Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/QjwIL9FlkwGQynS5BGapakzUXrg.roa
File: QjwIL9FlkwGQynS5BGapakzUXrg.roa (raw, json)
Hash identifier: /YB+HNdMe6X8yaC5JWFdYi7H+OTm61wVA51VplXDGeU=
Subject key identifier: 42:3C:08:2F:D1:65:93:01:90:CA:74:B9:04:66:A9:6A:4C:D4:5E:B8
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018ACC32D29C25036012273B6E1898426D21
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/QjwIL9FlkwGQynS5BGapakzUXrg.roa
Signing time: Mon 25 Sep 2023 11:56:37 +0000
ROA not before: Mon 25 Sep 2023 11:56:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34860
IP address blocks: 2a00:ec82::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:32:d2:9c:25:03:60:12:27:3b:6e:18:98:42:6d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Sep 25 11:56:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=423c082fd165930190ca74b90466a96a4cd45eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6d:ce:c2:8f:76:35:60:34:19:19:11:cd:d1:
9a:20:ba:1e:c0:28:ea:cb:d0:0d:fe:24:a3:b0:c4:
73:c3:94:81:e6:ad:2b:83:58:31:31:64:c6:c3:37:
64:e1:39:20:7f:4d:ef:54:1a:a4:86:8a:2f:52:3d:
64:fd:7b:4c:bd:07:80:4d:ea:73:ed:1a:6e:11:36:
5a:fb:e9:3d:26:56:5b:0a:e3:2a:bb:bf:64:8b:55:
61:ff:e8:09:b5:50:35:78:e4:1b:34:04:82:73:c0:
40:a0:b4:b0:45:0e:d4:f3:88:ce:46:9e:1a:97:f1:
39:8c:93:85:ac:e5:60:69:ec:13:a6:7f:3b:2c:ab:
e4:11:58:0a:6b:b0:67:20:17:f5:e9:95:e2:fc:b4:
26:91:e7:83:ca:bf:e6:ae:02:eb:26:41:99:5d:77:
06:15:2e:b2:b9:6b:0e:94:bb:00:1b:2d:d1:17:ce:
6e:9b:ef:7b:cf:19:2b:37:75:cf:d6:d1:04:c8:ee:
b7:6e:13:49:c1:53:d1:d7:09:c6:61:af:ac:d3:fb:
79:d4:7a:26:33:1c:47:72:4f:1a:5f:7d:80:af:6c:
13:9d:9b:b3:7e:6e:af:e7:ff:f5:5d:f5:cf:1b:dc:
5e:cd:ab:df:47:86:a3:cf:5d:14:27:78:e6:76:38:
eb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3C:08:2F:D1:65:93:01:90:CA:74:B9:04:66:A9:6A:4C:D4:5E:B8
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/QjwIL9FlkwGQynS5BGapakzUXrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ec82::/32
Signature Algorithm: sha256WithRSAEncryption
4e:75:ec:b2:fe:1c:e4:a0:e9:e6:aa:48:f9:f3:1a:e2:29:e9:
8d:33:f4:8c:c7:50:b8:d4:d5:91:ff:a9:5c:ef:5d:d0:11:c8:
f5:f2:3c:98:eb:95:fe:1f:10:7e:7e:61:54:3e:80:56:6f:4b:
77:58:36:c1:a4:c0:24:18:fc:15:5e:df:2d:c3:59:90:b2:98:
b7:d2:0b:e1:d7:9d:6c:cd:54:77:09:7d:ba:52:08:d5:9e:4a:
02:04:f9:06:2b:ab:8d:23:97:a0:4e:2f:af:98:6a:86:38:3b:
cc:f8:32:91:6a:d7:e2:22:d1:f8:ec:cf:da:2a:2b:83:43:4e:
67:6e:03:88:9e:5d:0e:a5:9a:3d:3a:8c:b6:6b:2b:15:5d:e6:
5f:d2:dd:1a:c0:29:4a:2b:93:81:cd:be:01:29:48:8d:4f:e9:
17:41:cf:da:81:cb:5b:5e:f1:15:89:44:72:b0:dc:ca:d4:c3:
ef:4b:c0:bf:0d:3e:d8:99:b1:b1:f1:48:67:52:1f:f2:d9:5f:
8a:96:4c:c0:ba:db:9f:d4:9b:5f:3c:db:46:0c:f1:b4:5c:09:
2b:be:f9:f7:52:4f:61:67:35:08:01:46:32:41:d5:2b:40:d9:
e3:ff:9e:0a:2a:14:04:98:8a:c2:d8:90:2c:ce:a4:eb:fb:bd:
dc:a0:bb:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYrMMtKcJQNgEic7bhiYQm0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwOTI1MTE1NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNjMDgyZmQxNjU5MzAxOTBjYTc0YjkwNDY2YTk2YTRjZDQ1ZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjG3Owo92NWA0GRkRzdGaILoewCjq
y9AN/iSjsMRzw5SB5q0rg1gxMWTGwzdk4Tkgf03vVBqkhoovUj1k/XtMvQeATepz
7RpuETZa++k9JlZbCuMqu79ki1Vh/+gJtVA1eOQbNASCc8BAoLSwRQ7U84jORp4a
l/E5jJOFrOVgaewTpn87LKvkEVgKa7BnIBf16ZXi/LQmkeeDyr/mrgLrJkGZXXcG
FS6yuWsOlLsAGy3RF85um+97zxkrN3XP1tEEyO63bhNJwVPR1wnGYa+s0/t51Hom
MxxHck8aX32Ar2wTnZuzfm6v5//1XfXPG9xezavfR4ajz10UJ3jmdjjrCwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEI8CC/RZZMBkMp0uQRmqWpM1F64MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvUWp3SUw5Rmxrd0dReW5TNUJHYXBha3pVWHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgDsgjAN
BgkqhkiG9w0BAQsFAAOCAQEATnXssv4c5KDp5qpI+fMa4inpjTP0jMdQuNTVkf+p
XO9d0BHI9fI8mOuV/h8Qfn5hVD6AVm9Ld1g2waTAJBj8FV7fLcNZkLKYt9IL4ded
bM1Udwl9ulII1Z5KAgT5BiurjSOXoE4vr5hqhjg7zPgykWrX4iLR+OzP2iorg0NO
Z24DiJ5dDqWaPTqMtmsrFV3mX9LdGsApSiuTgc2+ASlIjU/pF0HP2oHLW17xFYlE
crDcytTD70vAvw0+2JmxsfFIZ1If8tlfipZMwLrbn9SbXzzbRgzxtFwJK77591JP
YWc1CAFGMkHVK0DZ4/+eCioUBJiKwtiQLM6k6/u93KC7cA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:55 2024 by rpki-client on console-fra.rpki-client.org