Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/MQ-RnXQ56o-ub_gsjq6zmGTKco0.roa
File: MQ-RnXQ56o-ub_gsjq6zmGTKco0.roa (raw, json)
Hash identifier: ab0QditjAYUzXEHyIwyQ08R6pzG6eHvpFIbC3gJteJE=
Subject key identifier: 31:0F:91:9D:74:39:EA:8F:AE:6F:F8:2C:8E:AE:B3:98:64:CA:72:8D
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8E52C821B1FE334FAECDBC41AD42D
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/MQ-RnXQ56o-ub_gsjq6zmGTKco0.roa
Signing time: Mon 01 Jan 2024 20:30:55 +0000
ROA not before: Mon 01 Jan 2024 20:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202827
IP address blocks: 2a0c:9a40:9200::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jan 2024 20:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:e5:2c:82:1b:1f:e3:34:fa:ec:db:c4:1a:d4:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=310f919d7439ea8fae6ff82c8eaeb39864ca728d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b9:b1:fb:18:fd:25:10:65:ac:5e:c8:c2:28:
2b:16:04:ba:0a:bc:95:b6:40:f2:63:40:97:3b:4f:
e5:27:b4:83:36:65:b9:37:eb:59:ec:80:a3:5a:d9:
75:3f:cb:17:6b:12:fc:1e:f6:58:45:0d:b1:e6:ff:
5d:7d:81:40:11:bb:6e:16:0c:20:41:4b:f6:b9:b3:
48:10:4c:58:ec:f7:8b:f5:d7:c7:e2:3b:1d:4a:0a:
5f:02:fa:56:bd:e6:79:fd:b5:71:b3:e5:02:6e:24:
5b:91:bd:ca:72:5b:e6:27:88:27:82:0f:f0:52:31:
9c:c1:35:1b:ec:6a:00:01:9e:49:2a:ba:02:62:8e:
ce:76:12:b8:5c:87:c9:bf:2b:d7:b2:92:e8:cc:84:
37:bd:60:ea:d0:70:b6:b4:b3:bc:76:dd:e1:35:fd:
2c:2b:82:87:46:7f:bc:bc:b8:7f:2d:9b:a0:97:9b:
d5:4e:9f:08:0e:ee:56:e1:de:77:17:97:4f:c7:7a:
c1:ec:48:fb:e5:79:5e:67:3e:d0:5e:f0:f1:00:77:
21:92:c0:b7:dc:2e:50:12:2a:a3:1b:11:92:39:45:
65:b6:c2:bc:31:6d:37:4d:56:60:13:5f:5f:c6:7b:
03:a0:c0:a0:07:32:d5:43:fb:36:65:f2:61:b9:80:
75:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:0F:91:9D:74:39:EA:8F:AE:6F:F8:2C:8E:AE:B3:98:64:CA:72:8D
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/MQ-RnXQ56o-ub_gsjq6zmGTKco0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9200::/40
Signature Algorithm: sha256WithRSAEncryption
03:f0:dc:14:cc:76:54:8a:37:d1:00:06:a6:ef:3e:1c:cd:68:
56:a6:6a:96:4d:4c:93:e4:d9:59:75:f6:d7:0a:87:23:bc:fa:
87:a7:80:c5:e2:d5:98:a5:02:ed:eb:1e:b0:f6:19:af:ea:33:
6b:a7:53:b4:de:c3:a5:e5:e8:44:a1:67:14:34:90:27:97:e2:
71:80:1d:fe:d4:df:9d:5e:d1:1d:94:b5:ad:10:ce:88:be:fa:
a8:c7:ba:a3:b9:3e:0e:34:31:66:2a:ac:25:b1:5e:2e:7c:8c:
c9:9e:a0:7f:9e:f6:38:f9:3e:00:4c:26:d1:db:77:40:a4:6e:
62:68:3e:f5:3a:da:08:e1:ad:1a:76:52:1d:13:13:cd:23:d3:
c6:a9:4b:ff:c0:e2:4d:7e:5f:37:2e:d7:4a:74:1f:40:1b:f1:
92:74:3a:4f:17:38:9c:03:f5:d6:43:9a:5f:01:df:80:51:90:
e0:eb:b7:17:90:d1:9c:9a:fd:c8:6f:1f:d9:fa:b0:91:0c:ee:
4a:86:ff:53:f9:29:16:5e:9e:74:aa:ff:83:a7:e8:b1:85:cc:
a0:09:e2:5f:86:69:92:79:ec:3d:dd:ea:5f:1b:76:45:d5:6e:
1e:ab:7a:af:9d:da:5d:5f:a9:76:f0:c2:f3:fb:fd:79:7b:36:
06:2a:31:a3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzGuOUsghsf4zT67NvEGtQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTBmOTE5ZDc0MzllYThmYWU2ZmY4MmM4ZWFlYjM5ODY0Y2E3MjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrmx+xj9JRBlrF7IwigrFgS6CryV
tkDyY0CXO0/lJ7SDNmW5N+tZ7ICjWtl1P8sXaxL8HvZYRQ2x5v9dfYFAEbtuFgwg
QUv2ubNIEExY7PeL9dfH4jsdSgpfAvpWveZ5/bVxs+UCbiRbkb3KclvmJ4gngg/w
UjGcwTUb7GoAAZ5JKroCYo7OdhK4XIfJvyvXspLozIQ3vWDq0HC2tLO8dt3hNf0s
K4KHRn+8vLh/LZugl5vVTp8IDu5W4d53F5dPx3rB7Ej75XleZz7QXvDxAHchksC3
3C5QEiqjGxGSOUVltsK8MW03TVZgE19fxnsDoMCgBzLVQ/s2ZfJhuYB1bQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDEPkZ10OeqPrm/4LI6us5hkynKNMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvTVEtUm5YUTU2by11Yl9nc2pxNnptR1RLY28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQJIw
DQYJKoZIhvcNAQELBQADggEBAAPw3BTMdlSKN9EABqbvPhzNaFamapZNTJPk2Vl1
9tcKhyO8+oengMXi1ZilAu3rHrD2Ga/qM2unU7Tew6Xl6EShZxQ0kCeX4nGAHf7U
351e0R2Uta0Qzoi++qjHuqO5Pg40MWYqrCWxXi58jMmeoH+e9jj5PgBMJtHbd0Ck
bmJoPvU62gjhrRp2Uh0TE80j08apS//A4k1+Xzcu10p0H0Ab8ZJ0Ok8XOJwD9dZD
ml8B34BRkODrtxeQ0Zya/chvH9n6sJEM7kqG/1P5KRZennSq/4On6LGFzKAJ4l+G
aZJ57D3d6l8bdkXVbh6req+d2l1fqXbwwvP7/Xl7NgYqMaM=
-----END CERTIFICATE-----
Generated at Wed Jan 17 00:12:12 2024 by rpki-client on console-ams.rpki-client.org