Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/b0cd2e-4864-4a34-82a5-e7c444346760/1/tFO-CDAl5zZ4FEoJKP0OYicIIVM.roa
File: tFO-CDAl5zZ4FEoJKP0OYicIIVM.roa (raw, json)
Hash identifier: BrnRMDH62xrZpO1pW1kv5YMw0WNw5Ry0hee6TWCkXAs=
Subject key identifier: B4:53:BE:08:30:25:E7:36:78:14:4A:09:28:FD:0E:62:27:08:21:53
Certificate issuer: /CN=50656cb4777d14b5eb264c6b032c8ba3756f2ae5
Certificate serial: 018CC4249CA69DC412D9BBEE13FF140B0245
Authority key identifier: 50:65:6C:B4:77:7D:14:B5:EB:26:4C:6B:03:2C:8B:A3:75:6F:2A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UGVstHd9FLXrJkxrAyyLo3VvKuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/b0cd2e-4864-4a34-82a5-e7c444346760/1/tFO-CDAl5zZ4FEoJKP0OYicIIVM.roa
Signing time: Mon 01 Jan 2024 08:29:42 +0000
ROA not before: Mon 01 Jan 2024 08:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12335
IP address blocks: 212.53.32.0/19 maxlen: 20
2a02:2f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:9c:a6:9d:c4:12:d9:bb:ee:13:ff:14:0b:02:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50656cb4777d14b5eb264c6b032c8ba3756f2ae5
Validity
Not Before: Jan 1 08:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b453be083025e73678144a0928fd0e6227082153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:da:b3:cb:7f:84:0d:b1:06:ec:5e:f9:30:e0:
12:c1:58:2e:6d:59:31:2f:77:d9:40:82:f8:72:fc:
e9:0f:fb:04:7c:ff:d7:e7:ce:83:0b:b9:f9:96:23:
18:52:a4:e8:03:60:d0:c5:6f:dd:6d:67:14:60:5c:
82:c2:63:a6:2d:58:bc:08:18:06:dd:bb:fe:72:3c:
56:11:61:41:94:7e:07:91:e2:9e:08:32:96:66:28:
d5:2c:14:42:4f:69:56:69:53:95:57:31:ae:12:89:
9d:cc:cc:f4:b4:01:66:ab:38:1e:f0:e8:24:c6:18:
59:90:23:ca:3f:92:91:53:50:d9:ee:57:03:de:8c:
d3:7d:31:52:1b:6b:a0:b9:ce:83:f9:3b:2d:53:cc:
e4:21:26:93:53:46:1c:45:0e:0b:1c:62:9c:44:76:
ca:f5:b9:84:9b:b6:c8:c1:02:ae:96:71:a2:5b:cb:
26:97:20:a0:b3:9e:23:29:57:2d:f1:15:75:a8:1b:
9a:34:7c:29:18:8c:d9:1a:05:76:b6:57:35:a9:ee:
d9:ff:d1:48:0e:2f:74:1a:96:60:70:fe:18:bd:3d:
08:e3:7b:3f:0b:03:3a:65:a3:7a:1e:e8:14:56:ee:
b7:80:1a:e5:e8:29:45:1f:95:63:a9:ec:02:e1:98:
8b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:53:BE:08:30:25:E7:36:78:14:4A:09:28:FD:0E:62:27:08:21:53
X509v3 Authority Key Identifier:
keyid:50:65:6C:B4:77:7D:14:B5:EB:26:4C:6B:03:2C:8B:A3:75:6F:2A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGVstHd9FLXrJkxrAyyLo3VvKuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/b0cd2e-4864-4a34-82a5-e7c444346760/1/tFO-CDAl5zZ4FEoJKP0OYicIIVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/b0cd2e-4864-4a34-82a5-e7c444346760/1/UGVstHd9FLXrJkxrAyyLo3VvKuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.53.32.0/19
