Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/qlUFOmkOTeHJV3V3EpQ-ajKSVoU.roa
File: qlUFOmkOTeHJV3V3EpQ-ajKSVoU.roa (raw, json)
Hash identifier: RXEg/02kRc/PjuuBY6lvol2R9lD8lyUvq8JHKwpw3Z4=
Subject key identifier: AA:55:05:3A:69:0E:4D:E1:C9:57:75:77:12:94:3E:6A:32:92:56:85
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018C3ABA9291EF89086421C46748B9780B7C
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/qlUFOmkOTeHJV3V3EpQ-ajKSVoU.roa
Signing time: Tue 05 Dec 2023 16:05:54 +0000
ROA not before: Tue 05 Dec 2023 16:05:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56534
IP address blocks: 2a0e:dfc3::/32 maxlen: 32
2a11:5a45::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:ba:92:91:ef:89:08:64:21:c4:67:48:b9:78:0b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Dec 5 16:05:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa55053a690e4de1c957757712943e6a32925685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:66:9c:da:9a:6e:74:2c:46:e4:58:45:61:8b:
2e:49:2a:75:29:38:f3:54:69:53:c6:fb:42:75:5b:
d0:c9:7c:da:a5:25:5b:38:14:08:98:90:03:5d:47:
87:ee:61:f9:86:e5:a1:f9:9e:c8:2b:83:b4:97:75:
ad:07:40:8c:5d:51:20:b6:a9:d0:e4:20:25:ff:f7:
2c:f4:a0:e3:85:02:49:a0:c2:16:87:bb:4e:4a:59:
cc:e8:26:9e:e1:9e:18:22:a6:96:01:3a:1c:f7:41:
d8:9c:ad:6d:85:87:6c:90:be:08:2c:e7:8a:b5:fc:
e8:f8:5e:69:0a:ca:c5:c7:18:62:07:85:92:0a:1b:
cb:5f:86:52:b8:5c:cf:a9:e2:d6:aa:d7:76:e7:4e:
71:b4:e6:ac:cc:e4:0b:8f:08:1b:6a:5e:1f:fa:ef:
f1:e3:98:41:c2:fb:df:a9:f4:70:dd:1e:69:85:ee:
1c:1c:07:51:c9:bd:d9:0b:c3:3d:b7:3c:19:4f:86:
99:64:7e:ab:b4:aa:d8:4e:da:ca:ba:99:46:62:ff:
72:fe:98:96:01:c3:f7:6b:30:d8:53:84:21:dd:44:
76:3f:0d:24:04:b5:73:f2:59:16:bc:2b:2a:83:0a:
b6:48:d7:b6:8f:ef:66:b0:fe:5a:de:4a:ea:dc:6b:
83:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:55:05:3A:69:0E:4D:E1:C9:57:75:77:12:94:3E:6A:32:92:56:85
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/qlUFOmkOTeHJV3V3EpQ-ajKSVoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:dfc3::/32
2a11:5a45::/32
Signature Algorithm: sha256WithRSAEncryption
35:91:cc:f9:5a:37:fd:89:3c:da:d9:e0:5c:db:ff:d1:2d:28:
ea:d5:5b:6c:5e:09:2a:1a:af:85:7c:5b:88:88:fc:21:28:98:
a1:ae:55:4d:09:09:85:f3:42:da:91:03:9d:ab:dd:86:ac:83:
94:00:82:05:6b:ec:1a:c7:89:1c:4c:0c:3a:04:3a:86:ef:27:
2e:00:d8:a9:99:2c:3a:9d:c6:94:fa:78:8d:7b:15:35:38:6f:
db:c3:63:70:97:16:db:8f:95:42:61:9f:a0:a6:73:db:49:c8:
a2:a7:1a:15:9f:1b:3a:a2:84:cb:f7:f3:96:12:9b:16:6b:86:
2d:70:39:bb:48:17:44:8c:0a:81:00:66:92:c2:44:67:2d:f6:
4a:6d:43:fd:a7:2f:ef:89:53:f9:04:95:00:fa:bc:bc:69:a6:
5e:ce:f9:7b:5b:61:11:c6:01:82:3d:77:82:bc:81:2c:47:d5:
c8:5e:1e:1a:7d:d3:93:a8:a2:38:4d:09:5f:81:29:79:26:8a:
73:53:f4:4b:51:c1:9c:61:6c:d9:5c:94:04:d6:0f:c9:ad:68:
0b:40:2a:58:22:f2:42:19:28:17:43:ee:ae:d0:61:50:2d:8a:
0b:2c:b4:fc:b8:32:5f:c6:f5:ea:0d:4b:6a:41:9f:de:84:f8:
03:f9:c6:cf
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYw6upKR74kIZCHEZ0i5eAt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjMxMjA1MTYwNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTU1MDUzYTY5MGU0ZGUxYzk1Nzc1NzcxMjk0M2U2YTMyOTI1Njg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWac2ppudCxG5FhFYYsuSSp1KTjz
VGlTxvtCdVvQyXzapSVbOBQImJADXUeH7mH5huWh+Z7IK4O0l3WtB0CMXVEgtqnQ
5CAl//cs9KDjhQJJoMIWh7tOSlnM6Cae4Z4YIqaWAToc90HYnK1thYdskL4ILOeK
tfzo+F5pCsrFxxhiB4WSChvLX4ZSuFzPqeLWqtd2505xtOaszOQLjwgbal4f+u/x
45hBwvvfqfRw3R5phe4cHAdRyb3ZC8M9tzwZT4aZZH6rtKrYTtrKuplGYv9y/piW
AcP3azDYU4Qh3UR2Pw0kBLVz8lkWvCsqgwq2SNe2j+9msP5a3krq3GuDcwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKpVBTppDk3hyVd1dxKUPmoyklaFMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvcWxVRk9ta09UZUhKVjNWM0VwUS1haktTVm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg7fwwMF
ACoRWkUwDQYJKoZIhvcNAQELBQADggEBADWRzPlaN/2JPNrZ4Fzb/9EtKOrVW2xe
CSoar4V8W4iI/CEomKGuVU0JCYXzQtqRA52r3Yasg5QAggVr7BrHiRxMDDoEOobv
Jy4A2KmZLDqdxpT6eI17FTU4b9vDY3CXFtuPlUJhn6Cmc9tJyKKnGhWfGzqihMv3
85YSmxZrhi1wObtIF0SMCoEAZpLCRGct9kptQ/2nL++JU/kElQD6vLxppl7O+Xtb
YRHGAYI9d4K8gSxH1cheHhp905OoojhNCV+BKXkminNT9EtRwZxhbNlclATWD8mt
aAtAKlgi8kIZKBdD7q7QYVAtigsstPy4Ml/G9eoNS2pBn96E+AP5xs8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:59 2024 by rpki-client on console-fra.rpki-client.org