Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/05e109-2347-4a7c-8adb-d1981dd446cf/1/B8cqdynn_U17x-K7zqy7VISXB20.roa
File: B8cqdynn_U17x-K7zqy7VISXB20.roa (raw, json)
Hash identifier: VKLRwppPgn6bo6WqvEyMXSxYW7gWSBh9LeXuOI+hkzk=
Subject key identifier: 07:C7:2A:77:29:E7:FD:4D:7B:C7:E2:BB:CE:AC:BB:54:84:97:07:6D
Certificate issuer: /CN=4121c7fb04153829d96a1c038f0df714da595404
Certificate serial: 0185719584AB61EC0B9ABB60C9A94821D66F
Authority key identifier: 41:21:C7:FB:04:15:38:29:D9:6A:1C:03:8F:0D:F7:14:DA:59:54:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSHH-wQVOCnZahwDjw33FNpZVAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/05e109-2347-4a7c-8adb-d1981dd446cf/1/B8cqdynn_U17x-K7zqy7VISXB20.roa
Signing time: Mon 02 Jan 2023 08:25:02 +0000
ROA not before: Mon 02 Jan 2023 08:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213032
IP address blocks: 2001:678:dc8::/48 maxlen: 48
2001:67c:27c4::/48 maxlen: 48
2001:678:dc4::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:84:ab:61:ec:0b:9a:bb:60:c9:a9:48:21:d6:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4121c7fb04153829d96a1c038f0df714da595404
Validity
Not Before: Jan 2 08:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07c72a7729e7fd4d7bc7e2bbceacbb548497076d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2d:ce:25:97:c6:27:88:bd:ea:b9:fa:0f:56:
72:2c:76:f8:43:61:19:e6:f1:da:33:70:e4:8b:c9:
12:a4:8a:6c:f1:1c:37:4c:56:7e:77:ef:9d:d3:fa:
62:ec:5f:d6:62:c2:ec:6e:f2:03:fb:53:b7:91:14:
a7:dc:af:01:37:02:82:dc:87:40:2a:08:ff:cd:d9:
c4:85:99:64:28:a9:f0:b9:5e:2a:05:d5:e5:c1:5f:
52:a4:bf:09:69:c6:39:45:39:1e:20:9e:32:e1:1b:
24:38:33:54:a9:0c:24:3f:7f:32:8f:2f:a0:d9:86:
12:bc:81:d5:e5:9d:16:5a:04:48:de:71:45:8a:e0:
97:ba:15:d7:27:3a:32:6f:fd:e1:57:1d:5c:dc:0d:
07:b0:3d:15:c5:e8:6e:a4:c7:29:da:ec:60:41:40:
08:23:81:55:51:11:47:ea:c7:93:6d:e1:b9:d4:2f:
38:24:68:ff:01:06:cb:00:60:ad:a9:19:89:dc:5c:
74:af:7b:ce:c8:53:3c:82:38:9f:ba:c8:b5:2e:c2:
5d:ed:9a:e8:f0:a4:02:6c:af:2a:c1:a4:40:20:70:
52:2a:98:66:34:8b:d6:6c:0a:93:ec:7f:41:f0:0d:
73:9a:04:9f:56:8d:3b:88:2b:0f:c3:2e:80:87:40:
ec:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C7:2A:77:29:E7:FD:4D:7B:C7:E2:BB:CE:AC:BB:54:84:97:07:6D
X509v3 Authority Key Identifier:
keyid:41:21:C7:FB:04:15:38:29:D9:6A:1C:03:8F:0D:F7:14:DA:59:54:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSHH-wQVOCnZahwDjw33FNpZVAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/05e109-2347-4a7c-8adb-d1981dd446cf/1/B8cqdynn_U17x-K7zqy7VISXB20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/05e109-2347-4a7c-8adb-d1981dd446cf/1/QSHH-wQVOCnZahwDjw33FNpZVAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:dc4::/48
