Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/qz7wSwcv_pojxbaCncYB_rWohvc.roa
File: qz7wSwcv_pojxbaCncYB_rWohvc.roa (raw, json)
Hash identifier: gJQmRWT1VobYXyOfyn/D/6RPMhFe8dYlzt9xcmi1eQw=
Subject key identifier: AB:3E:F0:4B:07:2F:FE:9A:23:C5:B6:82:9D:C6:01:FE:B5:A8:86:F7
Certificate issuer: /CN=4eaf14b67e051cfbd5e1b1d51693d44682392792
Certificate serial: 018CC42486662D5C4E9D25B709292CD83931
Authority key identifier: 4E:AF:14:B6:7E:05:1C:FB:D5:E1:B1:D5:16:93:D4:46:82:39:27:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tq8Utn4FHPvV4bHVFpPURoI5J5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/qz7wSwcv_pojxbaCncYB_rWohvc.roa
Signing time: Mon 01 Jan 2024 08:29:37 +0000
ROA not before: Mon 01 Jan 2024 08:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209718
IP address blocks: 2001:678:c44::/48 maxlen: 48
2001:678:c6c::/48 maxlen: 48
2001:67c:2ea8::/48 maxlen: 48
2001:67c:2908::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Apr 2024 23:03:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:86:66:2d:5c:4e:9d:25:b7:09:29:2c:d8:39:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eaf14b67e051cfbd5e1b1d51693d44682392792
Validity
Not Before: Jan 1 08:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab3ef04b072ffe9a23c5b6829dc601feb5a886f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c7:30:8f:f3:1a:05:45:81:32:63:cf:fe:2b:
5d:25:fb:84:a2:1c:d3:25:ec:ab:d4:fc:e9:eb:4d:
8d:48:96:8a:2e:e2:4d:8c:0e:0a:3e:ea:72:28:da:
fe:0a:52:f8:a3:0a:81:79:d8:99:72:6d:9c:3f:33:
63:4d:87:45:dc:10:1e:1c:e1:1f:9e:33:ed:04:04:
5f:32:be:59:6d:64:ed:46:49:84:1b:67:72:f7:6c:
92:d0:92:52:19:7e:34:c0:bc:22:02:7f:6d:4b:cb:
2e:2e:87:87:d7:f0:cc:e7:b5:06:6e:06:d5:d1:24:
08:1c:88:6e:4c:aa:e1:40:5a:74:2b:52:75:b0:e5:
c7:b5:fe:69:00:ee:db:2a:72:38:5c:50:82:14:5e:
b1:98:67:6a:37:d8:67:40:51:59:1a:41:da:ba:4c:
f5:41:59:67:0d:ec:fa:ab:3c:8d:79:bc:65:3b:19:
b5:b6:60:b6:9d:3e:cb:0c:ac:6c:e4:37:e8:c0:05:
f2:f2:9a:c4:ce:9d:36:a6:93:34:de:1c:5e:f7:d2:
7d:50:1c:55:32:ba:4a:b2:eb:eb:41:e8:ae:45:1f:
76:4c:a3:c3:16:93:a2:f4:bf:bc:61:94:f8:e8:38:
20:77:90:94:ce:8f:8a:48:64:89:e5:13:b3:10:c2:
df:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:3E:F0:4B:07:2F:FE:9A:23:C5:B6:82:9D:C6:01:FE:B5:A8:86:F7
X509v3 Authority Key Identifier:
keyid:4E:AF:14:B6:7E:05:1C:FB:D5:E1:B1:D5:16:93:D4:46:82:39:27:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tq8Utn4FHPvV4bHVFpPURoI5J5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/qz7wSwcv_pojxbaCncYB_rWohvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/Tq8Utn4FHPvV4bHVFpPURoI5J5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c44::/48
