Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/atFgH3ypbcJiqoFT506G4MxAsRY.roa
File: atFgH3ypbcJiqoFT506G4MxAsRY.roa (raw, json)
Hash identifier: Uho5LbJK5aWi6MzXdHQOVbM0nUOSH3I9OT0ErUZyemQ=
Subject key identifier: 6A:D1:60:1F:7C:A9:6D:C2:62:AA:81:53:E7:4E:86:E0:CC:40:B1:16
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 018A71747D85B13F5D95965525D8B08405A2
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/atFgH3ypbcJiqoFT506G4MxAsRY.roa
Signing time: Thu 07 Sep 2023 21:02:54 +0000
ROA not before: Thu 07 Sep 2023 21:02:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212144
IP address blocks: 2a12:6d80::/29 maxlen: 29
2a12:3f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:71:74:7d:85:b1:3f:5d:95:96:55:25:d8:b0:84:05:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Sep 7 21:02:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ad1601f7ca96dc262aa8153e74e86e0cc40b116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b2:67:1e:4e:3d:d5:0e:27:2f:94:43:72:15:
73:3e:bc:08:f9:16:87:dc:d3:5a:e2:39:5c:3c:e6:
13:d9:c2:39:86:09:87:d3:8b:d4:52:f1:b7:21:7b:
78:9c:48:11:6a:19:42:f3:ef:d2:2b:07:d7:b9:49:
5a:d2:4e:8e:12:f6:bd:0b:c9:c8:cf:91:10:7b:bf:
2b:49:95:28:7f:31:9e:9a:1c:ae:05:c5:ec:40:1c:
93:bd:be:bf:08:72:32:56:f6:18:21:d7:09:7f:e5:
2a:22:c3:cc:86:4d:20:ba:a9:e2:c5:f1:0c:a3:86:
cc:01:47:a5:49:0d:fb:e9:9c:69:fd:5a:be:f3:dc:
ff:a9:cd:77:fb:71:fa:d0:e4:0c:35:8d:66:cc:64:
50:76:e1:d1:fc:8d:40:7d:1d:f9:9a:cb:fd:71:74:
ed:a4:1d:ee:81:13:71:2e:f8:3f:ee:51:73:60:56:
97:4e:43:75:c8:f5:af:5f:b9:6c:3b:6a:41:de:d5:
ce:08:a9:d5:ed:19:60:89:d3:5b:27:ce:35:8d:7a:
8b:67:18:01:26:d9:93:f4:ec:1c:34:c2:7f:9c:3a:
ce:57:8b:7e:a0:e5:98:22:3f:57:c4:0c:22:8e:c2:
4d:e5:86:69:2b:76:4a:79:fa:68:9e:ce:f2:c6:d0:
44:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D1:60:1F:7C:A9:6D:C2:62:AA:81:53:E7:4E:86:E0:CC:40:B1:16
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/atFgH3ypbcJiqoFT506G4MxAsRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3f80::/29
2a12:6d80::/29
Signature Algorithm: sha256WithRSAEncryption
0a:e6:60:69:90:89:32:20:d8:3b:15:26:54:d2:4a:9d:cd:b5:
7b:2b:a5:76:61:68:ee:4c:fd:7f:5c:e3:da:ea:69:08:79:c1:
ef:18:73:9f:89:8a:78:50:5e:a1:93:a3:b3:95:7c:ce:19:fd:
cc:15:25:af:48:20:cf:41:35:88:7e:a3:57:6f:f8:ca:16:6f:
06:6b:f7:f3:bc:76:c3:4f:94:56:d7:5a:67:c0:43:38:48:e6:
67:f0:9f:14:ad:97:ce:0a:4e:c7:96:80:35:00:49:eb:54:78:
26:d1:d2:6b:eb:4b:e7:29:4c:d9:36:4f:fe:16:6e:f3:e2:b4:
8c:6d:54:51:e1:6e:e8:1b:60:d4:e7:4b:ee:e1:3d:80:fb:34:
27:3e:7b:34:87:a6:4e:3b:4e:9d:37:14:18:50:62:d3:65:01:
34:ed:71:b5:53:86:44:2f:be:e8:9a:2d:90:cf:67:ef:2e:cd:
12:f8:ea:9f:86:ba:b2:b0:2d:de:b6:44:d9:af:87:63:fc:93:
5d:6e:88:fd:9b:22:83:4e:cf:d2:58:52:18:f0:08:02:c2:c3:
29:ca:71:73:29:d5:53:66:b7:2c:a0:a1:81:8a:12:17:fa:a6:
0e:40:a6:bd:32:c2:88:a6:ae:88:32:bc:fd:13:e9:5d:8e:53:
30:f8:1f:1e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYpxdH2FsT9dlZZVJdiwhAWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjMwOTA3MjEwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQxNjAxZjdjYTk2ZGMyNjJhYTgxNTNlNzRlODZlMGNjNDBiMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7JnHk491Q4nL5RDchVzPrwI+RaH
3NNa4jlcPOYT2cI5hgmH04vUUvG3IXt4nEgRahlC8+/SKwfXuUla0k6OEva9C8nI
z5EQe78rSZUofzGemhyuBcXsQByTvb6/CHIyVvYYIdcJf+UqIsPMhk0guqnixfEM
o4bMAUelSQ376Zxp/Vq+89z/qc13+3H60OQMNY1mzGRQduHR/I1AfR35msv9cXTt
pB3ugRNxLvg/7lFzYFaXTkN1yPWvX7lsO2pB3tXOCKnV7RlgidNbJ841jXqLZxgB
JtmT9OwcNMJ/nDrOV4t+oOWYIj9XxAwijsJN5YZpK3ZKefpons7yxtBEUQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGrRYB98qW3CYqqBU+dOhuDMQLEWMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvYXRGZ0gzeXBiY0ppcW9GVDUwNkc0TXhBc1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhI/gAMF
AyoSbYAwDQYJKoZIhvcNAQELBQADggEBAArmYGmQiTIg2DsVJlTSSp3NtXsrpXZh
aO5M/X9c49rqaQh5we8Yc5+JinhQXqGTo7OVfM4Z/cwVJa9IIM9BNYh+o1dv+MoW
bwZr9/O8dsNPlFbXWmfAQzhI5mfwnxStl84KTseWgDUASetUeCbR0mvrS+cpTNk2
T/4WbvPitIxtVFHhbugbYNTnS+7hPYD7NCc+ezSHpk47Tp03FBhQYtNlATTtcbVT
hkQvvuiaLZDPZ+8uzRL46p+GurKwLd62RNmvh2P8k11uiP2bIoNOz9JYUhjwCALC
wynKcXMp1VNmtyygoYGKEhf6pg5Apr0ywoimrogyvP0T6V2OUzD4Hx4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:24 2024 by rpki-client on console-ams.rpki-client.org