Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Qj1mp-uBCTGvqAhccOX9lX5m2jM.roa
File: Qj1mp-uBCTGvqAhccOX9lX5m2jM.roa (raw, json)
Hash identifier: ND1uQO0+FM1t1uaF9KzdVDeHy9vOgTN0UR8owcKsETc=
Subject key identifier: 42:3D:66:A7:EB:81:09:31:AF:A8:08:5C:70:E5:FD:95:7E:66:DA:33
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42D289D7BD7EA1F5372F10B925F4F5
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Qj1mp-uBCTGvqAhccOX9lX5m2jM.roa
Signing time: Sun 01 Jan 2023 21:35:28 +0000
ROA not before: Sun 01 Jan 2023 21:35:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207618
IP address blocks: 2a0e:8f02:21c0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d2:89:d7:bd:7e:a1:f5:37:2f:10:b9:25:f4:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=423d66a7eb810931afa8085c70e5fd957e66da33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:18:b3:51:cc:a9:d7:a7:0c:3e:4e:99:fd:6a:
38:09:d4:1c:6c:3a:2e:ab:b0:ed:25:22:b1:4e:65:
13:99:ee:15:25:d8:43:f2:f7:c9:f7:b5:b5:53:25:
5d:96:8a:28:13:b8:5d:c3:dc:99:da:42:43:51:76:
5e:3c:c1:3a:fe:f5:be:7f:50:41:96:61:13:00:18:
d9:2b:ec:53:a4:08:e8:ed:52:9c:ec:90:c3:f5:af:
95:5a:62:51:a1:21:3f:6c:bc:84:95:b9:9a:c3:52:
d4:5c:e4:4d:68:e1:99:69:78:3c:62:3f:65:d8:d0:
cd:dc:c2:b9:e5:12:ec:e9:db:d9:22:e6:bd:69:f0:
3f:c8:70:1d:84:48:c8:96:18:6f:2c:13:22:47:9e:
80:31:d5:e9:10:88:f7:08:7c:65:b7:8a:84:18:01:
bf:49:a8:28:cb:d0:87:f7:1e:80:2f:ae:85:33:d3:
b7:dc:2d:f6:d2:80:cd:cf:de:93:15:33:3a:63:ed:
c4:85:7d:60:10:fc:68:ff:6d:81:d3:5e:4c:ac:e0:
77:0d:1d:f9:09:a5:d0:39:a3:e4:34:32:8d:f8:82:
ae:51:d1:65:25:09:0e:ee:ed:ba:5f:59:84:71:7f:
cd:c1:a2:36:fd:5a:23:09:a9:6e:db:57:3a:39:b1:
3f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3D:66:A7:EB:81:09:31:AF:A8:08:5C:70:E5:FD:95:7E:66:DA:33
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/Qj1mp-uBCTGvqAhccOX9lX5m2jM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:21c0::/44
Signature Algorithm: sha256WithRSAEncryption
7a:f1:2c:2d:92:89:25:c7:79:85:76:5c:2a:42:6a:97:d6:8e:
d3:50:21:93:f1:96:8d:fa:65:56:ff:1f:50:c6:1c:41:49:bd:
f4:10:e0:79:34:1c:41:54:f8:d5:0b:90:59:6a:2d:49:62:e9:
6d:c3:b1:47:c9:c9:c2:9a:41:d3:97:d3:ba:b6:20:65:b8:b1:
33:15:54:b7:eb:f2:c8:a0:a0:11:4f:77:ee:98:51:d6:23:84:
60:f4:51:be:57:04:0a:fe:59:9d:68:60:73:f9:22:cc:fd:82:
8b:59:e3:be:1a:0d:24:51:34:fc:69:2e:af:54:c7:98:73:9e:
5f:ac:bb:42:49:72:f7:4d:65:21:0e:e1:30:2b:d6:64:a5:ba:
25:a3:8e:3a:c2:04:98:08:5b:f1:a4:35:cc:b3:e9:9f:f4:e0:
14:fe:19:1a:f7:f2:d8:85:bc:2d:c3:46:5d:9c:87:ec:66:5b:
29:c7:a2:ab:9b:5a:4c:44:c1:bc:10:09:55:68:c5:dc:c7:77:
bb:f9:00:27:de:45:bd:33:d7:97:7e:ca:9a:0e:51:8b:63:72:
5b:54:65:2a:7d:e1:e9:52:80:91:74:42:9d:d6:df:e4:0a:4f:
69:86:80:59:3e:1b:e2:21:9f:25:f4:32:4d:a4:bf:dc:c4:ca:
d6:5d:a4:15
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQtKJ171+ofU3LxC5JfT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNkNjZhN2ViODEwOTMxYWZhODA4NWM3MGU1ZmQ5NTdlNjZkYTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxizUcyp16cMPk6Z/Wo4CdQcbDou
q7DtJSKxTmUTme4VJdhD8vfJ97W1UyVdloooE7hdw9yZ2kJDUXZePME6/vW+f1BB
lmETABjZK+xTpAjo7VKc7JDD9a+VWmJRoSE/bLyElbmaw1LUXORNaOGZaXg8Yj9l
2NDN3MK55RLs6dvZIua9afA/yHAdhEjIlhhvLBMiR56AMdXpEIj3CHxlt4qEGAG/
Sagoy9CH9x6AL66FM9O33C320oDNz96TFTM6Y+3EhX1gEPxo/22B015MrOB3DR35
CaXQOaPkNDKN+IKuUdFlJQkO7u26X1mEcX/NwaI2/VojCalu21c6ObE/bwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEI9ZqfrgQkxr6gIXHDl/ZV+ZtozMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvUWoxbXAtdUJDVEd2cUFoY2NPWDlsWDVtMmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiHA
MA0GCSqGSIb3DQEBCwUAA4IBAQB68Swtkoklx3mFdlwqQmqX1o7TUCGT8ZaN+mVW
/x9QxhxBSb30EOB5NBxBVPjVC5BZai1JYultw7FHycnCmkHTl9O6tiBluLEzFVS3
6/LIoKART3fumFHWI4Rg9FG+VwQK/lmdaGBz+SLM/YKLWeO+Gg0kUTT8aS6vVMeY
c55frLtCSXL3TWUhDuEwK9Zkpbolo446wgSYCFvxpDXMs+mf9OAU/hka9/LYhbwt
w0ZdnIfsZlspx6Krm1pMRMG8EAlVaMXcx3e7+QAn3kW9M9eXfsqaDlGLY3JbVGUq
feHpUoCRdEKd1t/kCk9phoBZPhviIZ8l9DJNpL/cxMrWXaQV
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org