Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/QfhJqviS4mtef5RBk46_r4cbn90.roa
File: QfhJqviS4mtef5RBk46_r4cbn90.roa (raw, json)
Hash identifier: NA4gOhj0og7f7LplRMwkp+EX3yti5+nQf1d/ohN14Ao=
Subject key identifier: 41:F8:49:AA:F8:92:E2:6B:5E:7F:94:41:93:8E:BF:AF:87:1B:9F:DD
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 0186E28DC767E205865B6CC6069632FEC633
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/QfhJqviS4mtef5RBk46_r4cbn90.roa
Signing time: Tue 14 Mar 2023 23:56:27 +0000
ROA not before: Tue 14 Mar 2023 23:56:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62904
IP address blocks: 2a0b:7140:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e2:8d:c7:67:e2:05:86:5b:6c:c6:06:96:32:fe:c6:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Mar 14 23:56:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41f849aaf892e26b5e7f9441938ebfaf871b9fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:63:a2:16:ba:58:2b:99:d5:67:8e:4d:fc:3a:
7f:e1:64:74:01:b0:39:46:92:75:31:0b:be:33:0c:
2e:e1:44:d2:be:21:3f:a9:e1:91:88:fc:72:c8:87:
76:d3:47:4a:3a:4b:e1:c6:9e:dc:06:1d:3f:cf:e8:
e2:ad:3f:d7:54:b6:b3:c0:07:e4:ad:2c:4f:49:c4:
2c:17:e4:0e:d0:48:50:b2:69:74:d7:15:e9:e8:0e:
5c:3a:c0:05:3f:de:25:4d:45:e4:60:10:2c:dc:34:
0c:76:3d:da:2c:4f:bc:91:f3:33:11:62:ac:35:fb:
a5:7d:51:20:4a:e8:d1:f7:f2:f9:6f:8d:31:38:c6:
16:88:2a:8b:4d:8e:9e:66:50:d9:2c:95:73:8e:83:
19:59:6d:34:36:72:11:95:d4:29:81:36:5a:cd:5a:
b2:27:7f:d2:5b:e8:b2:82:a6:bb:fb:18:68:91:24:
6e:75:42:5c:0d:eb:fa:57:90:a2:15:cf:89:a0:ff:
18:43:b4:5e:44:fc:78:d4:db:2b:27:c8:23:cc:f7:
f1:6e:56:db:23:77:1b:95:fe:1f:78:ad:d0:b5:4a:
b1:d1:12:43:a2:39:2e:45:83:75:63:fa:12:6e:37:
d3:35:c4:03:63:c8:ec:b9:94:f8:92:28:42:41:6b:
fb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F8:49:AA:F8:92:E2:6B:5E:7F:94:41:93:8E:BF:AF:87:1B:9F:DD
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/QfhJqviS4mtef5RBk46_r4cbn90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:7140:8::/48
Signature Algorithm: sha256WithRSAEncryption
32:20:42:a2:84:e4:0e:16:6f:1d:35:07:8d:aa:f4:9b:38:ac:
e3:03:55:70:b5:48:ac:0c:78:af:7a:aa:9e:fe:38:54:c6:1e:
99:a6:36:b8:ce:64:6e:b0:7d:c7:17:3d:65:db:74:5e:bd:e0:
59:38:85:63:d4:57:2d:8f:a4:a7:90:4b:22:7e:9b:fd:87:c5:
f1:cb:e8:0f:0f:26:b8:c7:3b:4b:e3:82:44:27:5d:53:bb:3c:
44:7b:b9:e1:60:a6:6c:8f:42:ac:70:fc:e8:28:54:40:18:4a:
9d:bf:fb:8f:65:85:cc:55:e7:71:99:2c:28:aa:06:ff:a3:dc:
3b:91:26:02:65:1b:88:e8:24:10:e9:ca:ec:1c:76:74:f0:49:
68:77:6c:b5:67:70:39:32:9a:4f:92:fb:90:53:db:ee:44:85:
1a:ad:dc:11:ee:ac:c0:7a:36:92:6c:8d:b1:07:66:bd:e1:1f:
5d:1a:9b:03:e5:9f:f3:51:7c:be:74:ba:42:07:7f:69:65:ce:
f3:b5:53:14:e6:93:00:7b:e0:10:5a:12:3d:a9:ce:00:40:e3:
71:a6:f5:78:bc:6b:5e:d8:8f:c2:a3:71:05:b4:78:31:ca:26:
79:46:5e:4a:cc:da:28:ac:25:34:51:16:e9:a0:d9:ce:06:ee:
37:b6:81:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYbijcdn4gWGW2zGBpYy/sYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjMwMzE0MjM1NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWY4NDlhYWY4OTJlMjZiNWU3Zjk0NDE5MzhlYmZhZjg3MWI5ZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGOiFrpYK5nVZ45N/Dp/4WR0AbA5
RpJ1MQu+Mwwu4UTSviE/qeGRiPxyyId200dKOkvhxp7cBh0/z+jirT/XVLazwAfk
rSxPScQsF+QO0EhQsml01xXp6A5cOsAFP94lTUXkYBAs3DQMdj3aLE+8kfMzEWKs
NfulfVEgSujR9/L5b40xOMYWiCqLTY6eZlDZLJVzjoMZWW00NnIRldQpgTZazVqy
J3/SW+iygqa7+xhokSRudUJcDev6V5CiFc+JoP8YQ7ReRPx41NsrJ8gjzPfxblbb
I3cblf4feK3QtUqx0RJDojkuRYN1Y/oSbjfTNcQDY8jsuZT4kihCQWv7AQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEH4Sar4kuJrXn+UQZOOv6+HG5/dMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvUWZoSnF2aVM0bXRlZjVSQms0Nl9yNGNibjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgtxQAAI
MA0GCSqGSIb3DQEBCwUAA4IBAQAyIEKihOQOFm8dNQeNqvSbOKzjA1VwtUisDHiv
eqqe/jhUxh6Zpja4zmRusH3HFz1l23ReveBZOIVj1Fctj6SnkEsifpv9h8Xxy+gP
Dya4xztL44JEJ11TuzxEe7nhYKZsj0KscPzoKFRAGEqdv/uPZYXMVedxmSwoqgb/
o9w7kSYCZRuI6CQQ6crsHHZ08Elod2y1Z3A5MppPkvuQU9vuRIUardwR7qzAejaS
bI2xB2a94R9dGpsD5Z/zUXy+dLpCB39pZc7ztVMU5pMAe+AQWhI9qc4AQONxpvV4
vGte2I/Co3EFtHgxyiZ5Rl5KzNoorCU0URbpoNnOBu43toGq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org