IPv6:
2a02:2f8::/32
Signature Algorithm: sha256WithRSAEncryption
61:a0:44:61:dd:69:35:bf:c6:85:ad:b1:56:24:1e:b4:d6:af:
3f:19:ab:79:42:65:af:bb:d4:2e:42:96:a1:09:3a:59:d9:03:
71:f6:f0:8f:7f:80:0b:3e:75:97:64:f9:d5:61:35:cd:d4:3e:
d3:ed:11:38:87:c9:a7:5a:fc:45:a6:5f:d2:66:fd:9c:bf:82:
01:a3:8f:31:d7:50:cb:0e:92:70:40:4e:0b:f4:84:be:3a:e8:
f4:4a:e9:6c:ca:95:0b:5d:c3:38:6f:28:ee:42:83:96:38:85:
d4:44:c3:4d:1f:69:5e:73:19:ce:e6:ee:24:95:13:82:7d:47:
37:9a:39:71:7b:8f:a2:94:24:ec:72:26:dc:c4:9a:57:26:d3:
a9:fd:1c:2f:09:ff:f6:77:95:e7:06:e7:42:2d:99:3e:50:c4:
cd:38:29:dd:47:20:6e:f6:3c:78:58:1d:79:eb:48:53:8c:0b:
e6:31:f5:52:ea:7b:db:22:7e:33:52:f3:62:0f:35:55:5c:0e:
94:26:b1:3b:19:47:87:00:bc:4c:58:32:38:3e:70:ad:53:da:
fd:c3:4c:5d:ac:02:0b:07:95:d5:54:8e:d2:aa:2d:db:07:19:
22:26:08:02:22:49:fe:c9:8c:1c:5a:4c:63:ee:7e:b9:71:e4:
94:d9:93:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJJymncQS2bvuE/8UCwJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjU2Y2I0Nzc3ZDE0YjVlYjI2NGM2YjAzMmM4YmEzNzU2
ZjJhZTUwHhcNMjQwMTAxMDgyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDUzYmUwODMwMjVlNzM2NzgxNDRhMDkyOGZkMGU2MjI3MDgyMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNqzy3+EDbEG7F75MOASwVgubVkx
L3fZQIL4cvzpD/sEfP/X586DC7n5liMYUqToA2DQxW/dbWcUYFyCwmOmLVi8CBgG
3bv+cjxWEWFBlH4HkeKeCDKWZijVLBRCT2lWaVOVVzGuEomdzMz0tAFmqzge8Ogk
xhhZkCPKP5KRU1DZ7lcD3ozTfTFSG2uguc6D+TstU8zkISaTU0YcRQ4LHGKcRHbK
9bmEm7bIwQKulnGiW8smlyCgs54jKVct8RV1qBuaNHwpGIzZGgV2tlc1qe7Z/9FI
Di90GpZgcP4YvT0I43s/CwM6ZaN6HugUVu63gBrl6ClFH5VjqewC4ZiLFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLRTvggwJec2eBRKCSj9DmInCCFTMB8GA1UdIwQY
MBaAFFBlbLR3fRS16yZMawMsi6N1byrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdWc3RIZDlGTFhySmt4ckF5eUxvM1Z2S3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iMGNkMmUtNDg2NC00YTM0LTgyYTUt
ZTdjNDQ0MzQ2NzYwLzEvdEZPLUNEQWw1elo0RkVvSktQME9ZaWNJSVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iMGNkMmUtNDg2NC00YTM0LTgyYTUtZTdjNDQ0MzQ2NzYw
LzEvVUdWc3RIZDlGTFhySmt4ckF5eUxvM1Z2S3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1DUgMA0E
AgACMAcDBQAqAgL4MA0GCSqGSIb3DQEBCwUAA4IBAQBhoERh3Wk1v8aFrbFWJB60
1q8/Gat5QmWvu9QuQpahCTpZ2QNx9vCPf4ALPnWXZPnVYTXN1D7T7RE4h8mnWvxF
pl/SZv2cv4IBo48x11DLDpJwQE4L9IS+Ouj0SulsypULXcM4byjuQoOWOIXURMNN
H2lecxnO5u4klROCfUc3mjlxe4+ilCTscibcxJpXJtOp/RwvCf/2d5XnBudCLZk+
UMTNOCndRyBu9jx4WB1560hTjAvmMfVS6nvbIn4zUvNiDzVVXA6UJrE7GUeHALxM
WDI4PnCtU9r9w0xdrAILB5XVVI7Sqi3bBxkiJggCIkn+yYwcWkxj7n65ceSU2ZPv
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:03 2025 by rpki-client