Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/e_QGQW0wdB9ibGMsW7wzHjsClB4.roa
File: e_QGQW0wdB9ibGMsW7wzHjsClB4.roa (raw, json)
Hash identifier: YzNCrvWhBaH8bJ7fiYRwJPQWnyLPpLLmJBJL9y3Yffw=
Subject key identifier: 7B:F4:06:41:6D:30:74:1F:62:6C:63:2C:5B:BC:33:1E:3B:02:94:1E
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01913373AD7A71ECBBC1D1DD212944E0D39C
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/e_QGQW0wdB9ibGMsW7wzHjsClB4.roa
Signing time: Thu 08 Aug 2024 19:25:04 +0000
ROA not before: Thu 08 Aug 2024 19:25:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215434
IP address blocks: 2a13:afc0::/29 maxlen: 29
2a14:61c0::/29 maxlen: 29
2a14:62c0::/29 maxlen: 29
2a14:68c0::/29 maxlen: 29
2a14:69c0::/29 maxlen: 29
2a14:6a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 05 Oct 2024 19:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:33:73:ad:7a:71:ec:bb:c1:d1:dd:21:29:44:e0:d3:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Aug 8 19:25:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bf406416d30741f626c632c5bbc331e3b02941e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:93:36:6d:9c:b7:4d:83:ab:a4:77:51:df:1a:
d5:d9:67:42:58:b5:6f:12:1a:e3:93:4d:11:a0:a5:
7a:28:3f:52:f0:28:9f:22:4e:64:2a:08:c3:a8:ae:
56:57:59:1d:26:0d:36:3f:8d:1b:14:15:96:38:35:
28:99:26:ae:67:2a:6f:87:fc:13:92:e5:c6:51:f4:
a1:93:00:fa:73:9f:e5:c8:ff:4a:ed:cf:69:32:84:
78:34:38:cc:8c:a5:c5:87:8b:ac:39:59:0f:07:03:
84:3f:f5:bd:81:fa:1d:80:dd:16:00:2c:31:94:23:
96:c9:2e:85:01:18:19:f5:89:c9:1c:bb:5a:22:2a:
38:78:f4:2b:37:30:98:d2:18:8f:59:4f:62:65:b0:
ce:73:0b:b3:90:5d:1e:58:d1:e8:61:9e:f2:c5:6a:
40:17:ea:6b:a3:fc:cf:0f:c3:69:21:30:f8:0e:37:
30:dc:c8:30:a4:92:f2:69:c4:09:71:05:35:6a:83:
e2:b0:38:63:29:38:dc:fd:46:ba:f3:eb:ca:e3:e3:
8d:74:98:ff:75:cb:28:b6:1a:85:92:fd:f3:93:67:
bd:26:94:fb:2d:4e:bd:e0:4d:f3:12:ba:4a:db:d7:
03:7a:e8:6f:0b:7c:91:25:d5:5d:d1:15:e7:09:0e:
5f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F4:06:41:6D:30:74:1F:62:6C:63:2C:5B:BC:33:1E:3B:02:94:1E
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/e_QGQW0wdB9ibGMsW7wzHjsClB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:afc0::/29
2a14:61c0::/29
2a14:62c0::/29
2a14:68c0::/29
2a14:69c0::/29
2a14:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
2f:e2:6f:d4:e5:38:80:24:87:58:3c:cf:e2:3a:b2:7a:60:aa:
2e:3c:00:69:83:ba:f2:20:02:07:d7:48:70:fe:30:3c:c1:d9:
fc:07:61:c5:8d:57:b5:41:58:ea:c9:54:95:aa:5a:55:b0:3b:
62:81:08:77:23:f5:0f:02:f8:d4:3d:72:70:c8:64:05:de:f1:
93:42:ff:39:70:61:54:76:c9:c0:66:46:26:d1:ce:00:0c:d7:
a5:e7:9c:6d:a9:0f:ea:00:82:f9:26:c4:df:1e:a3:78:12:69:
aa:1c:a2:a4:84:e4:ac:06:c1:0b:a4:fc:82:d4:73:ae:56:70:
a6:87:59:85:2e:45:45:a9:6c:71:f3:48:63:5c:cc:55:28:8d:
9c:d9:b6:97:d0:90:2b:95:ec:0c:3d:78:ef:62:df:be:2f:2a:
e4:85:9b:82:51:7b:2e:88:69:c7:e3:8e:3a:29:d6:e1:30:9b:
7f:8e:64:a7:4d:b3:bb:82:80:4a:ac:fb:9f:91:17:2a:4e:2d:
48:85:8b:52:15:e7:c4:c4:16:51:80:11:e3:50:3d:e7:7b:7f:
eb:5b:80:cc:c9:6c:c1:01:1f:8e:87:9d:d9:4f:07:35:09:9e:
1e:e1:9e:63:14:8b:3f:c6:7f:85:f8:54:7b:7a:a9:4c:e0:85:
7f:9c:7a:de
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZEzc616cey7wdHdISlE4NOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwODA4MTkyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmY0MDY0MTZkMzA3NDFmNjI2YzYzMmM1YmJjMzMxZTNiMDI5NDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJM2bZy3TYOrpHdR3xrV2WdCWLVv
Ehrjk00RoKV6KD9S8CifIk5kKgjDqK5WV1kdJg02P40bFBWWODUomSauZypvh/wT
kuXGUfShkwD6c5/lyP9K7c9pMoR4NDjMjKXFh4usOVkPBwOEP/W9gfodgN0WACwx
lCOWyS6FARgZ9YnJHLtaIio4ePQrNzCY0hiPWU9iZbDOcwuzkF0eWNHoYZ7yxWpA
F+pro/zPD8NpITD4Djcw3MgwpJLyacQJcQU1aoPisDhjKTjc/Ua68+vK4+ONdJj/
dcsothqFkv3zk2e9JpT7LU694E3zErpK29cDeuhvC3yRJdVd0RXnCQ5fYQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHv0BkFtMHQfYmxjLFu8Mx47ApQeMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvZV9RR1FXMHdkQjlpYkdNc1c3d3pIanNDbEI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKhOvwAMF
AyoUYcADBQMqFGLAAwUDKhRowAMFAyoUacADBQMqFGpAMA0GCSqGSIb3DQEBCwUA
A4IBAQAv4m/U5TiAJIdYPM/iOrJ6YKouPABpg7ryIAIH10hw/jA8wdn8B2HFjVe1
QVjqyVSVqlpVsDtigQh3I/UPAvjUPXJwyGQF3vGTQv85cGFUdsnAZkYm0c4ADNel
55xtqQ/qAIL5JsTfHqN4EmmqHKKkhOSsBsELpPyC1HOuVnCmh1mFLkVFqWxx80hj
XMxVKI2c2baX0JArlewMPXjvYt++LyrkhZuCUXsuiGnH4446KdbhMJt/jmSnTbO7
goBKrPufkRcqTi1IhYtSFefExBZRgBHjUD3ne3/rW4DMyWzBAR+Oh53ZTwc1CZ4e
4Z5jFIs/xn+F+FR7eqlM4IV/nHre
-----END CERTIFICATE-----
Generated at Sat Oct 5 23:23:34 2024 by rpki-client on console-fra.rpki-client.org