Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/qyHvZpuojH6XpEzgWnPYAPBtbvo.roa
File: qyHvZpuojH6XpEzgWnPYAPBtbvo.roa (raw, json)
Hash identifier: R28DQuC3aZGmNgIIdti13c6ikM1B+9n2Ad1byt1xJEE=
Subject key identifier: AB:21:EF:66:9B:A8:8C:7E:97:A4:4C:E0:5A:73:D8:00:F0:6D:6E:FA
Certificate issuer: /CN=34b0c5a403e2dad3c47b791fda2042cf715009cf
Certificate serial: 018CC86EF20AFFC81F0540931F87AC1F389F
Authority key identifier: 34:B0:C5:A4:03:E2:DA:D3:C4:7B:79:1F:DA:20:42:CF:71:50:09:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLDFpAPi2tPEe3kf2iBCz3FQCc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/qyHvZpuojH6XpEzgWnPYAPBtbvo.roa
Signing time: Tue 02 Jan 2024 04:29:23 +0000
ROA not before: Tue 02 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216188
IP address blocks: 2a13:fd40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 15 Feb 2024 13:43:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:f2:0a:ff:c8:1f:05:40:93:1f:87:ac:1f:38:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34b0c5a403e2dad3c47b791fda2042cf715009cf
Validity
Not Before: Jan 2 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab21ef669ba88c7e97a44ce05a73d800f06d6efa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c3:be:ad:ed:09:d1:06:a1:cb:f0:91:ee:18:
91:58:4f:cd:26:41:7d:21:20:ff:18:63:e1:c0:56:
b6:2e:5f:ae:40:c1:4d:5c:11:d8:4a:e7:dd:1c:fe:
44:1c:d8:3a:b4:8d:95:03:84:d6:2a:5f:4f:0e:0b:
8e:32:3c:57:10:9e:a7:35:b9:01:ec:27:5f:dd:d2:
54:22:d8:3a:db:75:14:26:31:4c:97:6f:0b:36:19:
b9:33:77:fa:96:be:d7:8e:a2:60:7a:93:08:e6:08:
e4:23:b9:20:28:52:23:5c:35:6d:71:d6:3a:17:90:
e7:64:2c:62:63:c2:42:ee:82:76:c3:86:14:67:e6:
b1:80:2c:db:d3:9c:e2:7d:4f:6a:e4:ec:c3:41:42:
5d:f1:6b:f0:b5:71:1b:19:73:b2:8b:09:21:24:35:
c2:dc:12:a7:2b:dd:1d:60:6e:1e:b2:84:12:d0:5f:
ea:ec:fc:00:a9:9a:48:be:38:77:fa:5a:e0:b2:ae:
e1:f6:59:cf:d6:33:60:eb:84:d9:80:79:d4:a9:da:
da:94:f1:44:9d:98:56:6c:80:9f:40:fd:3d:e5:54:
e5:40:f0:a7:6f:52:c9:2f:3d:aa:39:8f:1e:fb:d0:
87:0c:70:e1:a9:15:59:18:dd:07:e1:72:74:02:f3:
29:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:21:EF:66:9B:A8:8C:7E:97:A4:4C:E0:5A:73:D8:00:F0:6D:6E:FA
X509v3 Authority Key Identifier:
keyid:34:B0:C5:A4:03:E2:DA:D3:C4:7B:79:1F:DA:20:42:CF:71:50:09:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLDFpAPi2tPEe3kf2iBCz3FQCc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/qyHvZpuojH6XpEzgWnPYAPBtbvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/16d5ce-184a-4366-8d75-aaab25894d5e/1/NLDFpAPi2tPEe3kf2iBCz3FQCc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:fd40::/29
