Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/QzoHCCbC8aYhVOFETlnwn9cMbqs.roa
File: QzoHCCbC8aYhVOFETlnwn9cMbqs.roa (raw, json)
Hash identifier: uw6LjKxFZlT7Xg/tC8R8wT7QmbmoHlpo3jkl2UNgzTU=
Subject key identifier: 43:3A:07:08:26:C2:F1:A6:21:54:E1:44:4E:59:F0:9F:D7:0C:6E:AB
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42F101E414EAEA2CB18915DC0501CC
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/QzoHCCbC8aYhVOFETlnwn9cMbqs.roa
Signing time: Sun 01 Jan 2023 21:35:36 +0000
ROA not before: Sun 01 Jan 2023 21:35:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213018
IP address blocks: 2a0e:8f00:dfc0::/42 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:f1:01:e4:14:ea:ea:2c:b1:89:15:dc:05:01:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=433a070826c2f1a62154e1444e59f09fd70c6eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3f:fe:db:ed:f3:cb:8f:fb:32:1d:1f:f1:ee:
84:25:73:d6:26:e7:5b:fc:40:78:32:b3:f7:11:26:
ac:5d:aa:2b:63:1a:9a:76:25:d2:24:92:20:38:89:
4e:cb:df:33:5d:46:a6:f9:56:82:47:2d:99:a7:39:
63:5e:49:c5:77:34:f8:05:4b:82:4e:a5:31:f5:9f:
ca:1e:34:0d:10:c9:f2:c1:57:6f:0f:63:09:7f:23:
14:eb:89:e9:b6:7a:4c:7b:48:3b:05:2e:b5:15:97:
9d:f2:1c:19:eb:f8:0e:2f:d2:38:89:7c:44:b1:a5:
9e:89:e7:62:39:0e:c3:e6:9d:e2:40:73:45:5e:d2:
4a:1e:e7:ba:44:ce:2c:7a:af:1a:ae:1c:22:03:ce:
ba:4a:b8:db:55:3f:03:bf:43:de:41:41:60:dd:9c:
ba:24:cc:33:01:f0:09:94:99:b5:37:28:d5:85:12:
94:9c:87:1f:fe:c4:50:b1:e7:fe:83:16:27:24:8b:
f4:1a:33:13:15:ec:c4:6b:7e:85:07:b7:fe:a6:3a:
cf:9e:96:c0:34:60:2a:fe:9a:06:36:fe:9a:3b:1c:
9b:c1:8d:ed:d9:64:46:12:d9:45:fe:de:5a:ba:4b:
f2:3b:73:28:c1:f0:76:07:eb:ed:77:5e:f7:ee:40:
71:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:3A:07:08:26:C2:F1:A6:21:54:E1:44:4E:59:F0:9F:D7:0C:6E:AB
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/QzoHCCbC8aYhVOFETlnwn9cMbqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f00:dfc0::/42
Signature Algorithm: sha256WithRSAEncryption
79:b1:7d:18:94:71:5f:a9:9e:de:f6:57:1e:ae:b7:03:1f:69:
8d:33:42:34:1f:10:07:6c:77:7c:3e:65:0f:74:e0:c5:05:d9:
bd:c5:56:ea:09:d6:de:3c:3f:d1:3a:51:6f:10:50:b0:05:db:
e2:7e:b8:98:3b:8e:98:94:a5:c9:d4:26:d3:b9:ad:14:d6:9a:
ea:8e:1d:81:28:b6:73:46:f3:62:8d:9c:db:90:c5:ed:63:51:
4b:77:0e:81:99:7a:87:38:25:19:14:f5:42:96:26:62:2a:9b:
70:08:87:5e:8e:c4:86:05:ea:78:fe:ba:85:de:0c:1d:1a:32:
e4:58:a8:8d:68:21:ef:17:30:ac:2e:56:fe:59:6f:0a:b3:63:
ee:31:da:21:95:40:f1:9b:64:e8:2a:45:58:b3:6c:bd:97:1a:
7d:86:1d:71:ae:c1:93:59:d6:67:7d:96:df:eb:49:4c:a6:12:
60:5a:58:52:b8:c8:22:30:b4:8f:19:77:1a:c7:3c:1c:44:44:
1e:01:e0:5b:7a:d0:e5:02:c0:e7:65:91:b6:79:20:26:04:11:
98:41:82:8f:9f:22:35:9e:17:56:ad:39:24:25:f7:df:13:a6:
a9:ba:52:e4:c2:91:d0:f0:97:98:12:d0:49:e8:4c:e6:0a:b9:
3b:23:22:d4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQvEB5BTq6iyxiRXcBQHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzNhMDcwODI2YzJmMWE2MjE1NGUxNDQ0ZTU5ZjA5ZmQ3MGM2ZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnz/+2+3zy4/7Mh0f8e6EJXPWJudb
/EB4MrP3ESasXaorYxqadiXSJJIgOIlOy98zXUam+VaCRy2ZpzljXknFdzT4BUuC
TqUx9Z/KHjQNEMnywVdvD2MJfyMU64nptnpMe0g7BS61FZed8hwZ6/gOL9I4iXxE
saWeiediOQ7D5p3iQHNFXtJKHue6RM4seq8arhwiA866SrjbVT8Dv0PeQUFg3Zy6
JMwzAfAJlJm1NyjVhRKUnIcf/sRQsef+gxYnJIv0GjMTFezEa36FB7f+pjrPnpbA
NGAq/poGNv6aOxybwY3t2WRGEtlF/t5aukvyO3MowfB2B+vtd1737kBxVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEM6BwgmwvGmIVThRE5Z8J/XDG6rMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvUXpvSENDYkM4YVloVk9GRVRsbnduOWNNYnFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKg6PAN/A
MA0GCSqGSIb3DQEBCwUAA4IBAQB5sX0YlHFfqZ7e9lcerrcDH2mNM0I0HxAHbHd8
PmUPdODFBdm9xVbqCdbePD/ROlFvEFCwBdvifriYO46YlKXJ1CbTua0U1prqjh2B
KLZzRvNijZzbkMXtY1FLdw6BmXqHOCUZFPVCliZiKptwCIdejsSGBep4/rqF3gwd
GjLkWKiNaCHvFzCsLlb+WW8Ks2PuMdohlUDxm2ToKkVYs2y9lxp9hh1xrsGTWdZn
fZbf60lMphJgWlhSuMgiMLSPGXcaxzwcREQeAeBbetDlAsDnZZG2eSAmBBGYQYKP
nyI1nhdWrTkkJfffE6apulLkwpHQ8JeYEtBJ6EzmCrk7IyLU
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:00 2024 by rpki-client on console-ams.rpki-client.org