Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/qppU1mY9GPZiTF7dbFM_ZwTGO00.roa
File: qppU1mY9GPZiTF7dbFM_ZwTGO00.roa (raw, json)
Hash identifier: hfI20c2Q79TLYZlvlYfh++H+4B1rDJAc148zwkoYDNs=
Subject key identifier: AA:9A:54:D6:66:3D:18:F6:62:4C:5E:DD:6C:53:3F:67:04:C6:3B:4D
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42CE5CCA9BD7309499E1BBB6174392
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/qppU1mY9GPZiTF7dbFM_ZwTGO00.roa
Signing time: Sun 01 Jan 2023 21:35:27 +0000
ROA not before: Sun 01 Jan 2023 21:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202952
IP address blocks: 2a0e:8f02:f04d::/48 maxlen: 48
2a0e:8f02:21e0::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ce:5c:ca:9b:d7:30:94:99:e1:bb:b6:17:43:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa9a54d6663d18f6624c5edd6c533f6704c63b4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b9:8d:f2:54:0a:a3:cb:a7:5c:50:bf:ed:17:
7d:28:96:6c:4f:91:1f:f6:8a:2b:ba:c5:ee:f0:ba:
82:45:b2:aa:d4:2d:68:13:bb:60:5f:56:6f:11:a3:
07:b8:57:e5:08:43:6a:fb:23:c0:f1:1e:a7:a8:68:
64:14:4a:f3:83:ba:30:2f:ce:89:22:38:78:11:38:
39:04:0a:12:1b:1d:11:71:7b:dc:c3:06:99:3b:93:
76:1f:af:9c:9d:9f:61:75:2d:48:06:55:a4:e7:4a:
4f:2e:08:1e:c6:17:ea:39:f2:b6:02:9c:de:29:61:
41:bd:b1:2a:2f:e0:13:d9:37:09:fc:ef:4e:d6:36:
69:1e:86:13:76:a1:2c:cc:79:90:b7:c2:0a:7f:2c:
1c:f6:4f:be:13:da:70:46:87:20:e9:21:bc:a8:93:
a3:a8:9d:09:cc:68:1c:a0:ee:13:4c:5e:24:46:fc:
a5:85:41:d1:48:bc:e0:87:a4:e5:b1:1d:52:f6:cf:
de:a7:22:2d:2e:61:18:06:5c:a3:60:9b:ad:b6:15:
fd:a2:17:39:ea:99:16:14:db:35:a5:44:a1:79:65:
d8:67:71:77:10:a4:97:ff:20:7f:ea:6b:ef:d7:13:
d5:91:31:33:e2:cf:5e:5f:2b:05:5f:33:8e:b0:ac:
42:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:9A:54:D6:66:3D:18:F6:62:4C:5E:DD:6C:53:3F:67:04:C6:3B:4D
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/qppU1mY9GPZiTF7dbFM_ZwTGO00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:21e0::/44
2a0e:8f02:f04d::/48
Signature Algorithm: sha256WithRSAEncryption
75:4b:9e:c8:b2:0e:f4:ef:90:a7:b4:0e:6c:a9:8c:08:69:d6:
f3:c5:61:93:c9:f7:55:36:95:ab:c1:0f:81:1f:46:5e:8f:22:
1c:f4:c4:e1:e0:05:28:59:54:ca:96:2e:35:4c:6a:4d:9c:38:
38:f5:aa:4c:05:d6:e5:ff:60:98:d4:17:4d:47:28:9c:cf:d7:
fd:de:5e:95:ce:af:f5:90:a4:93:0f:bb:31:54:91:b8:93:46:
71:51:07:f6:29:d3:08:59:b8:4d:1e:4b:98:1e:2d:e6:5a:b8:
e1:cf:13:42:04:64:82:80:01:89:16:52:9d:c5:fb:cc:9f:df:
35:87:53:e0:20:54:2d:f4:39:89:d8:00:86:22:8f:66:7c:6b:
e5:35:72:d4:27:57:c8:18:31:4e:7b:7d:c0:d4:f3:ff:5f:d3:
22:0e:cf:2f:d9:8f:f1:bb:07:58:3b:21:7d:09:8c:e2:71:cc:
67:ce:45:4b:95:ea:48:dd:6e:bf:62:a8:0d:08:c9:51:e2:80:
8a:93:68:58:49:54:f8:90:54:40:2e:35:73:2d:58:0b:db:6a:
b1:46:37:a9:be:0f:86:a6:e7:a8:3e:f8:b4:e1:20:fb:d0:21:
a7:87:ea:f9:0d:2c:cf:d4:64:af:2d:40:7e:2e:b0:0c:dd:d2:
7d:e3:64:82
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvQs5cypvXMJSZ4bu2F0OSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTlhNTRkNjY2M2QxOGY2NjI0YzVlZGQ2YzUzM2Y2NzA0YzYzYjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbmN8lQKo8unXFC/7Rd9KJZsT5Ef
9oorusXu8LqCRbKq1C1oE7tgX1ZvEaMHuFflCENq+yPA8R6nqGhkFErzg7owL86J
Ijh4ETg5BAoSGx0RcXvcwwaZO5N2H6+cnZ9hdS1IBlWk50pPLggexhfqOfK2Apze
KWFBvbEqL+AT2TcJ/O9O1jZpHoYTdqEszHmQt8IKfywc9k++E9pwRocg6SG8qJOj
qJ0JzGgcoO4TTF4kRvylhUHRSLzgh6TlsR1S9s/epyItLmEYBlyjYJutthX9ohc5
6pkWFNs1pUSheWXYZ3F3EKSX/yB/6mvv1xPVkTEz4s9eXysFXzOOsKxCDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKqaVNZmPRj2Ykxe3WxTP2cExjtNMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvcXBwVTFtWTlHUFppVEY3ZGJGTV9ad1RHTzAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6PAiHg
AwcAKg6PAvBNMA0GCSqGSIb3DQEBCwUAA4IBAQB1S57Isg7075CntA5sqYwIadbz
xWGTyfdVNpWrwQ+BH0ZejyIc9MTh4AUoWVTKli41TGpNnDg49apMBdbl/2CY1BdN
Ryicz9f93l6Vzq/1kKSTD7sxVJG4k0ZxUQf2KdMIWbhNHkuYHi3mWrjhzxNCBGSC
gAGJFlKdxfvMn981h1PgIFQt9DmJ2ACGIo9mfGvlNXLUJ1fIGDFOe33A1PP/X9Mi
Ds8v2Y/xuwdYOyF9CYziccxnzkVLlepI3W6/YqgNCMlR4oCKk2hYSVT4kFRALjVz
LVgL22qxRjepvg+GpueoPvi04SD70CGnh+r5DSzP1GSvLUB+LrAM3dJ942SC
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org