Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f63ac-b1e4-4dbd-9996-5a19afdb06a7/1/FFXTF4SGcIKC-8XHPu4D3D15iB0.roa
File: FFXTF4SGcIKC-8XHPu4D3D15iB0.roa (raw, json)
Hash identifier: wzulwTiG9SJ/ALRhzvTkI5RwppgPQqc59VTHFaJCalY=
Subject key identifier: 14:55:D3:17:84:86:70:82:82:FB:C5:C7:3E:EE:03:DC:3D:79:88:1D
Certificate issuer: /CN=7365ec12014f911f7205eecbc2fc818b9b35723c
Certificate serial: 01932770E365D54D1C9FE58EEC61318DC9CA
Authority key identifier: 73:65:EC:12:01:4F:91:1F:72:05:EE:CB:C2:FC:81:8B:9B:35:72:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c2XsEgFPkR9yBe7LwvyBi5s1cjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f63ac-b1e4-4dbd-9996-5a19afdb06a7/1/FFXTF4SGcIKC-8XHPu4D3D15iB0.roa
Signing time: Wed 13 Nov 2024 21:32:09 +0000
ROA not before: Wed 13 Nov 2024 21:32:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 116.214.120.0/24 maxlen: 24
116.214.121.0/24 maxlen: 24
2001:3300::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:27:70:e3:65:d5:4d:1c:9f:e5:8e:ec:61:31:8d:c9:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7365ec12014f911f7205eecbc2fc818b9b35723c
Validity
Not Before: Nov 13 21:32:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1455d3178486708282fbc5c73eee03dc3d79881d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:87:fd:5d:41:74:a7:79:4b:3a:d3:6e:cb:0a:
d7:ef:ed:46:6e:aa:a0:91:eb:4b:bc:7a:c8:50:ea:
be:09:9c:63:60:5a:5a:5e:81:3d:cf:1d:ab:0c:49:
11:a4:4b:42:db:4d:d3:d6:42:a6:6a:69:84:33:0a:
53:f1:81:9a:15:35:83:ad:31:68:ad:26:e7:0e:87:
f3:54:2a:6d:4d:0c:6c:dc:95:3a:8f:bc:c5:fb:0c:
f7:8e:5b:4b:f6:70:18:ea:4e:f7:aa:3d:58:a6:e8:
9c:73:7a:aa:75:ce:cd:50:6b:41:b9:f6:16:8f:af:
89:a8:88:1c:d1:35:28:0f:01:44:c9:ba:40:53:f4:
ec:e5:b2:c1:83:45:ce:8b:57:5f:a1:09:48:9d:e3:
fd:41:e5:ad:64:e1:b1:a5:6f:a7:73:ec:dd:fd:8d:
35:8c:f8:da:6e:c5:84:49:69:8b:58:40:88:ba:27:
fd:28:9e:61:a0:eb:cb:3d:c0:41:fc:e8:17:86:c3:
04:57:4f:69:f8:7d:6e:73:9c:ee:0d:1a:fc:42:dc:
2c:c9:3e:12:db:3f:24:59:be:98:93:f4:3b:20:51:
a7:fa:96:bb:ed:f2:54:8d:5f:e3:17:9d:0e:da:68:
6c:67:7c:32:e3:02:d6:0c:55:5d:3b:a8:4c:9b:94:
8f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:55:D3:17:84:86:70:82:82:FB:C5:C7:3E:EE:03:DC:3D:79:88:1D
X509v3 Authority Key Identifier:
keyid:73:65:EC:12:01:4F:91:1F:72:05:EE:CB:C2:FC:81:8B:9B:35:72:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2XsEgFPkR9yBe7LwvyBi5s1cjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f63ac-b1e4-4dbd-9996-5a19afdb06a7/1/FFXTF4SGcIKC-8XHPu4D3D15iB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f63ac-b1e4-4dbd-9996-5a19afdb06a7/1/c2XsEgFPkR9yBe7LwvyBi5s1cjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.214.120.0/23