2001:678:c6c::/48
2001:67c:2908::/48
2001:67c:2ea8::/48
Signature Algorithm: sha256WithRSAEncryption
1e:b9:fb:40:df:49:ab:f3:4e:4a:b1:25:5e:ad:0a:ff:c4:28:
ae:b3:22:a9:36:16:df:5c:26:a5:4f:57:e3:49:fa:45:ff:be:
30:58:83:88:94:07:b7:d4:3b:e2:05:9e:b5:be:7e:d1:e6:0b:
c1:a2:ea:cb:a4:5d:b1:0c:65:37:1f:b8:5f:4a:e8:f4:9a:aa:
e1:7c:83:df:eb:ac:7d:e9:08:55:ce:34:50:70:39:3a:a3:17:
82:25:5c:c5:06:ae:57:46:83:d2:10:8c:0c:60:bf:f4:1f:a8:
77:b7:48:95:73:7e:1a:2e:14:5b:88:e0:9c:3b:c5:38:e8:1d:
9c:96:47:f0:b9:9d:5c:1a:46:e7:31:56:e0:c6:45:be:19:fe:
fe:8d:e0:00:c0:d6:c2:47:10:0d:e8:34:1d:34:a6:1e:66:11:
10:4e:7d:8e:ec:8d:4f:a7:85:d7:90:2b:e6:83:ed:64:f0:f4:
9b:c9:ef:2c:0d:fc:de:f1:79:80:00:d2:56:32:69:1a:8e:65:
ba:cc:57:46:3a:8c:96:ae:d8:b6:d8:a4:7e:2e:64:2e:aa:94:
48:94:d4:78:f4:40:d6:0a:4f:18:a0:eb:5f:d7:11:d9:16:79:
20:2b:77:f8:16:33:2b:5a:b2:28:5b:f2:0b:fe:7b:1a:6c:57:
79:59:6c:0e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEJIZmLVxOnSW3CSks2DkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYWYxNGI2N2UwNTFjZmJkNWUxYjFkNTE2OTNkNDQ2ODIz
OTI3OTIwHhcNMjQwMTAxMDgyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjNlZjA0YjA3MmZmZTlhMjNjNWI2ODI5ZGM2MDFmZWI1YTg4NmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMcwj/MaBUWBMmPP/itdJfuEohzT
Jeyr1Pzp602NSJaKLuJNjA4KPupyKNr+ClL4owqBediZcm2cPzNjTYdF3BAeHOEf
njPtBARfMr5ZbWTtRkmEG2dy92yS0JJSGX40wLwiAn9tS8suLoeH1/DM57UGbgbV
0SQIHIhuTKrhQFp0K1J1sOXHtf5pAO7bKnI4XFCCFF6xmGdqN9hnQFFZGkHaukz1
QVlnDez6qzyNebxlOxm1tmC2nT7LDKxs5DfowAXy8prEzp02ppM03hxe99J9UBxV
MrpKsuvrQeiuRR92TKPDFpOi9L+8YZT46Dggd5CUzo+KSGSJ5ROzEMLfewIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKs+8EsHL/6aI8W2gp3GAf61qIb3MB8GA1UdIwQY
MBaAFE6vFLZ+BRz71eGx1RaT1EaCOSeSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHE4VXRuNEZIUHZWNGJIVkZwUFVSb0k1SjVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84Y2Y1MWMtNTRkNy00YzNhLTkwYzQt
YmQ1MTJlZDU4Zjc4LzEvcXo3d1N3Y3ZfcG9qeGJhQ25jWUJfcldvaHZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84Y2Y1MWMtNTRkNy00YzNhLTkwYzQtYmQ1MTJlZDU4Zjc4
LzEvVHE4VXRuNEZIUHZWNGJIVkZwUFVSb0k1SjVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGeAxE
AwcAIAEGeAxsAwcAIAEGfCkIAwcAIAEGfC6oMA0GCSqGSIb3DQEBCwUAA4IBAQAe
uftA30mr805KsSVerQr/xCiusyKpNhbfXCalT1fjSfpF/74wWIOIlAe31DviBZ61
vn7R5gvBourLpF2xDGU3H7hfSuj0mqrhfIPf66x96QhVzjRQcDk6oxeCJVzFBq5X
RoPSEIwMYL/0H6h3t0iVc34aLhRbiOCcO8U46B2clkfwuZ1cGkbnMVbgxkW+Gf7+
jeAAwNbCRxAN6DQdNKYeZhEQTn2O7I1Pp4XXkCvmg+1k8PSbye8sDfze8XmAANJW
MmkajmW6zFdGOoyWrti22KR+LmQuqpRIlNR49EDWCk8YoOtf1xHZFnkgK3f4FjMr
WrIoW/IL/nsabFd5WWwO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:18 2024 by rpki-client on console-fra.rpki-client.org