2001:678:dc8::/48
2001:67c:27c4::/48
Signature Algorithm: sha256WithRSAEncryption
20:1f:e9:6e:8f:24:9d:6a:da:1f:8d:0c:04:99:76:c7:f2:9e:
23:b0:bc:79:df:83:19:99:42:86:24:86:a2:64:ed:4c:60:61:
1a:01:02:ab:35:1b:47:ee:4f:c6:78:9b:27:19:5c:77:80:cb:
2d:70:32:a3:57:4e:93:60:57:53:a8:66:05:ae:b0:07:62:40:
bd:92:1f:c7:9f:ce:28:02:31:cd:34:85:e2:8b:6d:c3:44:24:
39:ed:1c:5d:e3:67:08:61:a7:72:8a:3d:50:be:bf:26:94:86:
30:f7:ad:4a:b0:ce:3e:c0:01:1d:56:a3:29:7f:80:79:2c:63:
c3:8d:c9:46:f6:67:f0:db:65:57:45:8f:e7:0b:5a:0b:79:ec:
29:dd:65:21:1b:89:87:3a:f2:0b:b8:29:fa:7d:17:31:e7:39:
b1:3b:cb:d3:49:03:eb:4a:1c:54:31:fa:02:57:df:c4:48:95:
6c:59:9e:c8:39:95:a4:e5:9e:f0:00:ad:f6:b7:bc:b8:12:db:
f7:16:ed:cd:ac:d6:17:6d:f1:b5:f4:37:58:19:e3:9e:58:98:
31:4e:30:e4:d6:d3:56:a1:10:a2:41:5d:54:68:a4:4e:aa:95:
ac:28:97:bd:6a:5c:ba:3d:76:65:86:33:81:ee:26:1f:e7:2b:
bb:bd:68:67
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxlYSrYewLmrtgyalIIdZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMjFjN2ZiMDQxNTM4MjlkOTZhMWMwMzhmMGRmNzE0ZGE1
OTU0MDQwHhcNMjMwMTAyMDgyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2M3MmE3NzI5ZTdmZDRkN2JjN2UyYmJjZWFjYmI1NDg0OTcwNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjC3OJZfGJ4i96rn6D1ZyLHb4Q2EZ
5vHaM3Dki8kSpIps8Rw3TFZ+d++d0/pi7F/WYsLsbvID+1O3kRSn3K8BNwKC3IdA
Kgj/zdnEhZlkKKnwuV4qBdXlwV9SpL8JacY5RTkeIJ4y4RskODNUqQwkP38yjy+g
2YYSvIHV5Z0WWgRI3nFFiuCXuhXXJzoyb/3hVx1c3A0HsD0VxehupMcp2uxgQUAI
I4FVURFH6seTbeG51C84JGj/AQbLAGCtqRmJ3Fx0r3vOyFM8gjifusi1LsJd7Zro
8KQCbK8qwaRAIHBSKphmNIvWbAqT7H9B8A1zmgSfVo07iCsPwy6Ah0DsQQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAfHKncp5/1Ne8fiu86su1SElwdtMB8GA1UdIwQY
MBaAFEEhx/sEFTgp2WocA48N9xTaWVQEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNISC13UVZPQ25aYWh3RGp3MzNGTnBaVkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wNWUxMDktMjM0Ny00YTdjLThhZGIt
ZDE5ODFkZDQ0NmNmLzEvQjhjcWR5bm5fVTE3eC1LN3pxeTdWSVNYQjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wNWUxMDktMjM0Ny00YTdjLThhZGItZDE5ODFkZDQ0NmNm
LzEvUVNISC13UVZPQ25aYWh3RGp3MzNGTnBaVkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAIAEGeA3E
AwcAIAEGeA3IAwcAIAEGfCfEMA0GCSqGSIb3DQEBCwUAA4IBAQAgH+lujySdatof
jQwEmXbH8p4jsLx534MZmUKGJIaiZO1MYGEaAQKrNRtH7k/GeJsnGVx3gMstcDKj
V06TYFdTqGYFrrAHYkC9kh/Hn84oAjHNNIXii23DRCQ57Rxd42cIYadyij1Qvr8m
lIYw961KsM4+wAEdVqMpf4B5LGPDjclG9mfw22VXRY/nC1oLeewp3WUhG4mHOvIL
uCn6fRcx5zmxO8vTSQPrShxUMfoCV9/ESJVsWZ7IOZWk5Z7wAK32t7y4Etv3Fu3N
rNYXbfG19DdYGeOeWJgxTjDk1tNWoRCiQV1UaKROqpWsKJe9aly6PXZlhjOB7iYf
5yu7vWhn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org