Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Zqhv1CBtdEGuEmzuCgFan4SaJcE.roa
File: Zqhv1CBtdEGuEmzuCgFan4SaJcE.roa (raw, json)
Hash identifier: buJfgMTJV2ZUQCfLH0gBCIGM6afn+TbgcosmtA8hfUQ=
Subject key identifier: 66:A8:6F:D4:20:6D:74:41:AE:12:6C:EE:0A:01:5A:9F:84:9A:25:C1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018DB1D4FEC1769D6AB181E55EFD7EA808D4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Zqhv1CBtdEGuEmzuCgFan4SaJcE.roa
Signing time: Fri 16 Feb 2024 12:12:21 +0000
ROA not before: Fri 16 Feb 2024 12:12:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a00:1c88::/29 maxlen: 29
2a01:57c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 20 Feb 2024 18:09:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:d4:fe:c1:76:9d:6a:b1:81:e5:5e:fd:7e:a8:08:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 16 12:12:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66a86fd4206d7441ae126cee0a015a9f849a25c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:76:2e:66:a7:98:5a:d7:6b:c1:53:8e:97:7c:
df:5d:a5:cc:00:76:e3:03:b5:c2:8a:86:03:56:73:
38:18:04:57:6e:29:17:16:8d:7c:35:0b:2d:1e:15:
a1:56:31:05:5f:1f:d8:3e:f9:74:97:29:33:8c:0b:
09:3c:ae:41:47:a7:d5:30:a5:a0:84:99:9c:5b:e5:
aa:c9:dd:0d:4c:cf:d3:8b:18:50:7f:4f:ec:18:42:
6f:57:59:e6:59:24:69:51:3e:70:fa:2a:3a:f4:2d:
6f:dd:9a:9c:ce:7e:59:7e:73:ac:98:d7:e4:3e:d4:
18:9d:33:2a:70:c5:1e:16:eb:2a:fc:99:ca:4b:f8:
f5:b9:c7:11:95:ee:a5:e2:84:1f:f4:aa:3c:a1:32:
cf:93:3b:75:b1:e4:1d:83:7a:1d:fa:21:03:47:69:
5a:2d:c0:b7:76:f4:2e:e5:09:5a:5a:0f:40:fb:00:
b4:d8:fa:50:6b:ab:36:53:c1:c4:1b:0d:13:e0:11:
53:1d:9a:a0:a0:33:03:bb:80:97:6e:35:d9:02:7d:
a7:6e:47:98:58:41:29:b5:14:ee:db:df:43:ef:9a:
ba:fb:f2:5e:f4:70:aa:43:53:53:4e:3a:af:5c:5e:
a7:6e:39:4c:70:49:81:c0:e0:c3:40:43:70:5d:42:
7d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A8:6F:D4:20:6D:74:41:AE:12:6C:EE:0A:01:5A:9F:84:9A:25:C1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Zqhv1CBtdEGuEmzuCgFan4SaJcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1c88::/29
2a01:57c0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:66:3a:18:bc:1f:87:74:f3:9a:62:f2:3c:3a:10:06:57:a6:
e0:42:50:13:e1:b6:d0:58:c8:b8:26:71:3c:c2:6d:0d:55:5f:
26:a3:2b:9f:c9:13:8f:2b:1e:2b:92:bd:dc:29:c4:47:25:cd:
1e:3c:3f:0b:91:3d:64:0a:fd:56:54:6e:b5:2d:1f:43:f2:01:
9e:83:ea:fa:51:a1:6b:11:1a:7f:a2:37:9f:ad:57:c3:aa:16:
ac:98:6c:83:9c:36:37:8b:fa:4e:57:c2:bf:1f:08:30:52:22:
6a:69:80:6c:a5:3c:e9:0f:d1:1f:57:e5:98:91:db:02:64:91:
c8:01:7f:5a:8c:81:a2:d9:ae:73:eb:55:3a:c9:aa:af:ce:76:
0b:7e:a1:8b:83:70:9c:51:6f:09:c4:e0:e9:ac:91:72:25:a6:
b7:c9:51:99:3d:1f:1e:05:fb:bc:25:2f:99:96:8d:f9:7b:be:
45:64:f8:f0:ef:aa:6d:b4:e6:b2:4c:ee:09:17:fe:3d:cd:14:
23:47:4b:e9:f0:4e:39:69:0d:41:6a:d5:aa:96:68:5f:53:58:
08:5f:2e:56:05:59:d4:ac:96:13:c1:35:a4:82:56:2f:b9:ed:
bc:55:62:ce:3e:d1:77:c9:a8:fc:c1:05:d6:32:ef:5a:3c:cf:
2f:94:d8:13
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY2x1P7Bdp1qsYHlXv1+qAjUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjE2MTIxMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmE4NmZkNDIwNmQ3NDQxYWUxMjZjZWUwYTAxNWE5Zjg0OWEyNWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3YuZqeYWtdrwVOOl3zfXaXMAHbj
A7XCioYDVnM4GARXbikXFo18NQstHhWhVjEFXx/YPvl0lykzjAsJPK5BR6fVMKWg
hJmcW+Wqyd0NTM/TixhQf0/sGEJvV1nmWSRpUT5w+io69C1v3Zqczn5ZfnOsmNfk
PtQYnTMqcMUeFusq/JnKS/j1uccRle6l4oQf9Ko8oTLPkzt1seQdg3od+iEDR2la
LcC3dvQu5QlaWg9A+wC02PpQa6s2U8HEGw0T4BFTHZqgoDMDu4CXbjXZAn2nbkeY
WEEptRTu299D75q6+/Je9HCqQ1NTTjqvXF6nbjlMcEmBwODDQENwXUJ96QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGaob9QgbXRBrhJs7goBWp+EmiXBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWnFodjFDQnRkRUd1RW16dUNnRmFuNFNhSmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgAciAMF
AyoBV8AwDQYJKoZIhvcNAQELBQADggEBAExmOhi8H4d085pi8jw6EAZXpuBCUBPh
ttBYyLgmcTzCbQ1VXyajK5/JE48rHiuSvdwpxEclzR48PwuRPWQK/VZUbrUtH0Py
AZ6D6vpRoWsRGn+iN5+tV8OqFqyYbIOcNjeL+k5Xwr8fCDBSImppgGylPOkP0R9X
5ZiR2wJkkcgBf1qMgaLZrnPrVTrJqq/Odgt+oYuDcJxRbwnE4OmskXIlprfJUZk9
Hx4F+7wlL5mWjfl7vkVk+PDvqm205rJM7gkX/j3NFCNHS+nwTjlpDUFq1aqWaF9T
WAhfLlYFWdSslhPBNaSCVi+57bxVYs4+0XfJqPzBBdYy71o8zy+U2BM=
-----END CERTIFICATE-----
Generated at Tue Feb 20 20:55:23 2024 by rpki-client on console-ams.rpki-client.org