Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/FfaeNECbZNygyM8XAjsFThRsTWI.roa
File: FfaeNECbZNygyM8XAjsFThRsTWI.roa (raw, json)
Hash identifier: zO3jU4l1/9LJ+tYStFiw0OHQhMZvV6D+EaQpI9kBuc8=
Subject key identifier: 15:F6:9E:34:40:9B:64:DC:A0:C8:CF:17:02:3B:05:4E:14:6C:4D:62
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018997066AB0F18CACCE64B4A7F9CCCC0C2F
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/FfaeNECbZNygyM8XAjsFThRsTWI.roa
Signing time: Thu 27 Jul 2023 11:05:27 +0000
ROA not before: Thu 27 Jul 2023 11:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209025
IP address blocks: 2a0a:280:2b00::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:06:6a:b0:f1:8c:ac:ce:64:b4:a7:f9:cc:cc:0c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jul 27 11:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15f69e34409b64dca0c8cf17023b054e146c4d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:80:82:72:c3:99:1f:e8:26:b6:b8:03:ce:be:
4a:1e:e9:a7:c9:f7:9b:4c:5c:2d:8c:9d:19:63:45:
69:a6:f0:e6:37:18:cf:c7:06:d7:db:1a:d2:69:ef:
8e:69:f3:2f:e9:c9:01:aa:e8:fd:16:7d:d0:9c:fb:
c5:85:a3:d2:fa:e5:31:45:d6:0c:f9:e6:7a:76:1c:
64:1d:f7:dd:15:8a:72:86:ff:b8:f7:17:37:91:03:
7f:19:18:2d:38:03:96:c0:80:ac:6f:25:0c:e0:e4:
38:34:9d:97:4f:45:a0:59:ac:6a:ae:25:4f:d4:cb:
18:53:9c:c0:86:14:26:aa:f5:a5:89:31:90:58:c8:
10:f3:ae:7b:28:39:35:93:ca:fa:80:ed:01:44:ac:
a4:e6:5d:b7:3e:f5:79:e3:49:82:7f:b9:21:8a:54:
03:00:fc:cd:cf:30:c7:43:4a:bd:a9:ce:3a:eb:fb:
0d:40:28:9b:cd:3c:39:4e:17:2a:5b:cf:00:de:84:
bb:d1:3c:7e:0b:5b:86:64:38:6e:6d:c0:ca:74:6e:
d0:32:ab:87:fe:a2:c2:10:08:b3:1a:a6:3f:69:e9:
82:1d:8b:a1:ad:1d:ca:95:ef:70:14:ed:86:86:5e:
ca:19:1a:6f:a3:65:33:c1:b6:67:b1:bd:ae:3a:4a:
fd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:F6:9E:34:40:9B:64:DC:A0:C8:CF:17:02:3B:05:4E:14:6C:4D:62
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/FfaeNECbZNygyM8XAjsFThRsTWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2b00::/40
Signature Algorithm: sha256WithRSAEncryption
16:db:a7:9a:50:f0:04:66:65:b3:06:78:7d:b9:47:96:90:eb:
8e:12:f9:3d:81:3d:1d:c1:66:b5:ab:0c:f2:ec:72:d8:fb:61:
c2:fa:72:a4:f5:60:d5:39:cd:69:f9:e8:34:c2:de:bc:40:e4:
dc:d9:9c:6b:c6:67:a6:47:3b:bc:be:22:5c:7a:7b:b5:d1:69:
24:ed:07:2b:3d:49:b1:8a:c3:37:d5:64:fb:16:76:a2:38:c0:
82:69:64:87:d9:e5:d2:0a:b5:37:54:8c:d5:85:18:64:7b:fc:
eb:e5:e9:64:fe:07:6c:c1:83:d6:55:eb:d3:fd:6d:0a:ec:c9:
32:8d:f2:39:ea:6b:66:0e:cd:47:3f:58:26:75:bf:a5:99:24:
a7:cf:48:5d:4d:96:b6:51:3a:4c:a4:a1:c2:e4:9f:f9:cf:17:
a9:54:b1:21:33:a4:34:1a:6c:fb:83:a4:d8:97:73:1e:67:93:
72:a3:f5:46:7d:ca:f6:5b:5e:74:ab:07:e5:dc:a3:ea:70:e5:
f7:38:00:dd:e3:e8:9e:9a:f4:1a:d1:a2:99:12:4b:e6:c5:dc:
e1:2f:90:19:9a:10:44:b4:e4:8f:20:2b:75:48:9b:a8:ff:c1:
cf:5b:69:d8:d4:de:ef:38:41:34:9a:56:af:92:16:87:d0:bf:
68:0d:c0:e9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYmXBmqw8YyszmS0p/nMzAwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwNzI3MTEwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWY2OWUzNDQwOWI2NGRjYTBjOGNmMTcwMjNiMDU0ZTE0NmM0ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4CCcsOZH+gmtrgDzr5KHumnyfeb
TFwtjJ0ZY0VppvDmNxjPxwbX2xrSae+OafMv6ckBquj9Fn3QnPvFhaPS+uUxRdYM
+eZ6dhxkHffdFYpyhv+49xc3kQN/GRgtOAOWwICsbyUM4OQ4NJ2XT0WgWaxqriVP
1MsYU5zAhhQmqvWliTGQWMgQ8657KDk1k8r6gO0BRKyk5l23PvV540mCf7khilQD
APzNzzDHQ0q9qc466/sNQCibzTw5ThcqW88A3oS70Tx+C1uGZDhubcDKdG7QMquH
/qLCEAizGqY/aemCHYuhrR3Kle9wFO2Ghl7KGRpvo2UzwbZnsb2uOkr9MwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBX2njRAm2TcoMjPFwI7BU4UbE1iMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvRmZhZU5FQ2JaTnlneU04WEFqc0ZUaFJzVFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgCsw
DQYJKoZIhvcNAQELBQADggEBABbbp5pQ8ARmZbMGeH25R5aQ644S+T2BPR3BZrWr
DPLsctj7YcL6cqT1YNU5zWn56DTC3rxA5NzZnGvGZ6ZHO7y+Ilx6e7XRaSTtBys9
SbGKwzfVZPsWdqI4wIJpZIfZ5dIKtTdUjNWFGGR7/Ovl6WT+B2zBg9ZV69P9bQrs
yTKN8jnqa2YOzUc/WCZ1v6WZJKfPSF1NlrZROkykocLkn/nPF6lUsSEzpDQabPuD
pNiXcx5nk3Kj9UZ9yvZbXnSrB+Xco+pw5fc4AN3j6J6a9BrRopkSS+bF3OEvkBma
EES05I8gK3VIm6j/wc9badjU3u84QTSaVq+SFofQv2gNwOk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:22 2024 by rpki-client on console-fra.rpki-client.org