Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/QKCDmh1f6knYebju_7I6iKujFOU.roa
File: QKCDmh1f6knYebju_7I6iKujFOU.roa (raw, json)
Hash identifier: QocDkNchtZB2FUXja3LIpUeTU7rQUat9NAKm2GekWZc=
Subject key identifier: 40:A0:83:9A:1D:5F:EA:49:D8:79:B8:EE:FF:B2:3A:88:AB:A3:14:E5
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01933F4D49AD204846DFE9923F69605D8F13
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/QKCDmh1f6knYebju_7I6iKujFOU.roa
Signing time: Mon 18 Nov 2024 12:44:09 +0000
ROA not before: Mon 18 Nov 2024 12:44:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208022
IP address blocks: 2a0a:280::/29 maxlen: 48
2a11:3780::/29 maxlen: 48
2a12:ef40::/29 maxlen: 48
2a13:63c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Nov 2024 17:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3f:4d:49:ad:20:48:46:df:e9:92:3f:69:60:5d:8f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Nov 18 12:44:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40a0839a1d5fea49d879b8eeffb23a88aba314e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7f:5a:4f:c7:6f:f6:c8:b7:ef:58:8b:09:51:
d6:7b:ea:92:70:d0:e1:37:11:fa:d4:85:77:09:77:
ac:8d:1a:50:20:e1:51:29:b8:46:2b:e5:5b:4d:b7:
a0:48:eb:3b:1b:cc:99:e8:fe:3f:87:4b:6c:e4:4f:
f8:de:09:d5:79:db:3c:be:2b:4a:95:51:64:df:da:
ee:57:d6:9f:d5:34:f0:05:43:e5:58:93:5d:40:77:
55:95:aa:8e:41:1b:67:91:ed:70:3a:45:6f:0c:f6:
7d:c2:f4:ab:5b:9e:fe:d4:7c:dd:af:fe:54:8c:16:
10:b5:be:54:ba:61:fb:d8:12:66:1d:5d:8e:c8:1d:
58:64:74:19:3e:7e:1a:8a:4e:33:1a:b9:08:8a:17:
d6:28:6a:5d:21:72:8f:a0:4f:db:94:37:b0:21:3c:
2f:60:6e:34:bf:f4:67:73:01:23:62:1e:85:9c:0c:
7b:e2:ad:9d:da:03:d8:e0:0d:8e:25:38:a5:96:de:
5c:e7:72:4e:b4:8e:d6:af:fd:ce:05:9f:ed:03:fb:
fc:3c:58:e1:71:35:b2:57:0d:cd:b3:e5:63:5b:39:
e7:97:29:12:34:76:29:9b:a9:69:6f:35:18:0f:13:
c0:32:4e:b7:7b:c5:26:dc:44:d3:10:ee:74:97:96:
3a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A0:83:9A:1D:5F:EA:49:D8:79:B8:EE:FF:B2:3A:88:AB:A3:14:E5
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/QKCDmh1f6knYebju_7I6iKujFOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280::/29
2a11:3780::/29
2a12:ef40::/29
2a13:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
61:c6:c6:ad:02:6e:e1:b9:c0:0a:b6:40:ec:74:00:04:a9:4c:
58:a5:13:01:36:7e:e9:e0:71:d4:cf:54:40:0a:02:f0:c1:23:
4c:9e:64:a6:e6:84:32:23:54:ed:d3:37:3d:79:8d:ba:55:78:
cd:e2:e5:88:5e:04:06:b4:65:80:d2:ef:3f:a3:bc:2a:a6:fa:
4a:93:ea:7c:28:e5:59:6f:d9:2f:61:28:c5:e3:1d:69:e2:0a:
55:86:db:dc:cd:bd:dc:31:3d:26:f6:7e:39:30:dd:89:40:f1:
14:85:d9:b4:d8:13:a8:54:d4:00:41:60:56:83:76:63:89:fd:
ef:ec:9b:fb:5b:c6:6e:df:ff:ca:1f:d6:19:48:6b:83:b2:22:
b8:c0:a0:65:db:02:ae:b1:a6:51:97:9f:71:76:c1:18:70:20:
4d:74:54:23:49:b3:a3:cf:2e:51:27:c9:c1:0f:0c:bc:2d:7e:
fc:69:54:37:f0:ff:86:35:c2:46:fb:25:8e:9d:69:80:68:14:
db:a4:42:8b:ea:00:46:6b:78:77:ae:2b:5b:e1:0a:68:67:fb:
11:19:59:ce:8d:c5:81:63:d7:8d:af:c1:28:e1:aa:0b:ca:55:
27:32:93:66:84:e1:37:22:09:1a:61:2f:50:c8:73:19:e4:e2:
0e:a8:3d:d5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZM/TUmtIEhG3+mSP2lgXY8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjQxMTE4MTI0NDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGEwODM5YTFkNWZlYTQ5ZDg3OWI4ZWVmZmIyM2E4OGFiYTMxNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX9aT8dv9si371iLCVHWe+qScNDh
NxH61IV3CXesjRpQIOFRKbhGK+VbTbegSOs7G8yZ6P4/h0ts5E/43gnVeds8vitK
lVFk39ruV9af1TTwBUPlWJNdQHdVlaqOQRtnke1wOkVvDPZ9wvSrW57+1Hzdr/5U
jBYQtb5UumH72BJmHV2OyB1YZHQZPn4aik4zGrkIihfWKGpdIXKPoE/blDewITwv
YG40v/RncwEjYh6FnAx74q2d2gPY4A2OJTillt5c53JOtI7Wr/3OBZ/tA/v8PFjh
cTWyVw3Ns+VjWznnlykSNHYpm6lpbzUYDxPAMk63e8Um3ETTEO50l5Y69QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFECgg5odX+pJ2Hm47v+yOoiroxTlMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvUUtDRG1oMWY2a25ZZWJqdV83STZpS3VqRk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgoCgAMF
AyoRN4ADBQMqEu9AAwUDKhNjwDANBgkqhkiG9w0BAQsFAAOCAQEAYcbGrQJu4bnA
CrZA7HQABKlMWKUTATZ+6eBx1M9UQAoC8MEjTJ5kpuaEMiNU7dM3PXmNulV4zeLl
iF4EBrRlgNLvP6O8Kqb6SpPqfCjlWW/ZL2EoxeMdaeIKVYbb3M293DE9JvZ+OTDd
iUDxFIXZtNgTqFTUAEFgVoN2Y4n97+yb+1vGbt//yh/WGUhrg7IiuMCgZdsCrrGm
UZefcXbBGHAgTXRUI0mzo88uUSfJwQ8MvC1+/GlUN/D/hjXCRvsljp1pgGgU26RC
i+oARmt4d64rW+EKaGf7ERlZzo3FgWPXja/BKOGqC8pVJzKTZoThNyIJGmEvUMhz
GeTiDqg91Q==
-----END CERTIFICATE-----
Generated at Tue Nov 19 21:45:16 2024 by rpki-client on console-ams.rpki-client.org