Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/qdpAbC8EAEmR_Z0XuUIcv9dF8qs.roa
File: qdpAbC8EAEmR_Z0XuUIcv9dF8qs.roa (raw, json)
Hash identifier: gep2nLC7WhMrofgJljk02RpNgrEAKUtZJe7IbxhfWv4=
Subject key identifier: A9:DA:40:6C:2F:04:00:49:91:FD:9D:17:B9:42:1C:BF:D7:45:F2:AB
Certificate issuer: /CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Certificate serial: 0194944BD9F6AF745DBA3F413F360B8C4CE2
Authority key identifier: EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/qdpAbC8EAEmR_Z0XuUIcv9dF8qs.roa
Signing time: Thu 23 Jan 2025 17:53:06 +0000
ROA not before: Thu 23 Jan 2025 17:53:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213579
IP address blocks: 2a14:47c0:e000::/40 maxlen: 40
Validation: Failed, certificate revoked on Sat 25 Jan 2025 14:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:94:4b:d9:f6:af:74:5d:ba:3f:41:3f:36:0b:8c:4c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Validity
Not Before: Jan 23 17:53:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9da406c2f04004991fd9d17b9421cbfd745f2ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:35:0e:0c:fa:9b:23:cb:e4:6c:1f:8c:c2:00:
25:a8:25:2a:86:58:6d:ab:ca:05:bf:3b:5b:7d:2d:
37:3f:b0:f5:3d:4c:a1:f0:b9:38:5d:6f:1e:e5:00:
53:87:ac:c6:c6:92:1e:1e:21:07:5a:0c:e2:f8:bd:
71:d4:c3:a6:5d:20:ec:7b:e2:0f:ac:ee:7a:9f:e1:
22:3a:e5:ee:d4:df:31:55:78:5c:9f:fa:df:f4:8f:
2e:3b:50:cb:89:a3:33:70:33:78:bf:52:aa:7d:ad:
71:13:3a:11:eb:cd:07:23:89:e3:e2:bf:65:27:71:
48:0c:51:a8:37:1c:8f:a8:94:81:9a:a9:01:4e:6d:
b6:bc:e0:48:19:c5:f2:27:63:38:c5:08:36:0d:d8:
f0:4f:42:7c:64:6c:8b:8b:e6:d0:e8:3a:aa:cb:8b:
66:28:87:6e:29:93:53:9d:51:b7:2b:c5:02:6d:ac:
67:6e:95:20:c9:7b:4e:c3:ca:3a:57:4e:e0:70:f8:
5d:17:7f:59:14:1d:96:f2:33:fc:04:e8:51:95:f0:
1d:8d:d2:bb:7a:1e:ef:44:9d:dc:60:bb:16:63:e5:
4b:22:1e:40:e2:95:e7:01:d4:a4:c6:51:c4:43:75:
ed:dc:f5:3a:41:16:43:36:da:d2:98:95:66:67:47:
34:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DA:40:6C:2F:04:00:49:91:FD:9D:17:B9:42:1C:BF:D7:45:F2:AB
X509v3 Authority Key Identifier:
keyid:EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/qdpAbC8EAEmR_Z0XuUIcv9dF8qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:47c0:e000::/40
Signature Algorithm: sha256WithRSAEncryption
4e:49:46:83:73:52:db:67:6c:19:64:95:14:a3:ac:0d:28:8a:
dd:02:27:cc:44:ae:2a:3d:49:66:2e:91:11:52:10:a5:d6:d6:
ee:ff:7b:eb:6c:4b:49:44:1a:4e:e2:45:a5:60:cd:18:2c:78:
4e:a3:35:fb:47:18:5b:11:fc:fb:cd:a5:23:26:96:ab:54:d7:
a6:22:2d:f3:58:61:71:90:66:0e:e0:89:f2:b5:3c:28:20:fd:
f0:51:41:38:e6:d8:22:da:ba:f7:0a:e2:6f:9e:a6:bf:76:79:
f0:c3:77:cc:94:40:d2:44:50:db:39:2b:08:d5:2d:30:c8:cf:
1c:3d:16:da:11:10:20:a3:e0:89:4e:4c:ea:8e:c7:d7:72:28:
6d:f9:be:18:7c:4f:2a:e1:f9:93:17:c0:f1:dd:fa:f9:93:fd:
2f:94:f4:eb:b8:cb:b7:4c:f5:a9:64:b7:a3:6a:49:aa:f8:06:
67:05:21:40:62:09:1e:49:6f:11:eb:1a:c3:40:a9:3f:80:ec:
b1:8e:9d:aa:89:c5:71:f3:5e:90:06:0e:6b:d2:36:b6:92:ba:
96:13:d8:55:2b:b8:52:f2:e5:d8:fa:04:27:cb:ce:00:7b:eb:
58:e0:aa:04:68:1c:09:46:6b:8a:11:d2:03:ff:88:cd:d5:b2:
af:73:43:f5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZSUS9n2r3Rduj9BPzYLjEziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTU0NTk2NDU5NzljNDEzZDBiYzZmNzQ1NGYwZDM2ZTQw
ZTk5ZjkwHhcNMjUwMTIzMTc1MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWRhNDA2YzJmMDQwMDQ5OTFmZDlkMTdiOTQyMWNiZmQ3NDVmMmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DUODPqbI8vkbB+MwgAlqCUqhlht
q8oFvztbfS03P7D1PUyh8Lk4XW8e5QBTh6zGxpIeHiEHWgzi+L1x1MOmXSDse+IP
rO56n+EiOuXu1N8xVXhcn/rf9I8uO1DLiaMzcDN4v1Kqfa1xEzoR680HI4nj4r9l
J3FIDFGoNxyPqJSBmqkBTm22vOBIGcXyJ2M4xQg2DdjwT0J8ZGyLi+bQ6Dqqy4tm
KIduKZNTnVG3K8UCbaxnbpUgyXtOw8o6V07gcPhdF39ZFB2W8jP8BOhRlfAdjdK7
eh7vRJ3cYLsWY+VLIh5A4pXnAdSkxlHEQ3Xt3PU6QRZDNtrSmJVmZ0c0ywIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKnaQGwvBABJkf2dF7lCHL/XRfKrMB8GA1UdIwQY
MBaAFO9VRZZFl5xBPQvG90VPDTbkDpn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQt
ODI1MzFlOWM3ODA0LzEvcWRwQWJDOEVBRW1SX1owWHVVSWN2OWRGOHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQtODI1MzFlOWM3ODA0
LzEvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhRHwOAw
DQYJKoZIhvcNAQELBQADggEBAE5JRoNzUttnbBlklRSjrA0oit0CJ8xErio9SWYu
kRFSEKXW1u7/e+tsS0lEGk7iRaVgzRgseE6jNftHGFsR/PvNpSMmlqtU16YiLfNY
YXGQZg7gifK1PCgg/fBRQTjm2CLauvcK4m+epr92efDDd8yUQNJEUNs5KwjVLTDI
zxw9FtoRECCj4IlOTOqOx9dyKG35vhh8Tyrh+ZMXwPHd+vmT/S+U9Ou4y7dM9alk
t6NqSar4BmcFIUBiCR5JbxHrGsNAqT+A7LGOnaqJxXHzXpAGDmvSNraSupYT2FUr
uFLy5dj6BCfLzgB761jgqgRoHAlGa4oR0gP/iM3Vsq9zQ/U=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:32 2025 by rpki-client