Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/x5FowX4S5o9Ijn6SUtFDsKqqUag.roa
File: x5FowX4S5o9Ijn6SUtFDsKqqUag.roa (raw, json)
Hash identifier: wnl1kgeNJZpjTOM30dKMFyIvtwUCireYmGENM9bzI8g=
Subject key identifier: C7:91:68:C1:7E:12:E6:8F:48:8E:7E:92:52:D1:43:B0:AA:AA:51:A8
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 0189FFA27768F01B3D3988E5AE7F1ECE53F9
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/x5FowX4S5o9Ijn6SUtFDsKqqUag.roa
Signing time: Wed 16 Aug 2023 18:36:24 +0000
ROA not before: Wed 16 Aug 2023 18:36:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212144
IP address blocks: 2a12:6d80::/29 maxlen: 29
2a07:6d00::/29 maxlen: 29
2a12:3f80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ff:a2:77:68:f0:1b:3d:39:88:e5:ae:7f:1e:ce:53:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Aug 16 18:36:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c79168c17e12e68f488e7e9252d143b0aaaa51a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:57:c7:59:38:d0:ee:9f:74:cc:79:58:f4:35:
c2:87:0f:da:6b:62:5b:fd:bc:ec:26:0a:8d:5e:82:
e4:e7:e8:9f:f5:a8:66:dc:56:6a:8e:fd:ca:dd:44:
3a:a7:35:ba:32:cf:2e:53:dc:1e:4d:5d:46:a3:dd:
b6:35:1c:4d:e5:99:6b:b7:cf:4e:5c:d7:c4:68:4a:
c6:09:c7:06:31:c1:d5:25:0f:86:97:fd:c2:02:80:
31:e0:00:b2:ae:f5:84:20:d8:a5:7e:b0:cf:c1:03:
a1:e2:aa:fa:47:33:b6:b9:4f:82:85:82:43:32:0d:
a6:60:2c:89:5d:f9:fe:b1:eb:af:d3:16:2d:e0:f5:
64:68:ab:1e:27:cc:e7:ba:38:11:24:f5:aa:69:df:
fd:c9:b8:da:2e:26:bb:51:67:e7:ee:0b:fa:39:b2:
b7:2d:f9:61:f2:16:85:32:70:69:fe:9b:3d:3c:92:
36:d5:0e:e4:df:31:9e:a2:5b:80:20:99:f1:8a:d7:
d8:2d:33:4f:ef:ef:83:2e:33:94:9c:2e:6f:a9:56:
b1:bd:77:66:55:fb:09:b5:dc:09:52:ba:9b:f4:9f:
ed:8a:78:45:4f:dc:57:74:71:6a:dd:ab:19:d3:9a:
4a:ae:78:38:39:bf:b1:93:2a:4c:c7:38:dc:aa:27:
3f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:91:68:C1:7E:12:E6:8F:48:8E:7E:92:52:D1:43:B0:AA:AA:51:A8
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/x5FowX4S5o9Ijn6SUtFDsKqqUag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:6d00::/29
2a12:3f80::/29
2a12:6d80::/29
Signature Algorithm: sha256WithRSAEncryption
2d:6b:5c:b5:06:e5:be:73:87:8f:ef:76:e6:84:af:82:62:56:
ae:e3:69:e1:55:88:e0:f3:67:eb:00:3a:a8:a9:d4:4a:79:df:
39:d8:be:9f:a6:70:1c:10:05:b1:18:71:67:30:94:0b:64:45:
b0:6b:f9:91:ae:da:1c:0c:a0:bc:72:72:81:74:e7:8c:95:e9:
90:a5:12:62:2f:2c:03:11:16:fe:15:17:8b:90:a1:3c:fa:ba:
83:f5:36:04:ce:5b:f6:1c:35:f3:9b:ec:6b:40:3d:07:1c:e4:
6c:07:c2:3b:3d:c3:d7:1c:42:ca:55:a0:90:b4:d2:9b:d0:94:
50:1a:de:08:db:c6:1e:73:d0:72:6d:57:d0:c8:ab:fe:fd:65:
79:ba:78:85:7c:79:4f:64:33:1d:44:f2:c8:91:9c:9f:f2:eb:
19:89:51:cf:22:a6:60:e1:5d:d4:2a:4c:cb:23:26:db:e9:83:
4d:12:49:22:0d:d0:76:52:72:b1:27:30:fe:20:ac:ad:66:70:
d7:f9:7f:78:e3:48:36:f7:3a:8c:da:0c:3a:25:3a:e5:4c:5a:
13:a4:65:bd:96:52:16:b9:c4:8d:94:9e:b7:8b:0a:87:04:25:
c2:42:80:f8:af:8b:66:ec:c6:74:e5:fc:9b:bf:6e:75:2b:ab:
65:c0:f1:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYn/ondo8Bs9OYjlrn8ezlP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjMwODE2MTgzNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzkxNjhjMTdlMTJlNjhmNDg4ZTdlOTI1MmQxNDNiMGFhYWE1MWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1fHWTjQ7p90zHlY9DXChw/aa2Jb
/bzsJgqNXoLk5+if9ahm3FZqjv3K3UQ6pzW6Ms8uU9weTV1Go922NRxN5Zlrt89O
XNfEaErGCccGMcHVJQ+Gl/3CAoAx4ACyrvWEINilfrDPwQOh4qr6RzO2uU+ChYJD
Mg2mYCyJXfn+seuv0xYt4PVkaKseJ8znujgRJPWqad/9ybjaLia7UWfn7gv6ObK3
Lflh8haFMnBp/ps9PJI21Q7k3zGeoluAIJnxitfYLTNP7++DLjOUnC5vqVaxvXdm
VfsJtdwJUrqb9J/tinhFT9xXdHFq3asZ05pKrng4Ob+xkypMxzjcqic/awIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMeRaMF+EuaPSI5+klLRQ7CqqlGoMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEveDVGb3dYNFM1bzlJam42U1V0RkRzS3FxVWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgdtAAMF
AyoSP4ADBQMqEm2AMA0GCSqGSIb3DQEBCwUAA4IBAQAta1y1BuW+c4eP73bmhK+C
Ylau42nhVYjg82frADqoqdRKed852L6fpnAcEAWxGHFnMJQLZEWwa/mRrtocDKC8
cnKBdOeMlemQpRJiLywDERb+FReLkKE8+rqD9TYEzlv2HDXzm+xrQD0HHORsB8I7
PcPXHELKVaCQtNKb0JRQGt4I28Yec9BybVfQyKv+/WV5uniFfHlPZDMdRPLIkZyf
8usZiVHPIqZg4V3UKkzLIybb6YNNEkkiDdB2UnKxJzD+IKytZnDX+X9440g29zqM
2gw6JTrlTFoTpGW9llIWucSNlJ63iwqHBCXCQoD4r4tm7MZ05fybv251K6tlwPEk
-----END CERTIFICATE-----
Generated at Thu Sep 7 21:40:00 2023 by rpki-client on console-ams.rpki-client.org