Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/501fd3-a8cd-4e2d-9d32-2fb72a0aef6d/1/F_pQmmOPwVB9XNzzx9rrpFicXUE.roa
File: F_pQmmOPwVB9XNzzx9rrpFicXUE.roa (raw, json)
Hash identifier: puDGDxdaFgi9bynUFa/7OoHIXD4mpgMauMjPLtF6R7I=
Subject key identifier: 17:FA:50:9A:63:8F:C1:50:7D:5C:DC:F3:C7:DA:EB:A4:58:9C:5D:41
Certificate issuer: /CN=1faacab8e456bb291979a7357a7024f00bebaaf5
Certificate serial: 018F8D5C8F7FB5BFAD93C8ED8525904F3C29
Authority key identifier: 1F:AA:CA:B8:E4:56:BB:29:19:79:A7:35:7A:70:24:F0:0B:EB:AA:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6rKuORWuykZeac1enAk8AvrqvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/501fd3-a8cd-4e2d-9d32-2fb72a0aef6d/1/F_pQmmOPwVB9XNzzx9rrpFicXUE.roa
Signing time: Sat 18 May 2024 20:20:04 +0000
ROA not before: Sat 18 May 2024 20:20:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50937
IP address blocks: 66.33.37.0/24 maxlen: 24
2a14:3b40::/36 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 May 2024 20:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8d:5c:8f:7f:b5:bf:ad:93:c8:ed:85:25:90:4f:3c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1faacab8e456bb291979a7357a7024f00bebaaf5
Validity
Not Before: May 18 20:20:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17fa509a638fc1507d5cdcf3c7daeba4589c5d41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b0:5f:bc:15:62:fa:17:83:cc:45:e3:14:0c:
14:5f:b1:b1:8c:1d:c4:bc:f3:ee:8d:18:c5:e1:52:
a0:cc:99:7e:ba:34:ac:47:37:f1:a2:0e:d1:32:89:
fe:53:91:6c:fa:27:a4:76:fa:04:35:06:a6:b4:46:
62:62:b1:a8:a3:14:e6:f5:f8:4d:21:17:5f:ea:40:
e1:3c:24:80:c9:3c:b8:7a:c1:f6:ed:b9:59:da:d9:
e1:0f:55:47:c0:ed:70:4e:26:00:fd:4d:45:d8:15:
ef:cc:b0:5a:a1:f3:df:f4:3b:72:ae:82:a5:38:f5:
c0:14:02:5e:98:21:b3:96:38:b6:2e:e6:bc:67:0e:
37:8a:79:c5:c8:df:14:0f:4b:b5:4b:a9:99:e2:ad:
30:4c:85:3d:eb:50:b2:e0:e9:ee:89:55:60:a0:5d:
45:9d:a6:8a:a2:54:73:46:2a:af:8d:85:d2:9e:e5:
bb:d9:b1:c5:37:f7:b9:52:46:e9:dc:4c:e9:88:c9:
d8:4c:b0:8c:e6:79:7d:1d:03:04:33:c2:45:c6:a1:
b1:b0:4b:ed:34:38:87:a2:5f:40:05:fb:1d:92:d0:
10:c7:d5:75:64:b5:68:0a:96:45:9e:2b:93:d7:f4:
4a:ca:ca:78:7a:b8:9b:81:3e:52:32:45:56:8f:d0:
14:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:FA:50:9A:63:8F:C1:50:7D:5C:DC:F3:C7:DA:EB:A4:58:9C:5D:41
X509v3 Authority Key Identifier:
keyid:1F:AA:CA:B8:E4:56:BB:29:19:79:A7:35:7A:70:24:F0:0B:EB:AA:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6rKuORWuykZeac1enAk8AvrqvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/501fd3-a8cd-4e2d-9d32-2fb72a0aef6d/1/F_pQmmOPwVB9XNzzx9rrpFicXUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/501fd3-a8cd-4e2d-9d32-2fb72a0aef6d/1/H6rKuORWuykZeac1enAk8AvrqvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.33.37.0/24
