Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/Ff_LMkg0sxUcCpHJKbV6uMFsDQM.roa
File: Ff_LMkg0sxUcCpHJKbV6uMFsDQM.roa (raw, json)
Hash identifier: pfXQP4RoQZcSM8s5jRVu3akNom3b2lXcKlkSHH1aaxs=
Subject key identifier: 15:FF:CB:32:48:34:B3:15:1C:0A:91:C9:29:B5:7A:B8:C1:6C:0D:03
Certificate issuer: /CN=6596fb89a8a23cbe4f2adb165c89f26de8ab7876
Certificate serial: 01857255B07C257C907978B0FD1EBB6B3507
Authority key identifier: 65:96:FB:89:A8:A2:3C:BE:4F:2A:DB:16:5C:89:F2:6D:E8:AB:78:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZb7iaiiPL5PKtsWXInybeireHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/Ff_LMkg0sxUcCpHJKbV6uMFsDQM.roa
Signing time: Mon 02 Jan 2023 11:54:56 +0000
ROA not before: Mon 02 Jan 2023 11:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62214
IP address blocks: 139.28.140.0/22 maxlen: 22
2a09:740::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:b0:7c:25:7c:90:79:78:b0:fd:1e:bb:6b:35:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6596fb89a8a23cbe4f2adb165c89f26de8ab7876
Validity
Not Before: Jan 2 11:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15ffcb324834b3151c0a91c929b57ab8c16c0d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7f:93:c0:3f:bd:b3:79:d3:06:36:ba:6e:07:
c7:a6:bd:c7:11:c6:57:8a:da:47:72:67:9d:0f:0f:
5d:29:66:b6:70:35:b6:df:95:48:69:38:b7:b0:d7:
7b:e5:16:c9:31:29:b7:6f:df:e6:01:e2:c0:58:11:
33:8b:65:9f:a6:20:69:82:d4:06:0a:2a:98:40:f7:
23:52:6a:fc:8e:61:8c:08:31:66:c9:45:f4:d2:51:
59:26:ad:6e:12:9b:b6:ef:21:ad:10:91:8d:7a:c2:
ea:0e:6a:0d:1e:b7:d1:36:30:ee:30:d3:4b:8b:07:
7e:f8:b7:8f:b4:c3:34:ab:66:81:21:1f:cd:ab:18:
3d:65:3c:67:06:40:ab:51:4e:11:45:1c:35:cd:b8:
b3:35:22:f7:9a:92:11:90:57:e4:b4:62:9e:8c:54:
f9:3e:53:a6:dd:d8:c7:e9:00:c6:9d:70:67:74:bf:
9c:11:19:f0:e8:8b:7e:07:10:3d:6e:09:48:74:d2:
61:07:df:56:81:27:47:67:48:30:b1:39:f8:37:85:
22:90:d4:94:51:54:3c:1e:75:bf:a3:d8:dc:07:29:
13:75:54:27:12:ef:6d:9d:76:56:43:b5:cf:aa:f4:
e1:48:e0:54:31:a7:32:77:5e:40:21:1f:bd:29:a5:
9b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:FF:CB:32:48:34:B3:15:1C:0A:91:C9:29:B5:7A:B8:C1:6C:0D:03
X509v3 Authority Key Identifier:
keyid:65:96:FB:89:A8:A2:3C:BE:4F:2A:DB:16:5C:89:F2:6D:E8:AB:78:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZb7iaiiPL5PKtsWXInybeireHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/Ff_LMkg0sxUcCpHJKbV6uMFsDQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/ZZb7iaiiPL5PKtsWXInybeireHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.140.0/22
IPv6:
2a09:740::/32
Signature Algorithm: sha256WithRSAEncryption
