Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/rqa7yfYMnntC5rSXfd9aPt0goUw.roa
File: rqa7yfYMnntC5rSXfd9aPt0goUw.roa (raw, json)
Hash identifier: O+q5Ie3aO6wyImU3Q1EsO52EaaybDcUuLej5EERmWC4=
Subject key identifier: AE:A6:BB:C9:F6:0C:9E:7B:42:E6:B4:97:7D:DF:5A:3E:DD:20:A1:4C
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAF0130DFC149E8EFFCB984FE5EB97E
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/rqa7yfYMnntC5rSXfd9aPt0goUw.roa
Signing time: Sun 01 Jan 2023 09:34:46 +0000
ROA not before: Sun 01 Jan 2023 09:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56630
IP address blocks: 2a03:f80:70::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Aug 2023 01:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:01:30:df:c1:49:e8:ef:fc:b9:84:fe:5e:b9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aea6bbc9f60c9e7b42e6b4977ddf5a3edd20a14c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b7:32:95:07:20:18:c0:a5:c2:7c:4b:8c:0b:
cc:52:f4:4e:49:de:ef:39:5a:06:bc:23:79:69:ce:
7c:b5:67:3d:51:ea:49:de:a5:74:86:59:5c:c8:a5:
a9:b9:b2:17:36:0e:0f:80:2c:70:de:d9:69:e3:73:
14:6a:ed:34:ca:4a:54:39:e7:3e:73:4f:d0:f1:56:
d2:55:5d:f2:16:2c:88:77:30:00:0f:25:95:4d:64:
50:14:58:9c:6f:5d:7c:b9:34:0d:1b:7e:0b:a1:df:
8f:85:6c:24:2c:99:95:05:18:1b:cf:15:e2:f2:9e:
45:1f:5c:eb:c6:67:78:fe:4b:94:87:d3:ff:e4:c5:
2d:b4:45:32:b1:de:fd:fd:09:b1:06:7c:81:bc:be:
d5:e5:ce:c8:60:7e:9f:b8:eb:0e:34:b5:d9:40:85:
e1:03:b9:4d:8f:8d:ac:be:dd:c9:39:77:d9:da:e5:
90:2a:59:5a:ff:fb:0e:17:80:d9:2a:15:40:5f:e2:
23:c3:7a:0d:f3:57:00:7c:9a:33:b0:38:8f:0a:43:
4b:82:d1:6f:70:28:04:1c:3b:00:51:aa:82:3c:5d:
03:a9:7b:2b:25:36:19:28:68:72:ef:63:60:2f:cb:
95:3d:60:43:84:a0:8d:4c:b9:f3:40:b1:48:5f:27:
80:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A6:BB:C9:F6:0C:9E:7B:42:E6:B4:97:7D:DF:5A:3E:DD:20:A1:4C
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/rqa7yfYMnntC5rSXfd9aPt0goUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f80:7::/48
2a03:f80:70::/48
2a03:f80:359::/48
2a03:f80:370::/47
2a03:f80:3991::/48
Signature Algorithm: sha256WithRSAEncryption
8a:96:b3:85:bb:fe:b1:80:12:b6:49:f4:22:4a:95:f0:aa:83:
24:ca:99:3c:ae:d8:ad:a5:5c:49:14:c5:48:f1:dd:bf:00:1c:
de:12:5e:c7:24:c3:25:47:e6:3e:7d:6c:59:37:33:8c:b1:11:
5f:93:f4:b4:17:30:b4:93:48:0c:b8:72:21:88:ed:c7:fa:88:
be:ad:96:3e:0f:8b:f1:8c:d0:d4:3d:f7:b7:bb:ee:54:66:8b:
80:0e:22:2a:af:31:02:f4:af:c1:43:9b:27:10:37:85:f7:70:
ed:49:ce:18:ca:80:a0:22:41:cd:c5:71:e1:64:8d:59:3c:76:
28:f1:37:dc:58:61:4a:41:62:d9:b8:c1:32:55:27:79:a1:49:
73:ff:38:c7:9f:d0:d2:36:b4:78:65:25:82:97:96:c9:60:0e:
f5:10:01:a4:fd:fa:fa:2c:75:eb:5a:46:8f:7a:12:c0:f7:2f:
52:86:f2:80:e4:22:e4:9c:a2:d2:ff:b7:c1:3b:14:f8:63:d5:
f1:20:de:a1:95:a6:7a:ac:b1:b0:f6:c7:ec:b3:cf:dd:d9:43:
eb:c5:0f:02:5c:a5:b9:fc:c2:73:32:bc:a0:ab:cb:cf:bb:ae:
00:39:9c:1f:e0:23:b6:e6:90:d6:74:48:8e:a8:17:3d:ac:3a:
27:86:dd:1b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVsrwEw38FJ6O/8uYT+Xrl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWE2YmJjOWY2MGM5ZTdiNDJlNmI0OTc3ZGRmNWEzZWRkMjBhMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrcylQcgGMClwnxLjAvMUvROSd7v
OVoGvCN5ac58tWc9UepJ3qV0hllcyKWpubIXNg4PgCxw3tlp43MUau00ykpUOec+
c0/Q8VbSVV3yFiyIdzAADyWVTWRQFFicb118uTQNG34Lod+PhWwkLJmVBRgbzxXi
8p5FH1zrxmd4/kuUh9P/5MUttEUysd79/QmxBnyBvL7V5c7IYH6fuOsONLXZQIXh
A7lNj42svt3JOXfZ2uWQKlla//sOF4DZKhVAX+Ijw3oN81cAfJozsDiPCkNLgtFv
cCgEHDsAUaqCPF0DqXsrJTYZKGhy72NgL8uVPWBDhKCNTLnzQLFIXyeAjwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFK6mu8n2DJ57Qua0l33fWj7dIKFMMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvcnFhN3lmWU1ubnRDNXJTWGZkOWFQdDBnb1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKgMPgAAH
AwcAKgMPgABwAwcAKgMPgANZAwcBKgMPgANwAwcAKgMPgDmRMA0GCSqGSIb3DQEB
CwUAA4IBAQCKlrOFu/6xgBK2SfQiSpXwqoMkypk8rtitpVxJFMVI8d2/ABzeEl7H
JMMlR+Y+fWxZNzOMsRFfk/S0FzC0k0gMuHIhiO3H+oi+rZY+D4vxjNDUPfe3u+5U
ZouADiIqrzEC9K/BQ5snEDeF93DtSc4YyoCgIkHNxXHhZI1ZPHYo8TfcWGFKQWLZ
uMEyVSd5oUlz/zjHn9DSNrR4ZSWCl5bJYA71EAGk/fr6LHXrWkaPehLA9y9ShvKA
5CLknKLS/7fBOxT4Y9XxIN6hlaZ6rLGw9sfss8/d2UPrxQ8CXKW5/MJzMrygq8vP
u64AOZwf4CO25pDWdEiOqBc9rDonht0b
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:51 2024 by rpki-client on console-ams.rpki-client.org