Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/QMQXgPw_rQRa-4CHAT8BEdbA6rY.roa
File: QMQXgPw_rQRa-4CHAT8BEdbA6rY.roa (raw, json)
Hash identifier: jvQ7J0SSLhy4kH0X7BC6WFpqGK9UYYjzNv0CSGhBGes=
Subject key identifier: 40:C4:17:80:FC:3F:AD:04:5A:FB:80:87:01:3F:01:11:D6:C0:EA:B6
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01906F87A3DBEEE145D35825CFD8EF7D2996
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/QMQXgPw_rQRa-4CHAT8BEdbA6rY.roa
Signing time: Mon 01 Jul 2024 18:21:18 +0000
ROA not before: Mon 01 Jul 2024 18:21:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215427
IP address blocks: 2a13:c340::/29 maxlen: 29
2a14:41c0::/29 maxlen: 29
2a14:42c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 22 Jul 2024 19:04:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6f:87:a3:db:ee:e1:45:d3:58:25:cf:d8:ef:7d:29:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jul 1 18:21:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40c41780fc3fad045afb8087013f0111d6c0eab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:32:14:48:c7:6f:29:cd:75:23:9c:ae:9a:53:
bd:bb:bc:0c:e4:be:9d:58:c3:25:82:96:37:b1:84:
c8:3a:12:3e:86:68:cb:f6:01:7b:f3:3d:64:0c:b1:
54:39:eb:49:d9:33:78:01:96:15:3f:ee:53:2f:b8:
aa:a3:78:d1:c0:4a:95:98:cd:2f:af:85:1e:6e:87:
99:26:65:97:cd:89:f2:e6:2e:ae:9e:f0:7c:68:3b:
66:7b:3a:30:0c:fa:12:d7:c0:83:8b:e4:95:ed:d8:
29:4c:37:20:2e:74:08:06:5b:96:7c:cd:22:80:ba:
07:12:ae:ae:a1:1a:30:71:b2:36:fd:35:45:6b:7a:
b3:d7:0c:78:ca:c0:c4:77:0a:d5:a9:bc:f8:a4:88:
59:f2:13:38:26:08:bc:c6:bd:38:57:73:24:aa:f7:
df:8c:8e:6d:cf:db:47:86:99:1c:04:47:a6:e4:00:
63:11:3a:ee:ed:96:90:29:96:5a:63:19:99:28:01:
e8:73:fb:de:47:af:c0:a2:55:44:06:63:b8:2f:b6:
0a:8c:df:85:d4:7d:57:c1:27:51:a8:96:12:55:69:
8a:dc:bd:b6:71:2a:3a:47:d1:b9:b0:59:7d:56:28:
46:95:db:3d:e1:36:5b:c6:6d:da:88:99:3c:7b:3d:
f6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C4:17:80:FC:3F:AD:04:5A:FB:80:87:01:3F:01:11:D6:C0:EA:B6
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/QMQXgPw_rQRa-4CHAT8BEdbA6rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c340::/29
2a14:41c0::/29
2a14:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
d7:45:17:99:af:02:b8:4a:d6:50:77:48:87:3c:de:71:87:22:
2d:24:20:f1:82:b7:c8:56:6f:f0:69:fb:a3:fb:fb:ae:8a:14:
e0:fa:25:5f:5e:49:f6:0a:aa:f7:61:8d:42:d0:50:22:82:4c:
62:4d:f0:5f:ba:88:c3:58:82:d4:e4:8f:4c:ba:fc:4a:c2:f8:
64:f3:8c:df:05:59:aa:07:ce:5b:51:4a:d1:1c:0d:a0:e8:8b:
59:92:8f:de:06:e6:3f:b0:b7:a8:86:66:3b:ee:91:10:ac:b0:
4d:a3:ae:72:73:d6:36:b6:0f:3a:3a:f4:77:3a:90:81:12:9b:
ea:8d:fa:30:8e:9a:7b:44:74:99:88:dc:81:ad:f2:43:e7:89:
d6:f8:d6:01:7d:7e:03:80:a2:e8:51:6e:4a:84:ad:35:61:8f:
61:62:be:8e:ab:3d:11:14:82:0e:4d:b5:34:78:c1:a3:12:60:
59:87:c9:e3:67:4b:95:1e:ab:aa:a9:e5:83:fe:7b:61:ec:0a:
10:67:92:f8:0a:db:86:1e:69:28:21:aa:7f:32:a3:7d:0b:36:
95:82:76:d9:64:80:e5:cf:d6:03:93:b5:c6:44:9a:24:f7:80:
c8:ee:0c:05:03:d1:56:1e:89:8e:87:18:25:b5:16:41:d3:84:
5b:c2:97:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZBvh6Pb7uFF01glz9jvfSmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNzAxMTgyMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGM0MTc4MGZjM2ZhZDA0NWFmYjgwODcwMTNmMDExMWQ2YzBlYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjIUSMdvKc11I5yumlO9u7wM5L6d
WMMlgpY3sYTIOhI+hmjL9gF78z1kDLFUOetJ2TN4AZYVP+5TL7iqo3jRwEqVmM0v
r4UeboeZJmWXzYny5i6unvB8aDtmezowDPoS18CDi+SV7dgpTDcgLnQIBluWfM0i
gLoHEq6uoRowcbI2/TVFa3qz1wx4ysDEdwrVqbz4pIhZ8hM4Jgi8xr04V3Mkqvff
jI5tz9tHhpkcBEem5ABjETru7ZaQKZZaYxmZKAHoc/veR6/AolVEBmO4L7YKjN+F
1H1XwSdRqJYSVWmK3L22cSo6R9G5sFl9VihGlds94TZbxm3aiJk8ez323wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEDEF4D8P60EWvuAhwE/ARHWwOq2MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvUU1RWGdQd19yUVJhLTRDSEFUOEJFZGJBNnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhPDQAMF
AyoUQcADBQMqFELAMA0GCSqGSIb3DQEBCwUAA4IBAQDXRReZrwK4StZQd0iHPN5x
hyItJCDxgrfIVm/wafuj+/uuihTg+iVfXkn2Cqr3YY1C0FAigkxiTfBfuojDWILU
5I9MuvxKwvhk84zfBVmqB85bUUrRHA2g6ItZko/eBuY/sLeohmY77pEQrLBNo65y
c9Y2tg86OvR3OpCBEpvqjfowjpp7RHSZiNyBrfJD54nW+NYBfX4DgKLoUW5KhK01
YY9hYr6Oqz0RFIIOTbU0eMGjEmBZh8njZ0uVHquqqeWD/nth7AoQZ5L4CtuGHmko
Iap/MqN9CzaVgnbZZIDlz9YDk7XGRJok94DI7gwFA9FWHomOhxgltRZB04RbwpdK
-----END CERTIFICATE-----
Generated at Mon Jul 22 21:47:39 2024 by rpki-client on console-ams.rpki-client.org