Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/QCKyXPN7vuQRADGEhnU3ogUJMpc.roa
File: QCKyXPN7vuQRADGEhnU3ogUJMpc.roa (raw, json)
Hash identifier: th2cXeKBPUuiFPtSjBYZ2493pQWtyZGENcR5TUHzshQ=
Subject key identifier: 40:22:B2:5C:F3:7B:BE:E4:11:00:31:84:86:75:37:A2:05:09:32:97
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42E1210787C3B26111A5154FB8DCDA
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/QCKyXPN7vuQRADGEhnU3ogUJMpc.roa
Signing time: Sun 01 Jan 2023 21:35:32 +0000
ROA not before: Sun 01 Jan 2023 21:35:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211696
IP address blocks: 2a0e:8f02:f01f::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:e1:21:07:87:c3:b2:61:11:a5:15:4f:b8:dc:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4022b25cf37bbee411003184867537a205093297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9b:5d:7a:2c:44:82:7a:d5:36:8c:58:a7:ce:
f8:72:0c:93:dc:71:0d:1b:a2:34:b2:90:66:22:6c:
d3:2f:2f:05:6c:ed:27:ad:91:c9:4b:9e:c6:d1:67:
96:29:66:c3:22:35:ac:b7:63:e9:88:8d:10:c9:f6:
a9:c0:a0:36:5e:a7:e8:23:ad:02:6f:1e:7d:e4:cb:
88:05:0e:70:e9:9c:4b:a7:1c:e3:2e:61:73:0a:98:
cd:c4:b6:93:c4:e4:2b:7e:da:26:67:50:bb:6c:77:
cb:5b:5d:87:19:3b:e3:ab:e2:cf:2e:ef:b1:0a:00:
a3:16:9c:0b:e5:90:31:79:5a:e6:40:76:e7:1d:13:
b6:e5:2d:b7:52:77:0b:52:cf:20:79:c0:13:37:8f:
43:5e:ca:c7:5a:fc:26:5f:fb:37:2f:8d:de:c7:53:
e6:20:14:ca:35:b4:f0:4e:d8:b9:ea:0e:4e:0b:0b:
60:b6:57:60:aa:35:87:70:6e:e8:db:47:ab:a5:83:
04:1a:4e:86:cb:e8:17:ac:75:3a:02:8f:35:c5:08:
88:fd:4d:b7:70:c9:0b:b2:78:00:e0:25:35:91:92:
20:87:36:19:42:2d:cf:33:3b:c1:07:96:1f:73:a6:
a0:bb:cc:0d:cf:8c:39:23:dc:a5:19:88:d2:09:7c:
b9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:22:B2:5C:F3:7B:BE:E4:11:00:31:84:86:75:37:A2:05:09:32:97
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/QCKyXPN7vuQRADGEhnU3ogUJMpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f01f::/48
Signature Algorithm: sha256WithRSAEncryption
07:fc:18:6a:03:1c:19:ae:56:5f:cd:d1:7d:f4:10:bf:d0:6d:
41:e6:0c:e8:88:2f:41:0e:08:7d:05:74:d1:f6:c3:c4:17:83:
ac:24:d7:ae:ab:2b:6f:ae:7c:f3:41:fb:58:41:ca:0a:d3:6b:
8d:1b:df:7e:0f:f0:b1:0e:87:38:6d:98:44:5d:94:32:d8:85:
30:52:65:f9:05:97:db:eb:01:43:2b:78:8f:f3:4a:19:6f:36:
5a:ef:9d:cd:89:8e:01:97:9f:0e:81:ce:65:77:b8:f7:d0:3c:
96:d2:df:17:ad:c6:4a:b2:c7:09:b2:1b:b0:f1:15:03:9a:4a:
f1:31:97:a7:fb:79:9c:1a:66:6a:2c:10:c0:2c:e9:c6:8d:99:
60:c6:26:ea:b5:da:b8:8d:31:bd:c2:6a:e1:af:09:54:96:83:
e0:96:f1:4a:d1:77:60:f6:5d:21:e2:02:bf:58:9d:ca:bd:f7:
a1:2c:fc:3d:a5:54:6f:df:04:2e:e6:ad:f3:71:bd:25:26:ba:
a2:76:9e:59:38:e1:8b:3a:31:a4:ed:9d:f4:1a:34:b1:5e:3e:
a4:46:76:52:01:be:95:83:ed:a5:0a:92:6b:ba:cf:45:c9:0e:
02:c5:8d:5e:20:48:5f:71:7a:61:20:0f:b9:c0:ae:9c:55:e1:
25:b7:bc:99
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQuEhB4fDsmERpRVPuNzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDIyYjI1Y2YzN2JiZWU0MTEwMDMxODQ4Njc1MzdhMjA1MDkzMjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgptdeixEgnrVNoxYp874cgyT3HEN
G6I0spBmImzTLy8FbO0nrZHJS57G0WeWKWbDIjWst2PpiI0QyfapwKA2XqfoI60C
bx595MuIBQ5w6ZxLpxzjLmFzCpjNxLaTxOQrftomZ1C7bHfLW12HGTvjq+LPLu+x
CgCjFpwL5ZAxeVrmQHbnHRO25S23UncLUs8gecATN49DXsrHWvwmX/s3L43ex1Pm
IBTKNbTwTti56g5OCwtgtldgqjWHcG7o20erpYMEGk6Gy+gXrHU6Ao81xQiI/U23
cMkLsngA4CU1kZIghzYZQi3PMzvBB5Yfc6agu8wNz4w5I9ylGYjSCXy5BQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEAislzze77kEQAxhIZ1N6IFCTKXMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvUUNLeVhQTjd2dVFSQURHRWhuVTNvZ1VKTXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAf
MA0GCSqGSIb3DQEBCwUAA4IBAQAH/BhqAxwZrlZfzdF99BC/0G1B5gzoiC9BDgh9
BXTR9sPEF4OsJNeuqytvrnzzQftYQcoK02uNG99+D/CxDoc4bZhEXZQy2IUwUmX5
BZfb6wFDK3iP80oZbzZa753NiY4Bl58Ogc5ld7j30DyW0t8XrcZKsscJshuw8RUD
mkrxMZen+3mcGmZqLBDALOnGjZlgxibqtdq4jTG9wmrhrwlUloPglvFK0Xdg9l0h
4gK/WJ3KvfehLPw9pVRv3wQu5q3zcb0lJrqidp5ZOOGLOjGk7Z30GjSxXj6kRnZS
Ab6Vg+2lCpJrus9FyQ4CxY1eIEhfcXphIA+5wK6cVeElt7yZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org