Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/Qa6jIsprhl_Eewie2AdbUZI64ZA.roa
File: Qa6jIsprhl_Eewie2AdbUZI64ZA.roa (raw, json)
Hash identifier: 9apDXhfQ8zIbCvlkJ/bcsZxy/6LZ6qinrv2ayJrbjfU=
Subject key identifier: 41:AE:A3:22:CA:6B:86:5F:C4:7B:08:9E:D8:07:5B:51:92:3A:E1:90
Certificate issuer: /CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Certificate serial: 018CFCDBECFD709057B9ECA5A74004A7E22C
Authority key identifier: FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/Qa6jIsprhl_Eewie2AdbUZI64ZA.roa
Signing time: Fri 12 Jan 2024 08:48:40 +0000
ROA not before: Fri 12 Jan 2024 08:48:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5420
IP address blocks: 192.40.73.0/24 maxlen: 24
192.40.76.0/24 maxlen: 24
192.40.74.0/24 maxlen: 24
192.40.77.0/24 maxlen: 24
192.40.72.0/24 maxlen: 24
192.40.75.0/24 maxlen: 24
2001:67c:21a4::/48 maxlen: 48
2a06:f040::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Apr 2024 17:03:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fc:db:ec:fd:70:90:57:b9:ec:a5:a7:40:04:a7:e2:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Validity
Not Before: Jan 12 08:48:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41aea322ca6b865fc47b089ed8075b51923ae190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ad:36:92:e4:b7:5c:a2:29:c8:25:8f:8f:76:
62:9e:dc:c0:58:94:73:d3:bf:54:aa:a7:d7:73:1c:
56:a6:96:c2:22:88:a2:87:2e:d9:79:83:84:ad:7e:
1b:fa:52:2c:cf:b9:8f:5b:cc:4d:83:e7:3b:05:f4:
fd:1d:b6:da:54:19:77:c8:57:08:16:b0:81:67:a7:
53:c0:99:2d:29:99:ec:2c:cd:ac:84:81:75:e6:c7:
e0:61:f9:01:ee:60:dc:96:d3:f3:7d:8b:15:ee:7a:
e8:c9:10:04:e5:c1:ab:18:15:ca:02:f1:d8:c5:1c:
b4:5f:b5:14:af:ba:6b:7d:3f:b6:9a:57:b6:64:98:
de:60:e2:2a:6a:b4:cf:45:5b:71:8e:c0:8b:bd:71:
6f:00:42:f6:46:83:23:1a:07:e1:bb:ec:0a:2b:5e:
35:d8:51:32:8e:a1:03:3e:df:ea:aa:84:14:ab:14:
3d:05:4a:67:b0:d0:5c:66:81:27:a9:dc:78:9e:33:
83:42:dd:84:11:f6:e9:aa:8c:a5:37:3f:46:77:2d:
10:3f:28:ad:1b:6e:c7:4a:28:43:7d:97:5c:0d:5a:
59:a1:a7:8d:60:d1:bb:95:99:70:90:b2:f8:73:40:
aa:7a:2f:7a:3c:f8:a6:91:81:c8:b7:a3:38:e5:df:
cb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AE:A3:22:CA:6B:86:5F:C4:7B:08:9E:D8:07:5B:51:92:3A:E1:90
X509v3 Authority Key Identifier:
keyid:FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/Qa6jIsprhl_Eewie2AdbUZI64ZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.40.72.0-192.40.77.255
IPv6:
2001:67c:21a4::/48
2a06:f040::/32
Signature Algorithm: sha256WithRSAEncryption
84:5f:a5:d6:66:f4:a4:21:d6:8d:8d:6b:f0:0a:37:92:ac:56:
