Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/QW-DDuu-uEv3MmVnx0hMblqJRwQ.roa
File: QW-DDuu-uEv3MmVnx0hMblqJRwQ.roa (raw, json)
Hash identifier: WMhBJhXkusPGt3GQ6HoL9ZV/W2OxN/dx7dxm3wwVqxc=
Subject key identifier: 41:6F:83:0E:EB:BE:B8:4B:F7:32:65:67:C7:48:4C:6E:5A:89:47:04
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 0190BFD9B5826CF9161AA7E1092EEC853DAC
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/QW-DDuu-uEv3MmVnx0hMblqJRwQ.roa
Signing time: Wed 17 Jul 2024 08:40:34 +0000
ROA not before: Wed 17 Jul 2024 08:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214512
IP address blocks: 2a14:67c1:10::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 18 Jul 2024 18:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:d9:b5:82:6c:f9:16:1a:a7:e1:09:2e:ec:85:3d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Jul 17 08:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=416f830eebbeb84bf7326567c7484c6e5a894704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fe:64:5a:97:fe:13:4c:91:d7:a7:c3:81:68:
cb:d8:40:40:47:fb:0a:c5:76:37:19:dd:7c:1b:f7:
fc:c4:d1:1f:a4:1f:31:d5:08:7f:47:81:41:c1:b5:
6f:1c:74:99:e8:2b:dd:12:82:ec:ad:a2:c3:0e:8d:
5b:68:90:d6:44:1a:62:94:02:da:1d:6d:fe:cc:8c:
c3:d0:09:c3:aa:b9:f6:bd:0f:f8:bc:9a:4b:1c:a9:
2f:e5:6f:db:de:19:7c:99:c7:cf:5f:54:11:19:17:
2a:f9:96:a0:52:08:5a:0b:ae:17:5f:26:0c:de:12:
44:63:a5:f2:b0:76:b5:a0:05:27:32:3c:1e:99:4c:
9c:19:47:5e:8b:cb:1b:33:c9:d6:31:20:aa:b4:70:
d7:de:ec:5f:4f:ee:0b:76:3a:71:47:75:83:0f:13:
29:db:7b:21:2e:17:6f:b0:d3:aa:e7:08:38:b9:90:
8d:bd:99:b4:f1:7f:cf:75:ba:1f:b3:5a:33:01:26:
85:ac:ed:9d:d5:e2:bf:aa:e8:fc:82:0c:7f:e0:83:
ff:56:c8:16:91:d9:8b:09:06:ea:ea:55:14:5c:e6:
99:12:3c:8b:35:75:30:6b:b0:2f:76:5d:ab:62:92:
8d:40:ca:9b:13:64:ed:3e:ed:1d:53:55:50:2f:94:
aa:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:6F:83:0E:EB:BE:B8:4B:F7:32:65:67:C7:48:4C:6E:5A:89:47:04
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/QW-DDuu-uEv3MmVnx0hMblqJRwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:10::/44
Signature Algorithm: sha256WithRSAEncryption
a4:a3:7e:d3:72:4e:ed:b8:a6:41:92:95:f8:d9:18:1e:02:a9:
8e:c9:aa:7b:c8:02:29:57:46:74:d8:9b:20:51:9c:cf:25:18:
14:17:4d:c8:89:f7:be:89:c4:43:a0:13:ac:e9:70:3f:4e:09:
e1:af:8c:b8:60:56:38:47:db:f0:97:4b:bf:71:b7:f9:74:2d:
d2:83:8d:05:c9:dd:1b:69:93:fc:25:11:36:d7:5c:bd:6d:99:
35:4e:94:72:e8:c2:4d:1a:b8:ce:6d:13:de:68:28:90:a4:fa:
33:d0:32:37:2c:a6:4d:6d:fd:5f:07:3f:dc:ff:df:5f:ee:a3:
e3:b9:f7:69:b4:fd:27:cd:1b:c6:8a:ff:19:2c:60:41:88:ae:
77:12:86:75:7f:97:71:ef:b4:fb:ae:ce:d1:43:af:fa:7d:69:
d4:c4:54:c3:85:a6:4b:0c:6f:b8:db:1c:a2:e3:21:3d:7b:94:
4d:10:9f:ae:b5:2d:3f:2e:c1:79:6b:bb:b6:7e:8a:8d:6a:4e:
4c:70:8e:58:9e:71:9e:fc:eb:b4:09:37:b4:06:c3:78:fd:c2:
38:52:45:11:a2:dd:e4:68:07:66:4c:45:d7:38:2c:8b:40:b7:
28:4b:fd:7f:24:fa:d7:03:a2:88:a5:b6:dd:91:33:9d:44:62:
b7:e8:01:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZC/2bWCbPkWGqfhCS7shT2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjQwNzE3MDg0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTZmODMwZWViYmViODRiZjczMjY1NjdjNzQ4NGM2ZTVhODk0NzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/5kWpf+E0yR16fDgWjL2EBAR/sK
xXY3Gd18G/f8xNEfpB8x1Qh/R4FBwbVvHHSZ6CvdEoLsraLDDo1baJDWRBpilALa
HW3+zIzD0AnDqrn2vQ/4vJpLHKkv5W/b3hl8mcfPX1QRGRcq+ZagUghaC64XXyYM
3hJEY6XysHa1oAUnMjwemUycGUdei8sbM8nWMSCqtHDX3uxfT+4LdjpxR3WDDxMp
23shLhdvsNOq5wg4uZCNvZm08X/Pdbofs1ozASaFrO2d1eK/quj8ggx/4IP/VsgW
kdmLCQbq6lUUXOaZEjyLNXUwa7Avdl2rYpKNQMqbE2TtPu0dU1VQL5SqLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEFvgw7rvrhL9zJlZ8dITG5aiUcEMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvUVctRER1dS11RXYzTW1WbngwaE1ibHFKUndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhRnwQAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCko37Tck7tuKZBkpX42RgeAqmOyap7yAIpV0Z0
2JsgUZzPJRgUF03Iife+icRDoBOs6XA/Tgnhr4y4YFY4R9vwl0u/cbf5dC3Sg40F
yd0baZP8JRE211y9bZk1TpRy6MJNGrjObRPeaCiQpPoz0DI3LKZNbf1fBz/c/99f
7qPjufdptP0nzRvGiv8ZLGBBiK53EoZ1f5dx77T7rs7RQ6/6fWnUxFTDhaZLDG+4
2xyi4yE9e5RNEJ+utS0/LsF5a7u2foqNak5McI5YnnGe/Ou0CTe0BsN4/cI4UkUR
ot3kaAdmTEXXOCyLQLcoS/1/JPrXA6KIpbbdkTOdRGK36AG/
-----END CERTIFICATE-----
Generated at Thu Jul 18 20:10:51 2024 by rpki-client on console-fra.rpki-client.org