Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/QmjgWzuarbRULuLql_6hRPuc_PI.roa
File: QmjgWzuarbRULuLql_6hRPuc_PI.roa (raw, json)
Hash identifier: yckeBnl8EdCyKjxKxVUl5TLZX1ctT9xEBg889hfvsvQ=
Subject key identifier: 42:68:E0:5B:3B:9A:AD:B4:54:2E:E2:EA:97:FE:A1:44:FB:9C:FC:F2
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 018CC801372266B482BE8CD86C393341DA68
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/QmjgWzuarbRULuLql_6hRPuc_PI.roa
Signing time: Tue 02 Jan 2024 02:29:32 +0000
ROA not before: Tue 02 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34440
IP address blocks: 2a01:488:bb18::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:37:22:66:b4:82:be:8c:d8:6c:39:33:41:da:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4268e05b3b9aadb4542ee2ea97fea144fb9cfcf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:df:a7:c9:f6:59:78:64:b0:22:04:48:4b:be:
ff:c4:bc:3f:62:9d:90:8c:39:30:9e:96:e0:3e:8d:
57:7f:90:48:5e:85:03:0d:e3:1c:5f:de:bb:6e:75:
a4:29:58:4e:87:0f:a0:2f:dd:e7:e9:f3:b9:f3:db:
95:7f:5f:ff:6f:3b:0a:8f:ac:6f:01:cb:87:44:6e:
54:d6:8a:e8:cd:4d:32:c5:77:2b:98:d3:44:1a:0e:
78:7c:75:3a:0e:3c:3b:db:ed:00:ed:a1:14:85:a5:
2f:8f:ab:91:48:64:04:b6:48:fc:f0:fd:f8:9d:e3:
4d:95:66:71:34:b2:71:e3:a5:42:9e:75:f5:31:af:
83:3e:de:ed:ed:36:69:fd:96:6e:18:5c:3c:8b:9d:
89:85:c6:eb:fc:e2:41:aa:91:bf:04:93:64:e7:d3:
48:e6:6c:bc:e5:61:e9:49:ef:55:cd:be:ca:cb:53:
b1:b1:63:ec:ef:90:51:e5:94:f6:24:63:6a:b4:e9:
81:88:ee:ad:72:53:32:1f:d9:ad:43:a9:54:f9:76:
ba:cb:79:96:0a:0d:73:13:ae:be:0e:c7:ca:3e:91:
3e:2b:df:91:16:25:93:20:d8:54:2a:25:77:a0:95:
8e:b6:fb:2a:9d:50:5c:de:f3:24:19:dd:fe:14:6e:
d2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:68:E0:5B:3B:9A:AD:B4:54:2E:E2:EA:97:FE:A1:44:FB:9C:FC:F2
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/QmjgWzuarbRULuLql_6hRPuc_PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb18::/48
Signature Algorithm: sha256WithRSAEncryption
62:00:39:44:5a:6a:49:9e:11:24:ae:e9:61:ac:21:2e:90:5e:
23:d1:a9:91:72:dc:5e:79:c7:df:9c:1a:1e:9f:eb:5c:a6:49:
f4:e7:e9:a8:69:e7:09:14:82:fa:2e:ce:0e:b7:c9:3e:a2:21:
96:b0:ae:85:a0:09:cd:bc:6d:a6:b8:76:c8:ca:c2:2e:ab:ae:
04:a1:cb:47:99:22:fc:68:6d:91:19:f6:ab:c2:e8:12:8a:c3:
f5:9a:fc:62:9d:d6:a3:e2:2d:94:d5:de:67:27:cb:23:ab:a2:
78:14:c3:9f:18:cc:00:5e:95:43:f9:42:a5:69:a5:f4:79:83:
9d:0e:85:0d:8e:a3:91:84:01:ed:a0:d6:cf:fb:86:ee:45:b7:
24:17:61:4d:73:86:7e:ea:00:1a:59:13:bb:33:8c:5c:97:50:
cd:7a:53:8a:90:33:9b:c9:c1:ef:e9:0f:98:31:b7:75:ad:f8:
27:db:f2:e4:e2:91:ad:04:f3:75:79:a3:d3:4f:1e:21:e3:41:
35:c5:6a:e3:b8:e5:73:b6:c3:55:bc:ad:dd:07:0a:ad:c2:a6:
0e:18:18:c7:49:5e:77:b0:82:a3:5f:32:d0:a6:18:4c:18:54:
bc:d1:b7:e2:e5:68:ed:82:80:c7:e3:e0:b3:e5:24:35:23:bf:
53:3f:63:54
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIATciZrSCvozYbDkzQdpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjQwMTAyMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjY4ZTA1YjNiOWFhZGI0NTQyZWUyZWE5N2ZlYTE0NGZiOWNmY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkN+nyfZZeGSwIgRIS77/xLw/Yp2Q
jDkwnpbgPo1Xf5BIXoUDDeMcX967bnWkKVhOhw+gL93n6fO589uVf1//bzsKj6xv
AcuHRG5U1orozU0yxXcrmNNEGg54fHU6Djw72+0A7aEUhaUvj6uRSGQEtkj88P34
neNNlWZxNLJx46VCnnX1Ma+DPt7t7TZp/ZZuGFw8i52Jhcbr/OJBqpG/BJNk59NI
5my85WHpSe9Vzb7Ky1OxsWPs75BR5ZT2JGNqtOmBiO6tclMyH9mtQ6lU+Xa6y3mW
Cg1zE66+DsfKPpE+K9+RFiWTINhUKiV3oJWOtvsqnVBc3vMkGd3+FG7SpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEJo4Fs7mq20VC7i6pf+oUT7nPzyMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvUW1qZ1d6dWFyYlJVTHVMcWxfNmhSUHVjX1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsY
MA0GCSqGSIb3DQEBCwUAA4IBAQBiADlEWmpJnhEkrulhrCEukF4j0amRctxeecff
nBoen+tcpkn05+moaecJFIL6Ls4Ot8k+oiGWsK6FoAnNvG2muHbIysIuq64EoctH
mSL8aG2RGfarwugSisP1mvxindaj4i2U1d5nJ8sjq6J4FMOfGMwAXpVD+UKlaaX0
eYOdDoUNjqORhAHtoNbP+4buRbckF2FNc4Z+6gAaWRO7M4xcl1DNelOKkDObycHv
6Q+YMbd1rfgn2/Lk4pGtBPN1eaPTTx4h40E1xWrjuOVztsNVvK3dBwqtwqYOGBjH
SV53sIKjXzLQphhMGFS80bfi5WjtgoDH4+Cz5SQ1I79TP2NU
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:23:43 2025 by rpki-client