Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/QULJ0zsTaRQD81DkqYfrXvvsjco.roa
File: QULJ0zsTaRQD81DkqYfrXvvsjco.roa (raw, json)
Hash identifier: K8XlQLKrgjeT/jI94yOP+7weWVdqRAGLPmyWrIUBHbs=
Subject key identifier: 41:42:C9:D3:3B:13:69:14:03:F3:50:E4:A9:87:EB:5E:FB:EC:8D:CA
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018C3AB7D362FEC2891EF279BB2FCFFC88FF
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/QULJ0zsTaRQD81DkqYfrXvvsjco.roa
Signing time: Tue 05 Dec 2023 16:02:54 +0000
ROA not before: Tue 05 Dec 2023 16:02:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29497
IP address blocks: 2a00:1fa1:4e00::/40 maxlen: 40
2a00:1fa1:e00::/40 maxlen: 40
2a00:1fa1::/33 maxlen: 33
Validation: Failed, certificate revoked on Wed 06 Dec 2023 20:28:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:b7:d3:62:fe:c2:89:1e:f2:79:bb:2f:cf:fc:88:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Dec 5 16:02:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4142c9d33b13691403f350e4a987eb5efbec8dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fa:34:85:15:d6:80:f0:38:44:f6:92:e4:49:
69:47:ef:11:b0:78:c9:82:70:05:fc:87:37:b1:36:
af:9e:08:43:0d:94:ed:d3:00:1d:43:73:98:27:6b:
0f:ff:3a:02:2a:cd:55:f6:db:3b:00:99:ea:b3:0b:
bf:45:53:f5:35:4f:78:46:94:6e:50:ae:28:d7:d5:
b7:0f:11:49:72:ec:4e:93:ea:dd:f1:64:d4:0f:5d:
4e:3d:0a:5f:f8:db:e5:b7:78:37:eb:fe:83:e0:dc:
8a:86:14:06:d3:72:1e:b4:35:4a:8d:d5:f6:a1:b8:
bc:18:14:84:4d:1b:b4:ff:5d:d3:d4:57:a4:a5:64:
7a:1c:28:d8:2b:89:2a:9e:4c:a2:de:ea:63:c5:16:
95:78:40:78:f1:fc:02:6f:73:1f:62:b9:8b:5f:95:
9d:24:21:a4:4e:b4:66:e5:f6:2a:dc:10:07:27:a9:
21:09:77:f0:af:48:cb:5e:9d:53:94:bc:14:45:77:
e0:89:a5:42:96:06:5e:1f:11:b4:5f:3b:96:a2:3a:
79:81:89:01:7d:8b:58:f3:f2:d7:71:b2:bf:21:d0:
42:f4:c1:a4:27:3d:88:58:3c:b1:b1:bd:a1:7c:23:
89:f7:16:45:c1:75:f9:3a:4f:88:18:b3:45:c2:9b:
9d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:42:C9:D3:3B:13:69:14:03:F3:50:E4:A9:87:EB:5E:FB:EC:8D:CA
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/QULJ0zsTaRQD81DkqYfrXvvsjco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1fa1::/33
Signature Algorithm: sha256WithRSAEncryption
1a:af:56:0b:cc:c4:3b:15:f1:cf:13:e8:86:6a:f5:fc:0b:37:
30:94:bd:e6:ec:dc:21:f9:bd:62:a3:ef:1d:9a:29:41:63:56:
74:d1:0d:8c:15:03:63:af:2d:cd:03:f6:cc:ac:80:30:ac:f6:
4f:37:a0:4c:d0:b7:1d:c4:ba:61:72:36:1d:98:fa:c1:e4:63:
d8:10:a7:97:cc:92:62:cd:1a:54:ab:48:50:7e:78:8c:04:76:
89:af:25:1c:70:f1:76:22:d7:55:d1:a4:a6:46:64:56:59:0e:
7c:61:9d:c8:98:74:c2:0b:fc:ed:2f:be:08:3a:d3:cf:31:ad:
4f:18:98:c1:82:e6:14:e6:2e:d9:27:a7:50:b3:2b:ef:03:af:
0c:8c:4f:42:43:36:52:c4:a9:5c:c0:5a:91:b5:ba:15:20:47:
57:f5:50:50:36:89:ce:d8:22:1f:3d:e8:bd:17:3a:2d:ae:17:
31:f7:00:01:fb:dc:44:31:2d:ae:3f:de:7a:bc:c4:d2:51:c3:
4e:97:3b:3e:b4:f5:bb:02:23:42:ce:2f:c0:ca:f2:c4:60:f1:
35:a8:b5:98:0b:e8:04:28:9e:84:e0:35:26:1d:6a:b3:af:34:
08:43:62:46:55:20:6e:c0:2e:c2:de:b1:91:5c:09:1c:e7:39:
5e:0d:19:84
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYw6t9Ni/sKJHvJ5uy/P/Ij/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMxMjA1MTYwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQyYzlkMzNiMTM2OTE0MDNmMzUwZTRhOTg3ZWI1ZWZiZWM4ZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvo0hRXWgPA4RPaS5ElpR+8RsHjJ
gnAF/Ic3sTavnghDDZTt0wAdQ3OYJ2sP/zoCKs1V9ts7AJnqswu/RVP1NU94RpRu
UK4o19W3DxFJcuxOk+rd8WTUD11OPQpf+Nvlt3g36/6D4NyKhhQG03IetDVKjdX2
obi8GBSETRu0/13T1FekpWR6HCjYK4kqnkyi3upjxRaVeEB48fwCb3MfYrmLX5Wd
JCGkTrRm5fYq3BAHJ6khCXfwr0jLXp1TlLwURXfgiaVClgZeHxG0XzuWojp5gYkB
fYtY8/LXcbK/IdBC9MGkJz2IWDyxsb2hfCOJ9xZFwXX5Ok+IGLNFwpud6QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEFCydM7E2kUA/NQ5KmH61777I3KMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvUVVMSjB6c1RhUlFEODFEa3FZZnJYdnZzamNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKgAfoQAw
DQYJKoZIhvcNAQELBQADggEBABqvVgvMxDsV8c8T6IZq9fwLNzCUvebs3CH5vWKj
7x2aKUFjVnTRDYwVA2OvLc0D9sysgDCs9k83oEzQtx3EumFyNh2Y+sHkY9gQp5fM
kmLNGlSrSFB+eIwEdomvJRxw8XYi11XRpKZGZFZZDnxhnciYdMIL/O0vvgg6088x
rU8YmMGC5hTmLtknp1CzK+8DrwyMT0JDNlLEqVzAWpG1uhUgR1f1UFA2ic7YIh89
6L0XOi2uFzH3AAH73EQxLa4/3nq8xNJRw06XOz609bsCI0LOL8DK8sRg8TWotZgL
6AQonoTgNSYdarOvNAhDYkZVIG7ALsLesZFcCRznOV4NGYQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:30 2024 by rpki-client on console-ams.rpki-client.org