IPv6:
2a14:3b40::/36
Signature Algorithm: sha256WithRSAEncryption
86:b2:f6:ef:9f:93:61:c3:3b:6e:97:f5:d0:d4:c0:ab:cb:a4:
c9:2d:fc:4d:92:52:0c:d3:ce:21:74:b8:e6:18:42:01:ce:40:
a6:d6:51:84:b9:2a:80:b5:0e:35:ee:93:0d:33:3a:2e:15:70:
02:6f:5d:2f:a1:ec:5a:72:c7:11:4f:09:b3:ef:a1:c2:c4:5f:
29:43:7d:6d:c3:f8:72:2e:32:de:fd:4b:d7:75:b8:12:5e:a9:
0d:93:f3:12:ad:88:e7:4e:0d:b9:e1:e4:7f:4a:14:56:bd:78:
d8:54:0c:bb:99:a0:84:9b:ae:ba:60:56:ac:82:84:b8:f1:e2:
1a:56:2e:76:71:8f:ac:a6:50:9f:3c:d4:af:9a:c2:2c:6f:d3:
d8:58:1b:88:1b:b1:d7:7a:30:46:76:f8:d5:cc:10:3d:ad:89:
64:88:60:2a:13:8a:1a:f8:22:68:48:92:26:8a:76:08:83:b3:
8e:4b:40:28:63:cd:83:1a:be:ea:3e:d5:34:e0:50:47:ac:06:
f1:14:a6:da:3b:0e:db:97:21:fc:db:c6:ff:9f:d6:ab:b9:88:
b1:7d:0a:3d:fa:f6:0d:60:21:f2:c6:e0:bd:56:6b:c9:af:8a:
1a:93:9a:be:b3:08:95:a1:97:0b:3d:d9:2b:1f:26:0c:01:76:
d2:b5:20:22
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY+NXI9/tb+tk8jthSWQTzwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYWFjYWI4ZTQ1NmJiMjkxOTc5YTczNTdhNzAyNGYwMGJl
YmFhZjUwHhcNMjQwNTE4MjAyMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2ZhNTA5YTYzOGZjMTUwN2Q1Y2RjZjNjN2RhZWJhNDU4OWM1ZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bBfvBVi+heDzEXjFAwUX7GxjB3E
vPPujRjF4VKgzJl+ujSsRzfxog7RMon+U5Fs+iekdvoENQamtEZiYrGooxTm9fhN
IRdf6kDhPCSAyTy4esH27blZ2tnhD1VHwO1wTiYA/U1F2BXvzLBaofPf9DtyroKl
OPXAFAJemCGzlji2Lua8Zw43innFyN8UD0u1S6mZ4q0wTIU961Cy4OnuiVVgoF1F
naaKolRzRiqvjYXSnuW72bHFN/e5Ukbp3EzpiMnYTLCM5nl9HQMEM8JFxqGxsEvt
NDiHol9ABfsdktAQx9V1ZLVoCpZFniuT1/RKysp4eribgT5SMkVWj9AUpQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFBf6UJpjj8FQfVzc88fa66RYnF1BMB8GA1UdIwQY
MBaAFB+qyrjkVrspGXmnNXpwJPAL66r1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDZyS3VPUld1eWtaZWFjMWVuQWs4QXZycXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81MDFmZDMtYThjZC00ZTJkLTlkMzIt
MmZiNzJhMGFlZjZkLzEvRl9wUW1tT1B3VkI5WE56eng5cnJwRmljWFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81MDFmZDMtYThjZC00ZTJkLTlkMzItMmZiNzJhMGFlZjZk
LzEvSDZyS3VPUld1eWtaZWFjMWVuQWs4QXZycXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAQiElMA4E
AgACMAgDBgQqFDtAADANBgkqhkiG9w0BAQsFAAOCAQEAhrL275+TYcM7bpf10NTA
q8ukyS38TZJSDNPOIXS45hhCAc5AptZRhLkqgLUONe6TDTM6LhVwAm9dL6HsWnLH
EU8Js++hwsRfKUN9bcP4ci4y3v1L13W4El6pDZPzEq2I504NueHkf0oUVr142FQM
u5mghJuuumBWrIKEuPHiGlYudnGPrKZQnzzUr5rCLG/T2FgbiBux13owRnb41cwQ
Pa2JZIhgKhOKGvgiaEiSJop2CIOzjktAKGPNgxq+6j7VNOBQR6wG8RSm2jsO25ch
/NvG/5/Wq7mIsX0KPfr2DWAh8sbgvVZrya+KGpOavrMIlaGXCz3ZKx8mDAF20rUg
Ig==
-----END CERTIFICATE-----
Generated at Thu May 30 21:46:10 2024 by rpki-client on console-fra.rpki-client.org