Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/QdcrUTmJ5DdvPFFvlbgjHzUGEn0.roa
File: QdcrUTmJ5DdvPFFvlbgjHzUGEn0.roa (raw, json)
Hash identifier: 4FbvTxbZabBxMcxtjITzSZMz+brniy2L1PkNfcQhCqM=
Subject key identifier: 41:D7:2B:51:39:89:E4:37:6F:3C:51:6F:95:B8:23:1F:35:06:12:7D
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 018570CBEF02A952FC5FD21F875B485B05DD
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/QdcrUTmJ5DdvPFFvlbgjHzUGEn0.roa
Signing time: Mon 02 Jan 2023 04:44:51 +0000
ROA not before: Mon 02 Jan 2023 04:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202818
IP address blocks: 2001:4cd0:dc00:1200::/56 maxlen: 56
2001:4cd0:dc00::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:ef:02:a9:52:fc:5f:d2:1f:87:5b:48:5b:05:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Jan 2 04:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41d72b513989e4376f3c516f95b8231f3506127d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a1:9f:4a:fd:e6:6a:35:1c:cb:da:8e:2d:b9:
b4:50:cc:48:a5:4e:5c:38:14:f4:60:c0:86:f5:35:
3d:a8:b8:0a:83:ff:93:9c:cd:af:86:09:2f:21:2f:
36:48:b7:48:9c:e4:b6:6d:1d:85:9c:89:d3:46:5b:
05:16:db:30:34:c4:ef:8a:8c:1e:be:be:31:33:82:
65:6e:02:fe:0f:9c:8b:7f:c6:0a:ec:27:05:52:a1:
37:ca:7b:1f:48:78:d3:3a:96:53:d1:87:d3:06:fd:
33:62:04:f5:b2:e6:c7:d0:f3:e2:56:96:d7:11:24:
27:f0:0d:6c:07:e8:af:de:4b:a7:ce:c4:4d:d2:e2:
29:dd:d0:cb:91:6b:8e:17:0c:75:4e:90:c4:36:bc:
14:1a:52:e9:4d:4f:ba:ac:03:34:07:0f:f3:ee:df:
14:b6:59:f8:98:74:b7:06:2b:94:38:a8:e8:35:ae:
89:2f:ed:3b:6c:a3:62:1b:32:34:33:fc:96:38:c5:
a7:13:ff:57:60:55:dc:ae:25:e9:ff:02:47:6d:d8:
57:df:65:b7:af:9e:76:85:7c:4d:a4:30:48:f3:f3:
0c:1d:e7:48:8d:bb:30:a5:95:3d:82:46:fd:92:4c:
b4:d2:41:bb:ba:63:68:3c:bd:2b:2e:07:03:90:14:
f1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D7:2B:51:39:89:E4:37:6F:3C:51:6F:95:B8:23:1F:35:06:12:7D
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/QdcrUTmJ5DdvPFFvlbgjHzUGEn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4cd0:dc00::/48
Signature Algorithm: sha256WithRSAEncryption
ab:11:d8:f5:4b:d2:a0:69:33:6f:00:f0:3e:46:1e:31:db:df:
6f:ea:84:fb:ca:f6:4d:16:98:6c:5f:9d:44:67:51:66:39:f1:
0d:85:7e:80:3b:06:3d:6f:53:ab:b2:87:15:73:60:09:42:89:
33:cc:c0:86:19:6c:39:ee:8c:64:75:16:49:d0:bc:38:64:b5:
bb:4f:3b:4e:d2:dc:4e:c2:60:e3:5a:b2:3e:99:3b:db:e0:38:
2a:a8:b5:50:81:53:47:20:30:a5:e3:0d:28:a2:88:af:74:0a:
8e:36:81:2f:2b:a9:fd:0a:79:e5:cd:24:58:d4:2d:a8:27:97:
b0:aa:09:8c:a4:5d:89:0a:cb:99:ca:16:f3:9a:fd:d3:1d:87:
45:e6:37:f9:8e:dc:ec:f2:e6:5e:d8:fd:9e:1c:dd:95:f1:47:
45:24:8a:ea:6b:8d:5e:35:7b:68:0a:83:b8:08:9a:2f:d0:6a:
8d:8b:c2:c6:15:6f:74:d0:e0:c8:2b:77:79:e3:65:90:61:10:
a9:80:92:11:53:8c:6f:44:79:73:91:20:57:85:5d:12:1a:a4:
bf:31:3a:af:08:f9:0b:ed:3e:b0:dd:45:74:39:16:8a:bb:34:
ca:d8:5d:23:cf:68:1b:6c:ad:9a:ee:bf:7a:d4:f2:37:e2:29:
54:50:34:59
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwy+8CqVL8X9Ifh1tIWwXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjMwMTAyMDQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQ3MmI1MTM5ODllNDM3NmYzYzUxNmY5NWI4MjMxZjM1MDYxMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6GfSv3majUcy9qOLbm0UMxIpU5c
OBT0YMCG9TU9qLgKg/+TnM2vhgkvIS82SLdInOS2bR2FnInTRlsFFtswNMTviowe
vr4xM4JlbgL+D5yLf8YK7CcFUqE3ynsfSHjTOpZT0YfTBv0zYgT1subH0PPiVpbX
ESQn8A1sB+iv3kunzsRN0uIp3dDLkWuOFwx1TpDENrwUGlLpTU+6rAM0Bw/z7t8U
tln4mHS3BiuUOKjoNa6JL+07bKNiGzI0M/yWOMWnE/9XYFXcriXp/wJHbdhX32W3
r552hXxNpDBI8/MMHedIjbswpZU9gkb9kky00kG7umNoPL0rLgcDkBTxTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEHXK1E5ieQ3bzxRb5W4Ix81BhJ9MB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvUWRjclVUbUo1RGR2UEZGdmxiZ2pIelVHRW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAFM0NwA
MA0GCSqGSIb3DQEBCwUAA4IBAQCrEdj1S9KgaTNvAPA+Rh4x299v6oT7yvZNFphs
X51EZ1FmOfENhX6AOwY9b1OrsocVc2AJQokzzMCGGWw57oxkdRZJ0Lw4ZLW7TztO
0txOwmDjWrI+mTvb4DgqqLVQgVNHIDCl4w0oooivdAqONoEvK6n9CnnlzSRY1C2o
J5ewqgmMpF2JCsuZyhbzmv3THYdF5jf5jtzs8uZe2P2eHN2V8UdFJIrqa41eNXto
CoO4CJov0GqNi8LGFW900ODIK3d542WQYRCpgJIRU4xvRHlzkSBXhV0SGqS/MTqv
CPkL7T6w3UV0ORaKuzTK2F0jz2gbbK2a7r961PI34ilUUDRZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:57 2024 by rpki-client on console-fra.rpki-client.org