73:f9:a4:7d:19:44:b7:bc:66:91:58:21:89:bd:d4:16:1c:03:
3d:62:53:5e:47:6b:ab:ba:bb:99:62:83:15:1e:bb:07:98:68:
25:d3:dd:17:52:41:ba:0b:bc:ac:ff:51:41:f1:3a:46:77:40:
31:7f:04:d4:e3:6c:7d:eb:4b:85:0a:6a:50:84:c8:78:9c:46:
f1:5b:e0:ab:0c:92:a7:a1:6c:99:36:af:2e:54:dc:26:f3:91:
7d:12:65:f6:f6:e7:32:73:da:58:b3:8a:77:a6:d7:1d:fc:1b:
7a:a8:12:cf:c8:a1:9f:4e:bc:39:82:55:fc:d2:6f:b3:7b:68:
a6:30:da:72:f9:46:73:9f:16:bb:0d:8d:bf:70:20:91:71:72:
ce:b7:75:9c:46:ac:a3:51:76:fa:5a:08:34:a1:8a:a1:f3:20:
0c:e2:ee:a8:bf:b0:58:b3:d0:41:49:86:aa:47:71:8f:c4:c9:
58:0b:49:0e:c8:97:b2:55:b7:28:6e:7a:06:1a:f3:31:27:dd:
0c:10:52:83:4d:d8:b8:19:57:df:31:e8:d1:db:33:4f:24:8c:
82:81:25:32:8f:c7:b9:29:b4:f8:ae:41:95:73:54:04:64:ed:
fe:74:4d:ba:79:19:6d:53:4c:5e:5e:0d:10:64:25:9f:d2:38:
01:ac:65:82
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyVbB8JXyQeXiw/R67azUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OTZmYjg5YThhMjNjYmU0ZjJhZGIxNjVjODlmMjZkZThh
Yjc4NzYwHhcNMjMwMTAyMTE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWZmY2IzMjQ4MzRiMzE1MWMwYTkxYzkyOWI1N2FiOGMxNmMwZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3+TwD+9s3nTBja6bgfHpr3HEcZX
itpHcmedDw9dKWa2cDW235VIaTi3sNd75RbJMSm3b9/mAeLAWBEzi2WfpiBpgtQG
CiqYQPcjUmr8jmGMCDFmyUX00lFZJq1uEpu27yGtEJGNesLqDmoNHrfRNjDuMNNL
iwd++LePtMM0q2aBIR/Nqxg9ZTxnBkCrUU4RRRw1zbizNSL3mpIRkFfktGKejFT5
PlOm3djH6QDGnXBndL+cERnw6It+BxA9bglIdNJhB99WgSdHZ0gwsTn4N4UikNSU
UVQ8HnW/o9jcBykTdVQnEu9tnXZWQ7XPqvThSOBUMacyd15AIR+9KaWbVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBX/yzJINLMVHAqRySm1erjBbA0DMB8GA1UdIwQY
MBaAFGWW+4moojy+TyrbFlyJ8m3oq3h2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpiN2lhaWlQTDVQS3RzV1hJbnliZWlyZUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNzQzZGYtNWY2Zi00ZjE3LWEyMjUt
MjAyZTE5YzA4OGIxLzEvRmZfTE1rZzBzeFVjQ3BISktiVjZ1TUZzRFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNzQzZGYtNWY2Zi00ZjE3LWEyMjUtMjAyZTE5YzA4OGIx
LzEvWlpiN2lhaWlQTDVQS3RzV1hJbnliZWlyZUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCixyMMA0E
AgACMAcDBQAqCQdAMA0GCSqGSIb3DQEBCwUAA4IBAQBz+aR9GUS3vGaRWCGJvdQW
HAM9YlNeR2ururuZYoMVHrsHmGgl090XUkG6C7ys/1FB8TpGd0AxfwTU42x960uF
CmpQhMh4nEbxW+CrDJKnoWyZNq8uVNwm85F9EmX29ucyc9pYs4p3ptcd/Bt6qBLP
yKGfTrw5glX80m+ze2imMNpy+UZznxa7DY2/cCCRcXLOt3WcRqyjUXb6Wgg0oYqh
8yAM4u6ov7BYs9BBSYaqR3GPxMlYC0kOyJeyVbcobnoGGvMxJ90MEFKDTdi4GVff
MejR2zNPJIyCgSUyj8e5KbT4rkGVc1QEZO3+dE26eRltU0xeXg0QZCWf0jgBrGWC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:02 2024 by rpki-client on console-ams.rpki-client.org