Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/qbA9IRrIl0dw588E3MBQvXZ4rUk.roa
File: qbA9IRrIl0dw588E3MBQvXZ4rUk.roa (raw, json)
Hash identifier: UqfmKNPv83ahbTz6p11DsNQX+COZMUWeBj57fzHUvoM=
Subject key identifier: A9:B0:3D:21:1A:C8:97:47:70:E7:CF:04:DC:C0:50:BD:76:78:AD:49
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FFF4391C11F06403EC73D3DBCFF9D
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/qbA9IRrIl0dw588E3MBQvXZ4rUk.roa
Signing time: Mon 02 Jan 2023 17:38:14 +0000
ROA not before: Mon 02 Jan 2023 17:38:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205749
IP address blocks: 2a0f:8ac1:d452::/48 maxlen: 48
2a0f:8ac1:a0a::/48 maxlen: 48
2a0b:b86:fe00::/40 maxlen: 48
2a0f:8ac1:574b::/48 maxlen: 48
2a0f:8ac1:d9a3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:ff:43:91:c1:1f:06:40:3e:c7:3d:3d:bc:ff:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9b03d211ac8974770e7cf04dcc050bd7678ad49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cd:66:15:c4:19:15:25:83:c6:ed:5e:43:32:
6c:87:69:2a:df:74:cd:9f:bc:ee:5b:55:01:86:f0:
b7:82:57:65:f2:f1:e5:95:6f:3c:42:78:ad:d1:81:
b3:31:37:96:51:38:d2:1e:fe:61:e5:06:6c:21:a5:
45:d5:38:a4:7e:a5:a8:5c:08:eb:30:13:cb:3d:e8:
5f:12:84:de:fc:af:18:4d:09:12:fc:c7:e2:a4:c7:
dc:7d:13:44:b9:26:b8:10:8d:b7:4b:1c:8c:e6:df:
e7:e2:87:0e:eb:fc:0e:78:b2:fc:67:9c:7f:0b:70:
a0:fa:ec:46:8a:59:ae:63:c1:72:42:9f:0a:d1:86:
9e:51:db:34:77:89:62:3d:e1:cf:68:a0:9c:00:c6:
81:f1:ad:fa:58:a3:da:ea:de:1d:67:2e:65:9c:ba:
35:c5:aa:d0:18:f4:3f:72:7b:a4:75:cc:ca:3b:27:
42:20:63:62:62:3e:79:54:6b:2b:67:09:84:66:db:
65:d7:a3:76:51:e9:5f:88:79:c1:24:3f:5b:4c:29:
65:68:8e:64:5d:9b:63:f4:9b:3e:ba:d1:01:72:2c:
7e:ea:7f:09:13:84:7d:fb:52:aa:f9:99:98:b8:1b:
da:87:ec:ba:bd:bd:2b:a7:86:6b:6a:bb:55:5c:3d:
d3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B0:3D:21:1A:C8:97:47:70:E7:CF:04:DC:C0:50:BD:76:78:AD:49
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/qbA9IRrIl0dw588E3MBQvXZ4rUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b86:fe00::/40
2a0f:8ac1:a0a::/48
2a0f:8ac1:574b::/48
2a0f:8ac1:d452::/48
2a0f:8ac1:d9a3::/48
Signature Algorithm: sha256WithRSAEncryption
6c:8d:3a:fe:11:08:6f:f1:e2:57:32:85:39:5e:a6:02:86:0a:
23:ce:ce:0c:33:72:e7:56:05:7b:70:87:53:63:f4:54:b0:70:
40:36:eb:7a:1f:bf:a7:df:a7:1b:8c:a6:e1:31:88:9c:43:a2:
ff:ae:8a:77:ec:a0:bd:fb:db:6d:bd:32:09:45:ec:16:60:ea:
1a:53:83:a1:00:5b:64:5c:93:4e:2e:93:bb:de:e5:24:46:e1:
8a:88:83:26:27:8b:70:bb:1f:b8:ef:39:e5:ec:f5:52:23:90:
f2:78:60:f3:30:11:f5:be:8d:97:49:97:ea:30:f9:c3:d1:60:
b2:21:96:aa:27:b4:0e:ef:3e:39:20:98:87:32:22:77:43:65:
20:7a:5c:59:e8:aa:11:8e:99:ad:76:42:47:aa:b8:0c:b0:fc:
f2:b3:2f:ac:d9:85:8e:02:69:0c:6e:83:69:d5:f0:4f:88:b9:
e5:2d:21:ef:ff:16:ac:3c:d4:c8:ba:14:33:a7:58:5c:f5:09:
22:04:75:a7:4f:5a:d1:75:3b:4b:da:c6:80:f1:9d:82:8d:2d:
52:a7:e1:93:1a:43:89:f7:9c:13:44:b2:bb:e4:84:37:d2:43:
4d:bb:d4:0a:02:24:3a:aa:92:ff:50:ef:12:49:12:f8:a3:9f:
d6:2b:88:76
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVzj/9DkcEfBkA+xz09vP+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWIwM2QyMTFhYzg5NzQ3NzBlN2NmMDRkY2MwNTBiZDc2NzhhZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM1mFcQZFSWDxu1eQzJsh2kq33TN
n7zuW1UBhvC3gldl8vHllW88Qnit0YGzMTeWUTjSHv5h5QZsIaVF1TikfqWoXAjr
MBPLPehfEoTe/K8YTQkS/MfipMfcfRNEuSa4EI23SxyM5t/n4ocO6/wOeLL8Z5x/
C3Cg+uxGilmuY8FyQp8K0YaeUds0d4liPeHPaKCcAMaB8a36WKPa6t4dZy5lnLo1
xarQGPQ/cnukdczKOydCIGNiYj55VGsrZwmEZttl16N2UelfiHnBJD9bTCllaI5k
XZtj9Js+utEBcix+6n8JE4R9+1Kq+ZmYuBvah+y6vb0rp4ZrartVXD3TEQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKmwPSEayJdHcOfPBNzAUL12eK1JMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvcWJBOUlScklsMGR3NTg4RTNNQlF2WFo0clVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsAwYAKgsLhv4D
BwAqD4rBCgoDBwAqD4rBV0sDBwAqD4rB1FIDBwAqD4rB2aMwDQYJKoZIhvcNAQEL
BQADggEBAGyNOv4RCG/x4lcyhTlepgKGCiPOzgwzcudWBXtwh1Nj9FSwcEA263of
v6ffpxuMpuExiJxDov+uinfsoL372229MglF7BZg6hpTg6EAW2Rck04uk7ve5SRG
4YqIgyYni3C7H7jvOeXs9VIjkPJ4YPMwEfW+jZdJl+ow+cPRYLIhlqontA7vPjkg
mIcyIndDZSB6XFnoqhGOma12QkequAyw/PKzL6zZhY4CaQxug2nV8E+IueUtIe//
Fqw81Mi6FDOnWFz1CSIEdadPWtF1O0vaxoDxnYKNLVKn4ZMaQ4n3nBNEsrvkhDfS
Q0271AoCJDqqkv9Q7xJJEvijn9YriHY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org