:47:54:ce:84:d5:0d:73:c4:89:d6:
1c:f6:c2:73:0b:60:2a:3e:d6:30:0e:ea:b7:04:07:
4b:fa:8b:bc:34:65:1f:3b:04:f9:29:5a:4c:81:5e:
7b:53:52:76:49:7f:54:b4:63:eb:3f:c9:7a:59:e4:
5e:44:88:1c:f2:2c:6a:4d:62:82:0f:69:cd:8a:a6:
3d:df:90:9e:e2:5d:00:4b:3c:dc:a8:61:e7:38:0b:
f3:02:6a:3c:07:03:c8:b3:37:7e:26:38:dc:b1:e6:
dc:c6:f9:dc:5f:01:e2:f5:a2:7a:46:97:48:3e:22:
33:c3:0d:74:0f:ed:50:a9:53:68:42:9a:9a:9e:86:
b6:6e:c2:14:91:a4:a8:44:b2:35:95:46:ad:61:d5:
6c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:A5:26:C2:C2:12:F9:48:C2:4D:94:6B:EC:98:C4:71:CA:10:93:CD
X509v3 Authority Key Identifier:
keyid:CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/FqUmwsIS-UjCTZRr7JjEccoQk80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/z81z-CwmDahzhtz3vibVxURVJvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:d2c1:4::/48
Signature Algorithm: sha256WithRSAEncryption
41:38:dc:00:8b:24:72:da:62:34:87:65:dd:08:47:73:2b:7a:
58:63:0a:58:89:ea:a3:e9:09:07:5f:70:2f:0b:03:8f:cf:29:
2b:d0:22:b7:7c:17:fb:f7:4d:98:b3:40:a6:22:eb:83:c2:82:
91:1d:31:30:79:cb:f7:18:6f:38:1b:bf:b2:94:ac:0c:f3:7a:
9a:a1:30:d4:c5:03:12:ef:d1:c5:9d:f9:fa:b6:e2:d9:2f:ec:
0e:e4:de:51:3e:cd:0d:6c:bf:b5:a3:50:35:14:bb:a1:35:d1:
ca:ef:b5:40:7f:a9:91:39:b5:1f:34:0b:75:b6:1a:0f:ba:0d:
d1:c2:dd:00:00:c1:ef:0b:72:7e:a3:61:30:a7:31:64:58:94:
c4:23:68:df:10:6d:cb:a1:b7:40:fe:42:a8:5e:a9:97:13:63:
30:d0:1d:90:65:b3:b0:7c:e9:28:32:92:cc:2d:d0:63:a4:fb:
68:6b:35:1d:4f:ae:6e:f5:49:84:cd:e6:c2:5b:72:b4:de:78:
db:58:3c:2e:0b:75:34:1f:21:20:9b:a3:cc:b5:d5:a9:da:91:
fa:5b:18:63:12:0d:60:1d:1b:41:33:bb:40:ad:60:62:7b:18:
0d:73:86:4d:a2:2c:0b:c1:18:db:d0:e1:a9:47:6d:63:53:2a:
5f:b4:93:1f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxOcpFxzPpWHM7mUwyep9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2Q3M2Y4MmMyNjBkYTg3Mzg2ZGNmN2JlMjZkNWM1NDQ1
NTI2ZmEwHhcNMjMwMTAyMDY0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmE1MjZjMmMyMTJmOTQ4YzI0ZDk0NmJlYzk4YzQ3MWNhMTA5M2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5WqbdFnEmC3KfMCRiT9LcHNFR4S
IxDnp5v8N4H8nAG81OkrM2krkfZzy3WrKzj5CmY6HWa/+Ph3zKTSHQxnxgyGNm/f
QmvG6cyBodA/enXRSWVtvc8pVyYXMifg+LlTdBFtBYL1o4/cV2HW5EdUzoTVDXPE
idYc9sJzC2AqPtYwDuq3BAdL+ou8NGUfOwT5KVpMgV57U1J2SX9UtGPrP8l6WeRe
RIgc8ixqTWKCD2nNiqY935Ce4l0ASzzcqGHnOAvzAmo8BwPIszd+Jjjcsebcxvnc
XwHi9aJ6RpdIPiIzww10D+1QqVNoQpqanoa2bsIUkaSoRLI1lUatYdVsbQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBalJsLCEvlIwk2Ua+yYxHHKEJPNMB8GA1UdIwQY
MBaAFM/Nc/gsJg2oc4bc974m1cVEVSb6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTct
NmVkYzFiMjI1NjI1LzEvRnFVbXdzSVMtVWpDVFpScjdKakVjY29RazgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTctNmVkYzFiMjI1NjI1
LzEvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgnSwQAE
MA0GCSqGSIb3DQEBCwUAA4IBAQBBONwAiyRy2mI0h2XdCEdzK3pYYwpYieqj6QkH
X3AvCwOPzykr0CK3fBf7902Ys0CmIuuDwoKRHTEwecv3GG84G7+ylKwM83qaoTDU
xQMS79HFnfn6tuLZL+wO5N5RPs0NbL+1o1A1FLuhNdHK77VAf6mRObUfNAt1thoP
ug3Rwt0AAMHvC3J+o2EwpzFkWJTEI2jfEG3LobdA/kKoXqmXE2Mw0B2QZbOwfOko
MpLMLdBjpPtoazUdT65u9UmEzebCW3K03njbWDwuC3U0HyEgm6PMtdWp2pH6Wxhj
Eg1gHRtBM7tArWBiexgNc4ZNoiwLwRjb0OGpR21jUypftJMf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org