Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/QQdN42GDyXG0d-N1MbN6WK5-EX0.roa
File: QQdN42GDyXG0d-N1MbN6WK5-EX0.roa (raw, json)
Hash identifier: ychHlIMZ7ADksZdoN48alRvzwXNLhR6Xz/+sCcnOUKI=
Subject key identifier: 41:07:4D:E3:61:83:C9:71:B4:77:E3:75:31:B3:7A:58:AE:7E:11:7D
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 01899429175CE397050C51C3C2BF9C2C9140
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/QQdN42GDyXG0d-N1MbN6WK5-EX0.roa
Signing time: Wed 26 Jul 2023 21:44:28 +0000
ROA not before: Wed 26 Jul 2023 21:44:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 2a07:db80::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 02 Sep 2023 10:21:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:94:29:17:5c:e3:97:05:0c:51:c3:c2:bf:9c:2c:91:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Jul 26 21:44:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41074de36183c971b477e37531b37a58ae7e117d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:90:da:c6:ca:aa:86:c9:52:11:87:05:cc:1c:
23:4d:ff:27:74:32:ce:5a:18:48:6d:eb:ad:45:e7:
41:e4:ef:83:b8:e8:de:1f:86:a4:06:f0:4c:71:6a:
47:fb:b4:21:82:de:f3:6a:43:93:8c:dc:d1:cd:ac:
c6:da:18:f8:57:71:82:54:3b:c6:ea:34:12:ac:ed:
5f:35:6b:09:71:1e:62:65:ea:05:21:b6:62:d8:9a:
c8:c4:29:0d:2c:21:1a:be:74:d9:6c:d3:fc:f8:d0:
f2:e1:bc:24:0a:f3:49:87:fe:8c:fc:cf:fd:00:f5:
22:71:66:2a:bb:bf:92:bc:c3:e4:5c:07:a5:5a:a0:
2b:a9:b5:43:09:1f:21:d8:3c:d2:d4:4c:a4:e7:e2:
d0:4f:c5:ed:07:47:4b:8d:c0:63:c8:9e:48:9b:ef:
e9:6d:13:b9:85:dd:15:b3:9e:7e:5f:f5:5d:df:e9:
56:c4:06:82:b0:6c:68:91:c5:ea:bf:57:8c:f1:9c:
3b:e4:55:c6:19:36:e1:4e:35:4d:f3:5e:0a:73:82:
09:8c:77:48:c1:3f:87:81:67:f2:6e:6c:61:41:dd:
79:50:7b:a6:9e:80:36:2a:d0:6d:01:34:73:05:80:
5d:58:64:3d:e6:08:6a:3e:fc:46:a6:4f:85:46:5d:
d8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:07:4D:E3:61:83:C9:71:B4:77:E3:75:31:B3:7A:58:AE:7E:11:7D
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/QQdN42GDyXG0d-N1MbN6WK5-EX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db80::/32
Signature Algorithm: sha256WithRSAEncryption
a6:2b:e1:d5:10:33:d1:a7:f0:1d:04:69:9d:ea:5b:95:46:29:
e7:8e:52:e9:4f:31:d2:c1:71:36:51:e4:2d:e1:42:2f:bb:1c:
1a:26:32:c9:4f:07:d0:3f:05:60:bf:8f:65:30:97:8a:b0:6d:
83:37:f7:90:ed:b1:fb:e7:93:68:8c:aa:de:10:6c:8e:fd:f9:
40:5e:19:9b:d3:db:4b:c8:3f:76:4f:a6:9a:f7:d4:c7:13:1c:
23:f1:79:7c:c7:17:89:ae:6a:9e:21:8e:94:c0:8e:e2:67:21:
61:d6:29:56:d3:f2:c6:f6:5c:bc:f1:84:86:05:61:db:0a:38:
86:39:60:e8:58:a2:13:af:8c:3a:34:2f:af:68:d8:fe:0d:87:
76:40:30:8a:a2:82:70:4a:a9:0a:95:11:d6:e5:58:4d:34:4f:
c8:16:ec:91:c8:d3:7b:fe:50:fc:f8:30:a9:5e:9a:5c:f3:53:
49:53:39:4b:3d:a0:ee:c5:ee:9d:29:28:0e:a7:ac:90:d7:1c:
d3:20:64:65:20:27:5e:11:57:5c:47:23:5e:5b:73:8a:d2:93:
af:73:f3:65:28:a8:74:89:b9:c8:2c:3f:cb:c0:1e:bc:59:99:
a9:03:13:97:dd:cf:ed:df:de:4c:e1:b1:6d:e6:3e:d9:08:89:
82:ea:3f:9d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYmUKRdc45cFDFHDwr+cLJFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMwNzI2MjE0NDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTA3NGRlMzYxODNjOTcxYjQ3N2UzNzUzMWIzN2E1OGFlN2UxMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5DaxsqqhslSEYcFzBwjTf8ndDLO
WhhIbeutRedB5O+DuOjeH4akBvBMcWpH+7Qhgt7zakOTjNzRzazG2hj4V3GCVDvG
6jQSrO1fNWsJcR5iZeoFIbZi2JrIxCkNLCEavnTZbNP8+NDy4bwkCvNJh/6M/M/9
APUicWYqu7+SvMPkXAelWqArqbVDCR8h2DzS1Eyk5+LQT8XtB0dLjcBjyJ5Im+/p
bRO5hd0Vs55+X/Vd3+lWxAaCsGxokcXqv1eM8Zw75FXGGTbhTjVN814Kc4IJjHdI
wT+HgWfybmxhQd15UHumnoA2KtBtATRzBYBdWGQ95ghqPvxGpk+FRl3YywIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEEHTeNhg8lxtHfjdTGzeliufhF9MB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvUVFkTjQyR0R5WEcwZC1OMU1iTjZXSzUtRVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfbgDAN
BgkqhkiG9w0BAQsFAAOCAQEApivh1RAz0afwHQRpnepblUYp545S6U8x0sFxNlHk
LeFCL7scGiYyyU8H0D8FYL+PZTCXirBtgzf3kO2x++eTaIyq3hBsjv35QF4Zm9Pb
S8g/dk+mmvfUxxMcI/F5fMcXia5qniGOlMCO4mchYdYpVtPyxvZcvPGEhgVh2wo4
hjlg6FiiE6+MOjQvr2jY/g2HdkAwiqKCcEqpCpUR1uVYTTRPyBbskcjTe/5Q/Pgw
qV6aXPNTSVM5Sz2g7sXunSkoDqeskNcc0yBkZSAnXhFXXEcjXltzitKTr3PzZSio
dIm5yCw/y8AevFmZqQMTl93P7d/eTOGxbeY+2QiJguo/nQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org