a4:d2:2e:e8:43:ad:67:7f:08:19:3a:da:86:69:cf:34:9b:ab:
11:03:d1:47:a2:4e:2e:29:55:85:71:76:78:df:e4:7c:b4:56:
a8:a3:4c:6c:e8:a5:e2:01:ae:56:bc:e9:05:1f:d4:7a:08:f1:
e5:c6:dc:1c:6c:f2:48:50:a0:4f:6f:38:53:83:ab:09:ee:c0:
0e:c3:56:05:89:00:98:f3:3d:cf:f4:b5:42:a8:76:4e:f3:e8:
e4:f9:a4:49:ef:db:3e:dd:76:f7:3e:7f:e8:64:99:c3:6a:cc:
76:d2:b4:9c:89:ff:92:74:0e:20:f6:eb:5c:c5:6b:73:77:4a:
d0:a2:19:24:16:cc:7c:8c:d2:b3:35:b9:a6:78:ec:ca:27:bf:
85:08:99:9e:d3:9a:6a:79:64:53:89:f8:80:7b:48:c0:07:75:
95:8f:09:9d:a6:92:47:92:58:ec:a5:8e:71:0a:44:31:8a:65:
c6:16:b7:49:bf:98:a4:76:bf:a7:7a:f8:fb:3d:93:73:97:14:
7a:12:d9:cc:41:ab:aa:78:28:78:92:a7:2c:32:b8:70:6f:58:
aa:2c:60:b4:db:a6:ef:b2:8a:ee:b4:0c:a4:8c:ff:fd:14:0a:
b0:d5:dd:b2
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYz82+z9cJBXueylp0AEp+IsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMWE4MTBlM2FiMTk2NGI0NGVjYjM3NzgzNDBiMjY2ZGJk
YTExMjYwHhcNMjQwMTEyMDg0ODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWFlYTMyMmNhNmI4NjVmYzQ3YjA4OWVkODA3NWI1MTkyM2FlMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgq02kuS3XKIpyCWPj3ZintzAWJRz
079UqqfXcxxWppbCIoiihy7ZeYOErX4b+lIsz7mPW8xNg+c7BfT9HbbaVBl3yFcI
FrCBZ6dTwJktKZnsLM2shIF15sfgYfkB7mDcltPzfYsV7nroyRAE5cGrGBXKAvHY
xRy0X7UUr7prfT+2mle2ZJjeYOIqarTPRVtxjsCLvXFvAEL2RoMjGgfhu+wKK141
2FEyjqEDPt/qqoQUqxQ9BUpnsNBcZoEnqdx4njODQt2EEfbpqoylNz9Gdy0QPyit
G27HSihDfZdcDVpZoaeNYNG7lZlwkLL4c0Cqei96PPimkYHIt6M45d/LNQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEGuoyLKa4ZfxHsIntgHW1GSOuGQMB8GA1UdIwQY
MBaAFPsagQ46sZZLROyzd4NAsmbb2hEmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14cUJEanF4bGt0RTdMTjNnMEN5WnR2YUVTWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgw
LWI1YWJmNDQwZTg5My8xL1FhNmpJc3ByaGxfRWV3aWUyQWRiVVpJNjRaQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgwLWI1YWJmNDQwZTg5
My8xLzEteHFCRGpxeGxrdEU3TE4zZzBDeVp0dmFFU1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMBQEAgABMA4wDAMEA8Ao
SAMEAcAoTDAWBAIAAjAQAwcAIAEGfCGkAwUAKgbwQDANBgkqhkiG9w0BAQsFAAOC
AQEAhF+l1mb0pCHWjY1r8Ao3kqxWpNIu6EOtZ38IGTrahmnPNJurEQPRR6JOLilV
hXF2eN/kfLRWqKNMbOil4gGuVrzpBR/Uegjx5cbcHGzySFCgT284U4OrCe7ADsNW
BYkAmPM9z/S1Qqh2TvPo5PmkSe/bPt129z5/6GSZw2rMdtK0nIn/knQOIPbrXMVr
c3dK0KIZJBbMfIzSszW5pnjsyie/hQiZntOaanlkU4n4gHtIwAd1lY8JnaaSR5JY
7KWOcQpEMYplxha3Sb+YpHa/p3r4+z2Tc5cUehLZzEGrqngoeJKnLDK4cG9Yqixg
tNum77KK7rQMpIz//RQKsNXdsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:28 2024 by rpki-client on console-fra.rpki-client.org