Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Q1MDGbScfh1MTsSA-Go5LqWPPf0.roa
File: Q1MDGbScfh1MTsSA-Go5LqWPPf0.roa (raw, json)
Hash identifier: 4RyahmrsrDXk2pD7qaPM5F+fIPCyN6LSkShGgnWkwg0=
Subject key identifier: 43:53:03:19:B4:9C:7E:1D:4C:4E:C4:80:F8:6A:39:2E:A5:8F:3D:FD
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0191C947F8F10B783FEB8F7D57A381A05C82
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Q1MDGbScfh1MTsSA-Go5LqWPPf0.roa
Signing time: Fri 06 Sep 2024 21:40:22 +0000
ROA not before: Fri 06 Sep 2024 21:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53667
IP address blocks: 2a06:cac0::/29 maxlen: 36
2a0f:e000::/29 maxlen: 29
2a12:6640::/29 maxlen: 36
2a12:6b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 18 Sep 2024 20:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c9:47:f8:f1:0b:78:3f:eb:8f:7d:57:a3:81:a0:5c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Sep 6 21:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43530319b49c7e1d4c4ec480f86a392ea58f3dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:15:e7:bb:e4:5d:b4:4c:be:88:5d:c7:0d:55:
41:b8:87:0c:97:6a:06:f2:f9:e0:f5:4f:6c:fc:3b:
e8:12:52:44:ff:bd:e9:c9:42:d5:49:f2:7e:f3:3f:
44:68:03:23:fd:7b:59:df:2a:b1:27:b0:80:26:b4:
fb:25:1a:6e:d8:1b:fb:3a:ab:85:31:22:4f:18:b9:
bf:a3:4f:0e:8b:47:d1:74:29:a5:80:82:1a:7a:bf:
de:95:2f:af:e0:65:0e:71:d1:93:5c:2d:a3:2a:f9:
8d:aa:aa:2c:5f:12:43:01:7c:5c:4e:cc:15:d5:3b:
7c:db:61:8f:05:eb:ea:02:9d:d4:3f:c4:2c:ff:bc:
f9:ba:33:d8:45:fb:e2:3d:02:2b:56:7d:94:2c:40:
70:3f:5a:c9:2f:06:2c:bb:b4:c3:cb:a8:41:9f:7a:
52:f0:05:98:5c:79:7e:bc:ea:09:cf:02:f2:8d:b5:
84:a2:81:c7:67:78:0c:07:d0:ea:2d:6c:79:8d:21:
39:f8:72:d0:ec:41:f6:7f:1a:77:db:48:3e:25:b3:
7f:ce:14:d6:4c:63:bd:c8:07:7f:fb:65:80:13:18:
ec:07:59:68:dd:62:6a:8f:2c:55:1f:1e:de:42:16:
63:dc:c1:88:a3:30:96:f1:6e:3e:53:c4:3d:24:c3:
5a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:53:03:19:B4:9C:7E:1D:4C:4E:C4:80:F8:6A:39:2E:A5:8F:3D:FD
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Q1MDGbScfh1MTsSA-Go5LqWPPf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:cac0::/29
2a0f:e000::/29
2a12:6640::/29
2a12:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
be:d1:2e:0d:4a:60:cb:e7:c9:ec:05:7c:ad:eb:72:56:48:bf:
02:2c:e1:19:75:45:4b:d3:9d:36:6a:79:ba:77:ec:8c:c4:ef:
b4:d4:bb:f3:31:ec:48:21:f4:c9:fb:d1:8b:61:9b:cd:ad:a8:
39:1e:fc:07:e6:01:75:86:9b:db:41:93:19:40:18:18:e4:b9:
b3:9f:bb:61:fd:03:7c:80:6b:a6:52:cb:97:75:12:5e:4e:f6:
08:0a:e2:76:57:15:0c:8d:50:99:49:4d:96:34:3f:7a:b9:7f:
9b:32:cc:31:af:45:90:c1:73:d8:c6:5f:78:fd:d5:bc:c0:e6:
6d:e5:a5:bd:a3:a7:85:ac:d8:88:55:b3:32:df:bd:fc:db:78:
84:74:93:fe:96:87:96:e6:01:55:be:4b:9e:79:f4:df:0a:65:
52:89:bc:5f:c5:12:d8:55:6d:b5:67:bb:70:d2:08:02:ed:6c:
a8:72:93:12:db:3b:5b:85:e7:da:85:30:de:14:43:22:98:a7:
c2:31:3d:52:e0:96:aa:66:ac:54:27:ac:f0:15:7f:02:4b:83:
27:4b:dc:11:b0:b9:4b:06:07:68:20:2f:50:d4:e2:42:94:a6:
a6:6c:bb:af:cf:b3:59:e3:4d:5e:5e:10:65:e2:6f:16:01:5f:
eb:64:b3:11
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZHJR/jxC3g/6499V6OBoFyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwOTA2MjE0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzUzMDMxOWI0OWM3ZTFkNGM0ZWM0ODBmODZhMzkyZWE1OGYzZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxXnu+RdtEy+iF3HDVVBuIcMl2oG
8vng9U9s/DvoElJE/73pyULVSfJ+8z9EaAMj/XtZ3yqxJ7CAJrT7JRpu2Bv7OquF
MSJPGLm/o08Oi0fRdCmlgIIaer/elS+v4GUOcdGTXC2jKvmNqqosXxJDAXxcTswV
1Tt822GPBevqAp3UP8Qs/7z5ujPYRfviPQIrVn2ULEBwP1rJLwYsu7TDy6hBn3pS
8AWYXHl+vOoJzwLyjbWEooHHZ3gMB9DqLWx5jSE5+HLQ7EH2fxp320g+JbN/zhTW
TGO9yAd/+2WAExjsB1lo3WJqjyxVHx7eQhZj3MGIozCW8W4+U8Q9JMNa9wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFENTAxm0nH4dTE7EgPhqOS6ljz39MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvUTFNREdiU2NmaDFNVHNTQS1HbzVMcVdQUGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgbKwAMF
AyoP4AADBQMqEmZAAwUDKhJrgDANBgkqhkiG9w0BAQsFAAOCAQEAvtEuDUpgy+fJ
7AV8retyVki/AizhGXVFS9OdNmp5unfsjMTvtNS78zHsSCH0yfvRi2Gbza2oOR78
B+YBdYab20GTGUAYGOS5s5+7Yf0DfIBrplLLl3USXk72CAridlcVDI1QmUlNljQ/
erl/mzLMMa9FkMFz2MZfeP3VvMDmbeWlvaOnhazYiFWzMt+9/Nt4hHST/paHluYB
Vb5Lnnn03wplUom8X8US2FVttWe7cNIIAu1sqHKTEts7W4Xn2oUw3hRDIpinwjE9
UuCWqmasVCes8BV/AkuDJ0vcEbC5SwYHaCAvUNTiQpSmpmy7r8+zWeNNXl4QZeJv
FgFf62SzEQ==
-----END CERTIFICATE-----
Generated at Wed Sep 18 22:27:24 2024 by rpki-client on console-fra.rpki-client.org