IPv6:
2001:3300::/32
Signature Algorithm: sha256WithRSAEncryption
42:d2:0f:05:52:f0:35:28:95:41:92:43:a6:f9:69:79:1c:80:
56:a9:4f:fb:73:98:37:3f:c7:ea:c1:79:67:68:43:3c:42:0f:
9c:6f:4b:12:8c:92:00:9c:23:71:7b:b4:94:f6:6b:67:a1:9d:
99:bc:8c:be:f1:e3:57:17:a5:51:18:c2:1c:9f:6d:ff:f7:2d:
6d:20:cf:2a:50:d2:46:21:56:8c:54:08:0d:4c:57:f0:b3:3a:
83:7b:41:77:7a:51:80:80:ef:6b:f6:b0:5d:cf:dd:e2:33:57:
50:9d:dd:e3:a0:0b:70:67:18:41:bc:a3:c3:9f:ec:c7:43:8a:
9b:c0:2b:4e:29:0a:2e:53:41:10:ac:6d:9b:91:d5:52:14:0a:
11:4c:3b:47:d7:0b:3f:1a:66:9d:73:7b:db:e8:3e:1c:26:27:
63:91:80:99:e1:21:ce:32:0e:d8:b1:1d:7d:ce:49:ff:46:4c:
7c:b0:5d:0a:db:5a:11:0d:3f:2e:45:32:25:da:14:09:db:a2:
01:f9:95:66:ab:57:07:f0:02:57:46:4b:6a:50:8e:65:46:48:
66:fd:49:9f:12:b5:23:3e:3d:42:ef:50:97:c7:27:b8:8b:c4:
fc:26:0f:f2:14:02:29:e7:91:e2:d0:c4:be:fc:59:4b:ef:cd:
cd:0e:18:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZMncONl1U0cn+WO7GExjcnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNjVlYzEyMDE0ZjkxMWY3MjA1ZWVjYmMyZmM4MThiOWIz
NTcyM2MwHhcNMjQxMTEzMjEzMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDU1ZDMxNzg0ODY3MDgyODJmYmM1YzczZWVlMDNkYzNkNzk4ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYf9XUF0p3lLOtNuywrX7+1Gbqqg
ketLvHrIUOq+CZxjYFpaXoE9zx2rDEkRpEtC203T1kKmammEMwpT8YGaFTWDrTFo
rSbnDofzVCptTQxs3JU6j7zF+wz3jltL9nAY6k73qj1Ypuicc3qqdc7NUGtBufYW
j6+JqIgc0TUoDwFEybpAU/Ts5bLBg0XOi1dfoQlIneP9QeWtZOGxpW+nc+zd/Y01
jPjabsWESWmLWECIuif9KJ5hoOvLPcBB/OgXhsMEV09p+H1uc5zuDRr8QtwsyT4S
2z8kWb6Yk/Q7IFGn+pa77fJUjV/jF50O2mhsZ3wy4wLWDFVdO6hMm5SP/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBRV0xeEhnCCgvvFxz7uA9w9eYgdMB8GA1UdIwQY
MBaAFHNl7BIBT5EfcgXuy8L8gYubNXI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzJYc0VnRlBrUjl5QmU3THd2eUJpNXMxY2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjYzYWMtYjFlNC00ZGJkLTk5OTYt
NWExOWFmZGIwNmE3LzEvRkZYVEY0U0djSUtDLThYSFB1NEQzRDE1aUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjYzYWMtYjFlNC00ZGJkLTk5OTYtNWExOWFmZGIwNmE3
LzEvYzJYc0VnRlBrUjl5QmU3THd2eUJpNXMxY2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBdNZ4MA0E
AgACMAcDBQAgATMAMA0GCSqGSIb3DQEBCwUAA4IBAQBC0g8FUvA1KJVBkkOm+Wl5
HIBWqU/7c5g3P8fqwXlnaEM8Qg+cb0sSjJIAnCNxe7SU9mtnoZ2ZvIy+8eNXF6VR
GMIcn23/9y1tIM8qUNJGIVaMVAgNTFfwszqDe0F3elGAgO9r9rBdz93iM1dQnd3j
oAtwZxhBvKPDn+zHQ4qbwCtOKQouU0EQrG2bkdVSFAoRTDtH1ws/Gmadc3vb6D4c
JidjkYCZ4SHOMg7YsR19zkn/Rkx8sF0K21oRDT8uRTIl2hQJ26IB+ZVmq1cH8AJX
RktqUI5lRkhm/UmfErUjPj1C71CXxye4i8T8Jg/yFAIp55Hi0MS+/FlL783NDhhX
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:26 2025 by rpki-client