Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/qjNW91SsNymPNvUgF9Kw8lAnz-w.roa
File: qjNW91SsNymPNvUgF9Kw8lAnz-w.roa (raw, json)
Hash identifier: 5tfPpmbaX9wzQiJLX1JsbtpWzREBrPc0U3GvTZMoFrI=
Subject key identifier: AA:33:56:F7:54:AC:37:29:8F:36:F5:20:17:D2:B0:F2:50:27:CF:EC
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CC86F41BA2A5D834D490E015CF320B158
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/qjNW91SsNymPNvUgF9Kw8lAnz-w.roa
Signing time: Tue 02 Jan 2024 04:29:43 +0000
ROA not before: Tue 02 Jan 2024 04:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56428
IP address blocks: 2a01:7120:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 Aug 2024 11:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:41:ba:2a:5d:83:4d:49:0e:01:5c:f3:20:b1:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa3356f754ac37298f36f52017d2b0f25027cfec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:47:7a:fd:78:ee:23:dc:03:18:f4:8b:e6:c1:
d3:32:7f:49:90:b8:4d:dc:dc:c4:52:6c:07:a7:bf:
1d:84:08:86:f3:68:48:ea:c0:3b:1a:f5:09:bd:ab:
ab:74:82:f2:66:81:bc:08:c8:46:79:9b:f9:6b:f9:
e0:2c:b1:2e:be:77:b0:8a:ef:d8:2b:e4:3c:a8:29:
0b:a6:a5:30:a2:2a:55:00:c8:63:9a:0d:89:71:2c:
f1:6f:16:3b:c3:2a:8b:4a:d6:c1:c1:ce:f5:46:31:
b4:58:97:f2:c0:88:54:ca:5d:d4:65:63:29:25:5b:
3f:a6:2a:30:b9:9a:dd:d8:35:52:f6:90:96:61:90:
c0:4c:7b:23:81:1b:f6:01:80:e5:ad:b0:e0:dd:77:
fc:98:13:8a:4d:cb:61:6c:d2:9b:e5:4d:00:f4:3d:
03:24:27:c6:b4:f6:b5:e3:8a:83:cd:ca:e9:48:e0:
9a:70:b3:00:84:21:45:b8:9b:c7:f6:95:9d:d6:68:
ff:41:b2:87:14:65:b0:e6:76:32:51:fe:2e:e5:2f:
e3:c5:18:f5:f8:78:f8:a6:6a:50:f2:b9:7e:4f:dd:
d8:53:9a:ca:42:75:1d:b7:70:de:62:d2:61:8d:5a:
a9:49:2f:01:b8:ab:47:02:40:71:b4:84:4c:c6:83:
f6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:33:56:F7:54:AC:37:29:8F:36:F5:20:17:D2:B0:F2:50:27:CF:EC
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/qjNW91SsNymPNvUgF9Kw8lAnz-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:7120:7::/48
Signature Algorithm: sha256WithRSAEncryption
06:8e:24:a3:b9:5c:61:aa:46:c5:7f:e7:ae:dd:7d:60:a6:ac:
88:a3:78:7b:23:42:75:4b:ce:ec:75:b6:28:04:3c:91:09:10:
3f:20:cc:98:59:7d:d6:be:c1:8e:a8:50:fd:78:46:7f:bd:ba:
1e:9c:49:2d:bc:8a:9d:01:5f:3a:bc:24:0c:e0:cb:b4:01:f4:
68:36:08:de:f4:fe:96:67:01:a9:ad:c5:d2:cc:f8:3d:97:02:
67:89:f8:99:0f:f6:fd:a4:9e:c2:18:ad:68:c9:1d:4c:00:bb:
dd:aa:3c:74:cf:89:89:69:0b:bd:2f:5a:9a:a3:12:1b:5e:29:
70:59:50:71:7f:92:25:50:7f:8a:b6:3c:d1:62:91:15:d0:f7:
ff:3e:f6:aa:06:f1:0b:c6:10:fe:79:96:99:41:15:b8:e1:c4:
ad:3f:20:17:99:56:d9:be:95:79:c7:b3:27:6b:97:34:23:2e:
73:03:6c:21:40:98:02:e7:fb:fc:d1:4d:7f:04:0b:71:5f:6e:
ad:4d:ca:71:d8:34:cd:6c:32:5c:76:c5:59:03:11:4b:fe:07:
48:72:7e:9f:ce:17:3d:4d:d1:1b:e8:93:1f:83:e4:6c:39:e2:
3e:ec:48:6b:2e:86:f8:71:69:29:3c:9f:56:df:1b:f6:16:01:
91:e1:7b:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIb0G6Kl2DTUkOAVzzILFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAyMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTMzNTZmNzU0YWMzNzI5OGYzNmY1MjAxN2QyYjBmMjUwMjdjZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEd6/XjuI9wDGPSL5sHTMn9JkLhN
3NzEUmwHp78dhAiG82hI6sA7GvUJvaurdILyZoG8CMhGeZv5a/ngLLEuvnewiu/Y
K+Q8qCkLpqUwoipVAMhjmg2JcSzxbxY7wyqLStbBwc71RjG0WJfywIhUyl3UZWMp
JVs/piowuZrd2DVS9pCWYZDATHsjgRv2AYDlrbDg3Xf8mBOKTcthbNKb5U0A9D0D
JCfGtPa144qDzcrpSOCacLMAhCFFuJvH9pWd1mj/QbKHFGWw5nYyUf4u5S/jxRj1
+Hj4pmpQ8rl+T93YU5rKQnUdt3DeYtJhjVqpSS8BuKtHAkBxtIRMxoP2PQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKozVvdUrDcpjzb1IBfSsPJQJ8/sMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvcWpOVzkxU3NOeW1QTnZVZ0Y5S3c4bEFuei13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgFxIAAH
MA0GCSqGSIb3DQEBCwUAA4IBAQAGjiSjuVxhqkbFf+eu3X1gpqyIo3h7I0J1S87s
dbYoBDyRCRA/IMyYWX3WvsGOqFD9eEZ/vboenEktvIqdAV86vCQM4Mu0AfRoNgje
9P6WZwGprcXSzPg9lwJnifiZD/b9pJ7CGK1oyR1MALvdqjx0z4mJaQu9L1qaoxIb
XilwWVBxf5IlUH+KtjzRYpEV0Pf/PvaqBvELxhD+eZaZQRW44cStPyAXmVbZvpV5
x7Mna5c0Iy5zA2whQJgC5/v80U1/BAtxX26tTcpx2DTNbDJcdsVZAxFL/gdIcn6f
zhc9TdEb6JMfg+RsOeI+7EhrLob4cWkpPJ9W3xv2FgGR4XtB
-----END CERTIFICATE-----
Generated at Tue Aug 20 17:10:12 2024 by rpki-client on console-ams.rpki-client.org