Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/FwnaWIz2mF3qmyQF3TgYaddFip0.roa
File: FwnaWIz2mF3qmyQF3TgYaddFip0.roa (raw, json)
Hash identifier: zDVL4fF1+4JmkeNJFodWO/2zK1Nys25GwDGc6Q/jpXY=
Subject key identifier: 17:09:DA:58:8C:F6:98:5D:EA:9B:24:05:DD:38:18:69:D7:45:8A:9D
Certificate issuer: /CN=3a0b05f40a6916394782302d1b5660737257a48b
Certificate serial: 018D83C22657E52A9585CE7072A2793852F0
Authority key identifier: 3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/FwnaWIz2mF3qmyQF3TgYaddFip0.roa
Signing time: Wed 07 Feb 2024 13:29:15 +0000
ROA not before: Wed 07 Feb 2024 13:29:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215560
IP address blocks: 2a0f:6580:115::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:c2:26:57:e5:2a:95:85:ce:70:72:a2:79:38:52:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0b05f40a6916394782302d1b5660737257a48b
Validity
Not Before: Feb 7 13:29:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1709da588cf6985dea9b2405dd381869d7458a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8e:94:d1:9d:60:c8:f3:11:79:c9:de:5d:6b:
7f:e7:c0:df:7e:7a:71:3f:b8:15:68:74:63:f8:3b:
a9:e0:16:ad:cd:ae:8c:96:5b:c9:88:3e:8a:e3:52:
0e:76:2e:d2:a2:39:7a:76:0f:08:03:d1:40:e8:6e:
33:31:b2:34:15:97:dd:e9:13:a6:c6:de:a2:82:b5:
39:4e:6f:27:3a:26:28:46:f0:c0:2b:80:d8:59:62:
f9:e4:4e:d7:af:dc:94:7e:0f:d2:bd:1a:30:35:cb:
a6:28:38:a3:4a:f4:fa:cd:17:dc:b0:2e:b4:b9:29:
86:a0:2e:c1:11:62:f5:01:33:39:6b:8b:65:9d:12:
d4:f2:2d:8c:71:fb:ea:25:77:fe:d2:7a:a7:9a:84:
84:4d:32:53:a9:07:3f:e1:3d:5f:24:e6:24:41:fd:
8c:d0:59:df:dd:4b:f0:1c:58:d0:cf:86:11:42:96:
6e:05:00:0a:ed:bd:37:bf:44:ce:2c:f1:29:b0:a3:
0f:94:da:db:67:53:3d:c1:75:49:b4:c1:f9:2f:e7:
f4:2d:2e:88:6f:00:b6:b8:4d:6f:c7:be:54:89:e5:
31:fc:52:09:fc:3d:6f:d5:98:db:ab:42:39:f6:10:
58:6f:83:51:5c:ba:0e:84:d3:6e:a7:ba:95:41:1f:
47:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:09:DA:58:8C:F6:98:5D:EA:9B:24:05:DD:38:18:69:D7:45:8A:9D
X509v3 Authority Key Identifier:
keyid:3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/FwnaWIz2mF3qmyQF3TgYaddFip0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6580:115::/48
Signature Algorithm: sha256WithRSAEncryption
cf:61:be:89:c7:e3:5d:eb:33:f7:a9:87:72:d3:ef:ce:2f:4d:
7d:77:46:b3:c9:02:8e:79:c3:05:30:66:d2:3e:5e:20:37:ba:
4c:7d:fc:9a:e7:e9:78:2d:39:a0:ae:99:50:aa:d4:cc:1f:cf:
03:d8:b7:fd:82:b8:ed:c2:f8:d7:63:f7:21:c6:de:2e:b1:fb:
28:9f:c2:2c:e2:bf:01:10:a5:1e:dd:96:06:8d:42:c3:09:f4:
43:a9:f2:ea:2b:60:e9:21:76:0c:35:f3:d6:98:3e:4f:7a:12:
1f:34:20:a7:88:45:26:42:7b:51:06:a7:0e:51:9f:d3:88:77:
e4:7e:39:0d:69:0b:51:ba:1f:eb:80:e6:f5:b0:4a:ba:ce:c2:
d8:4d:36:b3:39:36:56:ad:d8:23:71:90:9e:75:a9:fc:36:46:
43:a5:e5:da:ef:4d:32:ed:d3:41:1b:44:91:5d:4d:81:42:4f:
50:2d:0f:31:8c:94:f6:bf:e6:b0:a1:3d:d3:32:d6:07:ef:bc:
63:e4:94:41:a9:f9:70:d4:ab:92:69:be:bb:5e:ff:3d:e6:0f:
f4:df:06:8c:89:c1:55:89:5b:5c:0a:18:d5:1e:7a:2a:95:57:
56:10:a1:60:39:e3:05:1b:91:2d:94:e7:55:6b:92:b4:54:e8:
f1:3c:9f:a9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2DwiZX5SqVhc5wcqJ5OFLwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMGIwNWY0MGE2OTE2Mzk0NzgyMzAyZDFiNTY2MDczNzI1
N2E0OGIwHhcNMjQwMjA3MTMyOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzA5ZGE1ODhjZjY5ODVkZWE5YjI0MDVkZDM4MTg2OWQ3NDU4YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI6U0Z1gyPMRecneXWt/58Dffnpx
P7gVaHRj+Dup4Batza6MllvJiD6K41IOdi7Sojl6dg8IA9FA6G4zMbI0FZfd6ROm
xt6igrU5Tm8nOiYoRvDAK4DYWWL55E7Xr9yUfg/SvRowNcumKDijSvT6zRfcsC60
uSmGoC7BEWL1ATM5a4tlnRLU8i2McfvqJXf+0nqnmoSETTJTqQc/4T1fJOYkQf2M
0Fnf3UvwHFjQz4YRQpZuBQAK7b03v0TOLPEpsKMPlNrbZ1M9wXVJtMH5L+f0LS6I
bwC2uE1vx75UieUx/FIJ/D1v1Zjbq0I59hBYb4NRXLoOhNNup7qVQR9HrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBcJ2liM9phd6pskBd04GGnXRYqdMB8GA1UdIwQY
MBaAFDoLBfQKaRY5R4IwLRtWYHNyV6SLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGIt
YjIwZTI4ZjUxODhmLzEvRnduYVdJejJtRjNxbXlRRjNUZ1lhZGRGaXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGItYjIwZTI4ZjUxODhm
LzEvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9lgAEV
MA0GCSqGSIb3DQEBCwUAA4IBAQDPYb6Jx+Nd6zP3qYdy0+/OL019d0azyQKOecMF
MGbSPl4gN7pMffya5+l4LTmgrplQqtTMH88D2Lf9grjtwvjXY/chxt4usfson8Is
4r8BEKUe3ZYGjULDCfRDqfLqK2DpIXYMNfPWmD5PehIfNCCniEUmQntRBqcOUZ/T
iHfkfjkNaQtRuh/rgOb1sEq6zsLYTTazOTZWrdgjcZCedan8NkZDpeXa700y7dNB
G0SRXU2BQk9QLQ8xjJT2v+awoT3TMtYH77xj5JRBqflw1KuSab67Xv895g/03waM
icFViVtcChjVHnoqlVdWEKFgOeMFG5EtlOdVa5K0VOjxPJ+p
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:41:38 2025 by rpki-client