Signature Algorithm: sha256WithRSAEncryption
9f:fc:a5:7b:a4:83:fa:f1:52:7b:21:e3:3d:84:4b:be:06:f9:
73:e2:91:3c:14:ca:20:b9:0b:41:0b:88:b6:04:eb:ac:93:1b:
2e:59:65:c5:bc:e9:8c:59:d5:66:27:8b:ec:2a:7c:55:1d:23:
0e:14:88:86:28:e2:c2:fe:74:3e:49:e5:98:9b:b1:37:f1:44:
a7:1d:36:10:fe:fe:76:bf:47:49:ee:71:4c:54:c8:17:4b:b6:
be:d0:1a:78:2d:ed:34:c1:4b:bb:d9:6d:e5:fd:46:26:af:39:
d5:37:fd:52:8e:94:1e:0a:e1:1e:f5:76:0c:b0:4b:46:85:ad:
b6:ab:39:96:d3:ce:f4:be:95:ec:46:6d:0e:21:2d:3f:b8:7e:
bd:bd:86:72:dd:c8:ab:a3:3e:83:cb:45:56:64:76:4c:ef:d9:
bf:64:61:55:2c:4b:d8:00:7e:a3:56:80:f4:f3:af:72:60:40:
01:a1:93:cc:3f:9c:cc:8a:17:66:8b:c7:45:33:ce:65:52:42:
05:fc:e6:be:7f:62:9c:1e:c3:b7:b0:76:55:10:f8:6d:e4:ba:
08:9c:4b:2d:ef:c3:f9:f4:ae:9b:3a:b2:fa:ec:a8:b8:06:d9:
a0:e5:b6:4f:44:30:21:a7:08:d2:b2:45:c6:27:5b:86:f3:95:
7e:f3:56:41
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIbvIK/8gfBUCTH4esHzifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YjBjNWE0MDNlMmRhZDNjNDdiNzkxZmRhMjA0MmNmNzE1
MDA5Y2YwHhcNMjQwMTAyMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjIxZWY2NjliYTg4YzdlOTdhNDRjZTA1YTczZDgwMGYwNmQ2ZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8O+re0J0Qahy/CR7hiRWE/NJkF9
ISD/GGPhwFa2Ll+uQMFNXBHYSufdHP5EHNg6tI2VA4TWKl9PDguOMjxXEJ6nNbkB
7Cdf3dJUItg623UUJjFMl28LNhm5M3f6lr7XjqJgepMI5gjkI7kgKFIjXDVtcdY6
F5DnZCxiY8JC7oJ2w4YUZ+axgCzb05zifU9q5OzDQUJd8WvwtXEbGXOyiwkhJDXC
3BKnK90dYG4esoQS0F/q7PwAqZpIvjh3+lrgsq7h9lnP1jNg64TZgHnUqdralPFE
nZhWbICfQP095VTlQPCnb1LJLz2qOY8e+9CHDHDhqRVZGN0H4XJ0AvMp0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKsh72abqIx+l6RM4Fpz2ADwbW76MB8GA1UdIwQY
MBaAFDSwxaQD4trTxHt5H9ogQs9xUAnPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxERnBBUGkydFBFZTNrZjJpQkN6M0ZRQ2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xNmQ1Y2UtMTg0YS00MzY2LThkNzUt
YWFhYjI1ODk0ZDVlLzEvcXlIdlpwdW9qSDZYcEV6Z1duUFlBUEJ0YnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xNmQ1Y2UtMTg0YS00MzY2LThkNzUtYWFhYjI1ODk0ZDVl
LzEvTkxERnBBUGkydFBFZTNrZjJpQkN6M0ZRQ2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhP9QDAN
BgkqhkiG9w0BAQsFAAOCAQEAn/yle6SD+vFSeyHjPYRLvgb5c+KRPBTKILkLQQuI
tgTrrJMbLlllxbzpjFnVZieL7Cp8VR0jDhSIhijiwv50PknlmJuxN/FEpx02EP7+
dr9HSe5xTFTIF0u2vtAaeC3tNMFLu9lt5f1GJq851Tf9Uo6UHgrhHvV2DLBLRoWt
tqs5ltPO9L6V7EZtDiEtP7h+vb2Gct3Iq6M+g8tFVmR2TO/Zv2RhVSxL2AB+o1aA
9POvcmBAAaGTzD+czIoXZovHRTPOZVJCBfzmvn9inB7Dt7B2VRD4beS6CJxLLe/D
+fSumzqy+uyouAbZoOW2T0QwIacI0rJFxidbhvOVfvNWQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:22 2024 by rpki-client on console-fra.rpki-client.org